This Page

has been moved to new address

The eDiscovery Paradigm Shift

Sorry for inconvenience...

Redirection provided by Blogger to WordPress Migration Service
----------------------------------------------------- Blogger Template Style Name: Snapshot: Madder Designer: Dave Shea URL: mezzoblue.com / brightcreative.com Date: 27 Feb 2004 ------------------------------------------------------ */ /* -- basic html elements -- */ body {padding: 0; margin: 0; font: 75% Helvetica, Arial, sans-serif; color: #474B4E; background: #fff; text-align: center;} a {color: #DD6599; font-weight: bold; text-decoration: none;} a:visited {color: #D6A0B6;} a:hover {text-decoration: underline; color: #FD0570;} h1 {margin: 0; color: #7B8186; font-size: 1.5em; text-transform: lowercase;} h1 a {color: #7B8186;} h2, #comments h4 {font-size: 1em; margin: 2em 0 0 0; color: #7B8186; background: transparent url(http://www.blogblog.com/snapshot/bg-header1.gif) bottom right no-repeat; padding-bottom: 2px;} @media all { h3 { font-size: 1em; margin: 2em 0 0 0; background: transparent url(http://www.blogblog.com/snapshot/bg-header1.gif) bottom right no-repeat; padding-bottom: 2px; } } @media handheld { h3 { background:none; } } h4, h5 {font-size: 0.9em; text-transform: lowercase; letter-spacing: 2px;} h5 {color: #7B8186;} h6 {font-size: 0.8em; text-transform: uppercase; letter-spacing: 2px;} p {margin: 0 0 1em 0;} img, form {border: 0; margin: 0;} /* -- layout -- */ @media all { #content { width: 700px; margin: 0 auto; text-align: left; background: #fff url(http://www.blogblog.com/snapshot/bg-body.gif) 0 0 repeat-y;} } #header { background: #D8DADC url(http://www.blogblog.com/snapshot/bg-headerdiv.gif) 0 0 repeat-y; } #header div { background: transparent url(http://www.blogblog.com/snapshot/header-01.gif) bottom left no-repeat; } #main { line-height: 1.4; float: left; padding: 10px 12px; border-top: solid 1px #fff; width: 428px; /* Tantek hack - http://www.tantek.com/CSS/Examples/boxmodelhack.html */ voice-family: "\"}\""; voice-family: inherit; width: 404px; } } @media handheld { #content { width: 90%; } #header { background: #D8DADC; } #header div { background: none; } #main { float: none; width: 100%; } } /* IE5 hack */ #main {} @media all { #sidebar { margin-left: 428px; border-top: solid 1px #fff; padding: 4px 0 0 7px; background: #fff url(http://www.blogblog.com/snapshot/bg-sidebar.gif) 1px 0 no-repeat; } #footer { clear: both; background: #E9EAEB url(http://www.blogblog.com/snapshot/bg-footer.gif) bottom left no-repeat; border-top: solid 1px #fff; } } @media handheld { #sidebar { margin: 0 0 0 0; background: #fff; } #footer { background: #E9EAEB; } } /* -- header style -- */ #header h1 {padding: 12px 0 92px 4px; width: 557px; line-height: 1;} /* -- content area style -- */ #main {line-height: 1.4;} h3.post-title {font-size: 1.2em; margin-bottom: 0;} h3.post-title a {color: #C4663B;} .post {clear: both; margin-bottom: 4em;} .post-footer em {color: #B4BABE; font-style: normal; float: left;} .post-footer .comment-link {float: right;} #main img {border: solid 1px #E3E4E4; padding: 2px; background: #fff;} .deleted-comment {font-style:italic;color:gray;} /* -- sidebar style -- */ @media all { #sidebar #description { border: solid 1px #F3B89D; padding: 10px 17px; color: #C4663B; background: #FFD1BC url(http://www.blogblog.com/snapshot/bg-profile.gif); font-size: 1.2em; font-weight: bold; line-height: 0.9; margin: 0 0 0 -6px; } } @media handheld { #sidebar #description { background: #FFD1BC; } } #sidebar h2 {font-size: 1.3em; margin: 1.3em 0 0.5em 0;} #sidebar dl {margin: 0 0 10px 0;} #sidebar ul {list-style: none; margin: 0; padding: 0;} #sidebar li {padding-bottom: 5px; line-height: 0.9;} #profile-container {color: #7B8186;} #profile-container img {border: solid 1px #7C78B5; padding: 4px 4px 8px 4px; margin: 0 10px 1em 0; float: left;} .archive-list {margin-bottom: 2em;} #powered-by {margin: 10px auto 20px auto;} /* -- sidebar style -- */ #footer p {margin: 0; padding: 12px 8px; font-size: 0.9em;} #footer hr {display: none;} /* Feeds ----------------------------------------------- */ #blogfeeds { } #postfeeds { }

Thursday, July 22, 2010

Records Management and Early Case Assessment (ECA)

I was stunned beyond words this past week after a discussion an Assistant General Counsel for a Fortune 1000 company.  We were discussing their eDiscovery operations and whether or not it made economic and/or business sense to bring any of it in-house as other Global 5000 companies are planning and/or already doing.  Historically, when they required data to be found, processed, analyzed and produced, they relied 100% on outside counsel to “get the job done”.  I have not talked to their outside counsel and therefore I don’t know how they accomplish the task of eDiscovery.  However, I do know that the AGC thought that is was costing the company about $1,000 per GB plus document review costs (please note that recent studies have indicated that document review costs are 70% of the total cost of eDiscovery and therefore the actual cost for this organization is $3,333 per GB).   When I related this statistic to him, he thought that seemed a bit high but thought that it might actually be about right (my immediate internal and non verbalized response was that I am in the wrong business).  I told him that I thought that it might make sense to at least investigate the economic/business impact of bring an Early Case Assessment (ECA) tool in house like Clearwell and he agreed that he was interested.  I then said that we could probably have the most impact if we also investigated what his Information Technology (IT) department had in place for records management and whether or not they could utilize and/or integrate with the current IT infrastructure.  He thought that was an “interesting” idea.  However, he had never talked with anyone in the IT department and therefore had no idea what they had or how they could help address his departments needs.  He setup a call with a direct report to the Chief Information Officer (CIO), made the introduction and asked that I handle the call myself as he wasn’t comfortable with “technical discussions”.   I spent about an hour on a conference call with the Director of Records Management and found out that they had a very sophisticated Records Management infrastructure in place but had never been asked to include the Legal Department in discussions and therefore was wasn’t even sure what “happened over there”.  All he really knew was that his group got legal hold requests via email all of the time for the outside counsel to “hold data” and that periodically a couple of different third party computer forensics and collection group appeared and “collected data”. When asked if his group could provide that same information he indicated that he actually fulfilled very similar requests for the Governance, Risk and Compliance (GRC) department. And, he thought that it would be farily straight forward to provide information for the Legal Department.  However, he had always been warned that there were all kinds of potentiallyl dangerous (to his career) issues with getting involved in the "legal process" and therefore upon the recomendation of the CIO, they have never asked to help.

I plan to get these two groups together over the next couple of weeks and figure out how to get them to utilize the same infrastructure.  I would bet that I am going to get resistance from outside counsel.  Further, I am also going to introduce the concept of automated legal hold.  I will report on this experience when appropriate.

Upon further reflection of this situation, I was reminded of a Gartner report by Kenneth Chin that came out September 9, 2009 titled, “MarketScope for Records Management” in which Mr. Chin predicted that “By 2013, 50% of all Global 2000 companies will implement enterprise wide records management solutions. By 2013, records management will be pervasive and will extend beyond existing content repositories into file stores, archive repositories and business applications. By 2013, discovery support will be a core capability for records management solutions.”

The Introductory Overview from the Gartner Report is as follows:

What You Need to Know
Records management has become an important initiative for many organizations as government regulations, changes to the rules governing legal discovery, and freedom of information legislation in different countries have all begun to be felt. Demand for records management solutions continues to grow, as the technology is imperative if an organization is to effectively implement an enterprisewide records management program. The worldwide records management market was worth approximately $460 million in software license and maintenance revenue in 2008, an increase of 15% from 2007. Market penetration for records management is still in its early stages with approximately 35% of organizations having implemented this technology. Records management products are also evolving, as broader retention management requirements grow and there is a need to manage content throughout its entire life cycle. While software as a service (SaaS) and open-source records management have not been significant up to this point, Gartner expects that these alternative delivery options for records management will emerge during the next two years. As emerging consumer and social software tools like wikis, blogs and Twitter are adopted at an enterprise level, this additional content may also need to be managed as records. When considering records management, organizations should:
  • Identify the specific business objectives for their records management initiative and select the right vendor, as a records management program requires a long-term commitment and the product needs to be compatible with the organization's content management strategy.
  • Assess the records management product's capabilities to integrate and extend records retention policy into other content repositories, e-mail systems, document archives and file stores, as well as its search and legal discovery capabilities.
  • Consider records management products with capabilities to support multiple content types and media — physical records, which may be in distributed record centers; electronic documents, which may reside in multiple repositories; and e-mail, which may exist in both the e-mail system and e-mail archives.
  • Consider the records management product's certification under country- and regional-level standards such as Department of Defense (DoD) Directive 5015.2-STD, Model Requirements for the Management of Electronic Records (MoReq) and Victorian Electronic Records Strategy (VERS)
MarketScope Information management leaders, compliance officers, legal counsel and records managers are working on records management projects that involve managing business document retention and preservation. A good records management initiative includes people, processes and technology. Industry and government regulations have helped lead or even necessitate records management adoption, but e-discovery as well as the need for more effective control of vast information stores in the enterprise have become even more important drivers. While highly regulated industries, such as financial services, utilities and pharmaceuticals, have always had record retention requirements, changes in government regulations have impacted companies across a broader range of industries. Freedom of information legislation, which has proliferated on a global scale, has also increased the need in government organizations to implement records management initiatives, in order to properly retain appropriate documents so they can be produced as requested. Despite today's challenging economic environment, the need for transparency and accountability in government agencies continues to drive the adoption of records management.

Records management systems have evolved from little more than the creation of indexes and tracking mechanisms for the preservation of paper documents to the preservation of electronic documents. As the range of digital content types continues to grow, electronic records management systems should now include mechanisms for dealing with audio, video and Web content. The emergence of wikis, blogs and social networking platforms also requires policies and approaches for retention of user-generated content. E-mail has proved to be especially problematic when it comes to maintaining business records. While e-mail active archiving systems support role-based and event-based retention, records management is still needed for those e-mails that must be retained as records.

Many records management products are integral components of enterprise content management (ECM) suites and will require additional software licenses. The ability to integrate and declare documents from ECM applications should be a prerequisite for records management products. Integration with Microsoft Office is also important, because much of the creation of future business records occurs in this information worker environment. As e-mail and instant messaging are now staples of conducting business, records management products must also be able to integrate with these infrastructure applications. Records management vendors are also emphasizing increased integration with e-mail active archiving, compliance and e-discovery applications. As the diversity of applications and content repositories expands, policy-driven records management, allowing for the automatic classification of records, will become the preferred choice.
Standards have been established in many countries to provide local requirements for records management. These standards include how different record types should be managed, rules for metadata creation, security definitions and implementation guidelines. Many of these standards have released their second versions. Key records management standards include:
  • DoD Directive 5015.2-STD — A U.S. standard and certification for records management developed by the Department of Defense. The DoD 5015.2-STD version 2 standard includes a Chapter 2 version and a Chapter 4 version, which detail additional security and classification requirements. The latest version, which records management vendors are now being certified for, is DoD 5015.2-STD version 3.
  • MoReq2 — The European Model Requirements for the Management of Electronic Records is a European standard for records management functionality and deployment. The goal of MoReq is to subsume individual national records management standards in the European community. MoReq2, the latest version developed and released in February 2008, is more comprehensive in terms of testing, governance and functionality. Certification and testing of MoReq2 for records management products is just beginning, and as MoReq2 becomes more formalized, we believe that it will serve as a key records management standard.
  • TNA2 — TNA2 is a U.K. standard and certification published by The National Archives. Its requirements reflect the legislation and standards for information management and include aspects of ISO 15489, MoReq, e-government and freedom of information. TNA-approved records management products meet compliance with the standards but no certification process is used.
  • Document Management and Electronic Archiving (DOMEA) — A German strategy and standard for records management and document management in government agencies. It has seen limited compliance and adoption by records management vendors.
  • VERS 2 — The Victorian Electronic Records Strategy is a framework of standards and implementation with the goal of reliably and authentically archiving electronic records created or managed by the Victorian government in Australia. This standard has become the de facto standard for records management projects in Australia.
  • Information & Documentation on Records Management Guidelines (ISO 15489) — The first international standard for the implementation of records management. It defines how records should be created, captured and managed, including policies and processes. Many national records management standards include elements of ISO 15489.
These standards can be used as a foundation and guideline for the evaluation and implementation of records management products. The DoD 5015.2 standard is well-established and is the only one that has a formal certification process. It is the de facto benchmark for records management products and acts as certification for essential product functionality. Gartner recommends that enterprises use the DoD 5015.2 STD 2007, version 3 standard as a key requirement when acquiring any records management product, along with consideration of local standards.

Labels: , , , , , , ,