Assessing your corporate capability to respond effectively to investigations and eDiscovery events.
In an earlier post, I introduced Discovery Risk Mitigation, our structured journey-based approach to helping organisations reduce their exposure to the risks inherent within the ever-expanding data and governance landscapes in which we now work.
Having understood why preparedness is a good thing (and I’m going to assume that anyone reading this far has bought into that premise!), I suggested the next stage would be to take a cold, hard look at your current situation and state of readiness across the entire spectrum of the Electronic Discovery Reference Model (EDRM). Or, in laypersons’ terms, assessing how effectively you can address each part of the process. When considering capability, it would be quite easy to assume it’s simply a question of understanding what software solutions you might use. And perhaps whether you perform the exercise in-house, or just outsource the whole task to a law firm or other legal service provider. But to do so would be remiss and frankly, just scratching the surface. Remember that the EDRM spans more than purely the reactive stages of an investigation.
Increasingly, it is being recognised that good Information Governance will play a significant part in assisting organisations in responding effectively. I would go as far as to say that it provides the cornerstone of an effective response strategy and directly enhances the ability to identify, preserve and collect potentially responsive content, way before review or even Early Data and Early Case Assessment takes place.
So, what are the key considerations in assessing how effective you might be?
Information Governance is a subject in its own right, and as was suggested in the last post, it’s more a question of where you are on a continuum, with a medium to long term approach to improvement. Quite aside from understanding the regulations that govern your business and the immediate issues of being able to locate, qualify and quantify your data physically, the kind of questions that you should be asking yourself might relate to corporate retention (or disposition) policies and the extent to which you are able to classify and categorise content. In addition to more effective eDiscovery, being able to intelligently analyse your data estate will ultimately assist in a multitude of ways, such as improved assignment of retention policies, better classification and application of privacy and security controls.
Identification, Preservation and Collection are all inextricably linked and clearly benefit from improved Information Governance. Once a suspicion or investigation surfaces, how able are you to systematically assess the known facts of the case, identify persons of interest and target your efforts based on the degree of likely importance (or vulnerability) of any potential evidence source? And having done so, then defensively preserve and prevent spoliation of evidence, in line with your preservation duties, to establish a robust chain of evidence? Once potentially relevant material is preserved, can it be collected in an equally defensible and repeatable manner, ensuring that you neither under, nor over-collect (both being potentially equally expensive in their own ways)?
Processing is perhaps where most people would historically focus their assessment of capability. Do I have the capability from a technology perspective to start analysing and reviewing the evidence? Although technology can be very helpful in churning through massive volumes of data, it is not necessarily the silver bullet that makes the problem go away! Hopefully, you can see that preparedness in the earlier stages, can help minimise the volumes of data that get anywhere near an eDiscovery solution, which has to be a good thing from both cost and time perspectives. But having accepted the inevitability that you will end up ingesting far more data than ultimately ends up being responsive, the capabilities you should be assessing are to what extent you can leverage smart technologies to assist with Early Data Assessment, culling the irrelevant and focussing the investigation where it matters.
Analysis is the logical next step which should also feed your Early Case Assessment process. How effectively and reliably can you identify that which is relevant to the matter and cull the rest, with confidence that you’re not discarding critical evidence? At Salient, we believe this is a vital part of the process and one which is often poorly executed, resulting in the review of excessive volumes. But, again, review is about more than the technology at play, and organisations need to consider their methodologies, which ideally should be consistent and repeatable, as well as strategies, which will vary case by case. And of course, don’t forget assessing your ability to measure progress and costs throughout!
Production and conclusion of the process are perhaps less exciting, but in the case of production, being able to present the findings of your investigation in a court-ready format is an essential requirement, so you should also assess your capability from this perspective. Generally, eDiscovery platforms and service providers will satisfy this need, but if you undertake this in-house, ensuring you can meet the full requirement is important, as well as using such techniques as redaction to ensure you don’t disclose more than you might need. The conclusion of the process is also often overlooked but should be thought of as ‘squaring the circle’ from an Information Governance perspective. Can case material be recovered if needs be, and if so, where is it, and how is it protected to make it defensible? The archive and retention of historic case material should be as equal a consideration as how data is managed in general.
There are many considerations in assessing your maturity, but if you’d like to find out how Salient can guide you through such a maturity assessment, click here to find out more or register your interest.