publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/1161254
I L T A W H I T E P A P E R | L I T I G A T I O N A N D P R A C T I C E S U P P O R T 7 Create a mechanism for monitoring locations that may contain client data: you can't enforce a retention policy if you can't track the data on your systems. Ideally you should be able to easily find all data for any matter, and for any data that you do find, you should be able to easily identify what matter it's associated with. Audit the system and storage locations to ensure that policies are being adhered to. If a user isn't adhering to the policies, speak with that user to determine if they have a valid reason for the deviation and update the policy if so. The sources of client data and the requirements for handling it in litigation support are constantly changing. Make sure that your best practices governing that data are appropriate for the needs of the people using it while still allowing for successful management of the data at when the matter closes. ILTA 6 7 category may have different retention requirements. This document focuses on the latter two, particularly in the context of electronic discovery. Best Practices: Best practices for retention or destruction of client data when a matter closes should be flexible enough to meet the challenges noted above without overly interfering with the people using it. These are guidelines and recommendations to consider when establishing or refining your own: Do not put copies of the original or processed files into document-management systems. The systems may modify the metadata of the original files, and they might not be scaled for handling the large number or volume of files. Work closely with the attorneys, analysts, and technicians who actively use or process the data to understand how they're using it. For example, do they make local copies of productions for quality-control because performing QC across the network is too slow? In that case, you could adjust the best practices to encompass that usage if the underlying systems couldn't be changed. If you have people doing custom work with the data, give them extra attention. Make sure you understand how they're using the data and develop appropriate protocols. They may have 1 2 3 their own systems that cannot be easily monitored externally, are more likely to aggregate or otherwise transform data, and may need to police themselves more actively. End-users may need to deviate from the standard policies for a specific task. Try to define policies for dealing with data handled outside the normal process. Data added to those locations should be deleted as soon as possible after the intended need. Some storage locations may include content with different retention requirements, e.g. a database that contains file that are part of the client file, processed data, and intermediate data. When a matter closes, it will typically be easier to apply the most restrictive retention policy rather that delete specific portions of the data. (This may not be possible under all circumstances, e.g. when receiving a purge request for 3rd-party data.) 4 5 C A S E C L O S U R E , B E S T P R A C T I C E S , P A R T 1 ( L I T I G A T I O N ) Steven Gwost Steven Gwost has been solving technical puzzles in eDiscovery since 2006. He wrangles data and creates custom insights into it so you can focus on the stories therein. He can be reached online at https://www.linkedin.com/in/steven-gwost