Despite the penalties for inadequate e-discovery capabilities, many firms still are challenged to establish effective programs.By Melanie Rodier
A year and a half after amendments to the Federal Rules of Civil Procedure (FRCP) ushered in critical new e-discovery obligations for parties to lawsuits in federal court, Wall Street firms still are scrambling to come to grips with the e-discovery burden.
"I would have thought corporations would have recognized and responded much more quickly to the new amendments, get their papers in order and have a litigation plan ready," relates Hope Haslam, director of consulting services at Epiq Systems, a provider of integrated technology products and services for legal proceedings. "But that's not happening as often as I would have hoped."
Legal counsel, Haslam adds, can be intimidated by the technology needed to recover documents in an e-discovery case, and as such may not encourage firms to engage in the process. "There's a possibility that they don't want to go to their fellow executives and say, 'We need help,'" she contends.
Following the FRCP amendments, businesses must have clear policies on data retention so that they can easily identify what data is applicable to a discovery motion. They also must address e-discovery issues -- including preserving discoverable data, developing a plan for producing the data within a reasonable amount of time and determining the format in which the data will be handed over -- upon the filing of a case. When a company cannot produce data subject to discovery, regulators can slap them with huge fines -- as Morgan Stanley and UBS, among others, have found out in what emerged as landmark e-discovery cases in the securities industry.
Nevertheless, Haslam asserts, with the exception of publicly traded companies, many corporations don't have adequate e-discovery procedures in place and are playing Russian roulette -- they're just hoping they won't get sued, she says. "This is because the e-discovery requirements talk about how you don't have to be prepared until litigation is anticipated," Haslam explains.
Some experts say firms underestimated the impact of e-discovery regulations. "When the rules came into effect, some wondered if it was going to be another Y2K issue and much ado about nothing without any tangible results," says John Patzakis, chief strategy officer at e-discovery vendor Guidance Software. "But this proved not to be the case."
One of the main e-discovery problems with which firms have been grappling is skyrocketing data volumes. According to a study by The Radicati Group, in 2007 a typical corporate e-mail account was expected to generate around 4.3 gigabytes (GB) of electronic data. The number is forecast to grow to 6.7 GB per year by 2011.
One executive at a top buy-side firm on Wall Street with expertise in the area, speaking on condition of anonymity, says things are only going to get worse as people find new messaging streams. "You can't limit the data, but you can have technology to cull data and search through it," he says.
According to Lisa Walkush, managing director at SMART Business Advisory and Consulting, increasing data volumes make it even more critical for firms to have strong records management policies in place. "Companies really need to understand where their data resides and have really good retention policies," she adds. "And when the record-retention time frame is up, you want to get rid of it. So someone needs to be managing record policies."
A Standardized Process
So what are the best practices for companies that want to effectively manage e-discovery requirements in the most cost-effective manner? First, companies must create a repeatable and standardized data lifecycle management process, according to experts.
"You have to build an internal process and figure out where your data is, where to find it, how much it costs to find, to collect, process and review it," says the buy-side executive. "You need to be able to say, 'This is how we as a firm collect our data and this is our process.'"
Epiq's Haslam says it is essential during the review process for key data mapping decisions to be made at the beginning. "You really have to understand where all the data is located, particularly if it's a national or international company," she comments. "You need to know where all your data servers and laptops are, and what your backup policies are -- how you're storing tapes, backing up tapes. You also have to make sure decisions on preserving data are reasonable."
To gather all this information, collaboration among IT and the legal department is critical. "Courts are instructing IT and legal to work together," says Guidance Software's Patzakis. "You can't really establish a process unless that happens."
E-discovery teams also should include representatives from the risk management and operations departments, as well as human resources, according to Epiq's Haslam. "People ... are often intimidated and scared about retaining and deleting data," Haslam says. "So when litigation has occurred and you begin the process of identifying custodians of data, some of these people could be implicated. HR needs to be able to manage or at least monitor communications, and to make sure no laws are broken."
Haslam notes that most corporations already have e-archival policies in place. "They are preserving e-mail -- according to administrative regulations, they are beholden to for five, seven or nine years," she says.
But records management policies should be documented and communicated so that employees can understand when they can delete e-mail, she adds. "That way they are certain to be careful not to do it before the required time period, and then to delete them as fast as possible, for both storage and risk management reasons," Haslam explains. >more
No comments:
Post a Comment