publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/518940
ILTA WHITE PAPER: MAY 2015 WWW.ILTANET.ORG 14 FOUR PRINCIPLES OF RESPONSIBLE E-DISCOVERY DATA MANAGEMENT THE FOUR PRINCIPLES ARMA has developed a set of eight recordkeeping principles. Four relate to managing your client's e-discovery data. PRINCIPLE OF INTEGRITY: "An information governance program shall be constructed so the records and information generated or managed by or for the organization have a reasonable and suitable guarantee of authenticity and reliability." Law firms must preserve client evidence so it is not altered. Limiting the number of locations where you store data and making sure client data cannot be inadvertently accessed will help you keep the data pristine and protected. Keep client data away from systems that automatically alter metadata, such as a DMS or metadata scrubbers. Developing an intake process for client data — tracking the information received and storage location in a database — will provide better overall management. Upon receipt of client media, assign an asset number to the media and keep a record of information, including date of receipt, type of media, general description of contents, original source of the media and associated client matter number. If the information is received electronically, consider copying the electronically stored information (ESI) to media and assigning an asset tag, noting the original delivery method. Establish IG for Client ESI Stored in Your Firm Use the following policies and programs to help you establish information governance for client ESI stored in your firm: • Data Map: Work with internal IT staff to identify data storage locations and work to store client ESI for litigation in a single centralized repository that requires a username and password to access. • Data Management: Develop a system for tracking client data that comes into your firm, including when and what is received, and storage location. Use forensic methods to protect the metadata for client documents. Always create a working copy and maintain the originally received data in a pristine format. • Departing Employees: Draft a questionnaire for departing litigation attorneys and staff to identify potential sources of client data you can transfer or destroy. Have a system in place to revoke access to databases for users leaving a project or your firm. • Encryption: Even if you don't have a firmwide encryption policy, establish a policy in your litigation support group that requires encryption of client data whenever they are being transmitted outside the firm. • Mobile Access: Develop policies or procedures in place to protect the client data while also enabling your attorneys to work in a mobile environment. • Legal Hold: Have an internal process for issuing internal legal holds and for releasing the holds regularly. • Vendor Management: If using e-discovery vendors or other third parties to support the discovery process, clearly understand how they are handling and retaining your client data, and what your options are for disposition of the client data at the conclusion of the matter.