Cloudy Forecast for eDiscovery

The Cloud and social media are hot topics in the tech world. However, a recent study carried out by the eDJ Group last fall indicates that neither have gained widespread adoption within corporations.

It is widely expected that cloud computing and social media will have a significant impact on the way e-discovery is conducted. However, the study showed that it’s not high on corporate IT’s radar quite yet. In fact, it was found that:

• Less than 16% of respondents put an e-discovery plan into place before moving data into the Cloud
• About 26% did not put a plan in place
• A whopping 58% didn’t know if e-discovery was considered when data was moved to the Cloud (which probably means it wasn’t considered)

While the number of players in this area is still quite low, this report should be a wakeup call that organizations need to consider e-discovery in conjunction with the adoption of new technologies.

Wortzman Nickle can help you navigate through the ocean of new technologies and their impact on e-discovery and records management.

Effective Records Management – Part 4 – Ensuring Adoption and Compliance of RM Policy

The following five tips can help ensure that a records management program achieves its goals:

1. Records Management is Everyone’s Role: the volume and diversity of business records, from emails to reports to tweets, means that the person who creates or receives a records is in the best to classify it. Everyone in the organization needs to adopt the records management programme.

2. Don’t Micro-Classify: having hundreds, or possibly thousands of records classification categories may seem like a logical way to organize the multitude of different records in a company. However, the average information worker, whose available resources are already under pressure, does not want to spend any more time than necessary classifying records. Have a few, broad classifications makes the decision process simpler and faster.

3. Talk the talk from the top on down: A culture of compliance starts at the top. Businesses should establish a senior-level steering committee comprised of executives from legal, compliance, and information technology (IT). A committee like this signals the company’s commitment to compliant records management and ensures enterprise adoption.

4. Walk the walk, consistently: For compliance to become second nature, it needs to be clearly communicated to everyone in the organization, and policies and procedures must be accessible. Training should be rigorous and easily available, and organizations may consider rewarding compliance through financial incentives, promotions and corporate-wide recognition.

5. Measure the measurable: The ability to measure adherence to policy and adoption of procedures should be included in core business operations and audits. Conduct a compliance assessment, including a gap analysis, at least once a year, and prepare an action plan to close any identified holes.

The growth of data challenges a company’s ability to use and store its records in a compliant and cost-effective manner. Contrary to current practices, the solution is not to hire more vendors or to adopt multiple technologies. The key to compliance is consistency, with a unified enterprise-wide approach for managing all records, regardless of their format or location.

Effective Records Management – Part 3 – Developing and Implementing an Enterprise Records Management Program

Controlling information starts by distinguishing records from non-records. In records management parlance, this is the distinction between records that companies send to the file room versus ones they throw away. Several studies estimate that most organizations can destroy as much as two of every three documents that they currently store. Studies also indicate that, apart from retaining too many records, organizations retain those records in multiple copies, further increasing the volume of stored information.

This tendency to save everything hampers an organization’s ability to properly manage those records that should be kept. Timely disposition of expired records ensures that information that should have been destroyed will not be swept up in a wide reaching legal discovery exercise during litigation or compliance exercises. Thus, de-duplication and timely disposition reduces potential liability risk while lowering operational costs, thereby benefiting the organization twofold.

Once business records are separated from disposable non-records and only one copy is maintained, they need to be classified for filing and applying retention periods. Retention schedules are determined by legal, compliance and operating requirements of the organization, must be consistent, apply the same classification system to both paper and electronic records.

Companies should implement a centralized records system to provide a single point of control and consistency for all of their records, be they on-site or off-site, paper or electronic.

With a single software solution, companies can:

• Manage records throughout their entire lifecycle
• Reduce their overall storage costs
• Mitigate legal, regulatory and compliance risks and provide clear audit trails
• Streamline record retrieval for both on-site and off-site records
• Generate standard and ad-hoc reports
• Extend enterprise content management or document management investments

Ultimately, to be successful, records management must be integrated into the daily operations of the business.

Effective Records Management – Part 2

Part one of this series considered the current state of affairs that businesses in Canada find themselves with respect to managing records. This part outlines the steps involved in implementing a practical records management program.

The basic steps involved in developing a practical strategy that will be used by an organization’s employees are:

1. Assess the way records are currently managed.

2. Report findings and recommendations.

3. Draft policies and classification/retention plans that suit the organization’s records management culture.

4. Carry out a strategic planning session to determine how to implement the recommendations/create the implementation plan.

5. Implement the plan.

6. Train staff.

7. Audit and evaluate the records management program on a regular basis.

Assess the Way Records are Currently Managed

Every organization is different. Within each organization, business units, groups, and individuals all have their own ways of dealing with the vast amounts of information that pass their desk on a daily basis.

To interest people in managing records differently than they do now, the solution must satisfy the principle of local value. In other words, what they get out of the solution must exceed what they put into it. People have limited time, limited energy and limited enthusiasm. If they have to spend more time managing records, they must stop doing something else. The value it delivers must exceed what people have to put into it. Otherwise they will not bother.

Implementing an enterprise wide records management strategy is a change process. To be successful, we need to change attitudes and workflows and tools. People need to change how they see records from a personal attribute to a collective, from a source of personal power to a source of company power, and from something acquired in the classroom to something acquired every day through work. If people can understand this with their heads and grasp it in their hearts, then the change will be successful.

As this is a very personal equation, it is imperative that a clear understanding of how people are managing records is known. The only way to accomplish this is to speak to the people in the trenches. In our experience, this is most effective when the interviewer is from outside the organization – employees are less inhibited and more candid when there is no perceived threat of being singled out for “not following the rules”.

Part 3 of this series will delve into developing an effective records management strategy.

Effective Records Management – Part 1

Digital information in today’s businesses is threatening to overflow the banks of the information rivers. The 2010 edition of IDC’s Digital Universe report shows that information overload is not some future catastrophe waiting around the corner – it is here now, staring us in the face.

This explosive growth translates not only into higher cost related to storage, and with higher workplace inefficiency when searching for information. To compound the problem, records managers and CIOs must cope with a diverse and decentralized collection of both legacy paper and digital information. For example, a company’s payroll records may exist concurrently as reports in paper form stored at some off site facility, as Excel spreadsheets stored on centralized servers, individual employees’ computers, and as attachments to emails, and within a third-party, cloud based payroll system.

Most organizations are basically treading water right now – while the information tidal wave is upon them, their efforts are focused on plugging holes, not stemming the tide. To move forward in a proactive way, organizations need to develop an enterprise records management program.

Within most organizations, individual groups tend to develop their own way of managing records. In some cases, this is even left to individual employees, usually with difficult consequences when an employee leaves and someone else takes over that position. Although information is information, it is common to see the management of digital records treated differently than paper records. Organizations with long-standing records management strategies are struggling, as they try to force terabytes of digital records to fit within an archaic and usually complicated system original designed to manage a few 100 boxes of paper.

Lack of consistency and simplicity, combined with the abundance and ever growing volume of digital records, makes it difficult for even the most proactive companies to achieve compliance. The answer to this dilemma is simple – organizations must adopt a single set of records management policies coupled to a simple plan that governs all information, regardless of the data format or location. By implementing standard, enterprise-wide practices for classifying, retaining and destroying records, a company lowers its risk of non-compliance and increases its efficiency, reducing costs. These policies form the backbone of any compliant records management program.

In practice, implementing these strategies can be fraught with potholes. In part 2 of this series, we’ll discuss the steps involved in developing a practical ERM program.

e-Discovery is a Business Process

In the U.S., many lawyers are calling 2010 “the year of e-discovery sanctions”. There were more sanctions and parties cited for failing to adequately respond to e-discovery requests than in any previous year. The costs associated with e-discovery are also growing at an exponential rate. As a result, corporate counsel are starting to realise that the costs and risks associated with scrambling to locate and organize e-discovery evidence after litigation strikes are just too high.

In Canada, things are not (yet) as daunting as in the U.S.  Canadian courts are opting to be more proactive, changing rules and adopting the Sedona Canada Principles to direct counsel down the right e-discovery path from the outset. However, the courts are making it clear that they will not tolerate parties who fail to properly address e-discovery processes.

So what’s the solution? According to a Forbes report, e-discovery needs to treated as a standard business process, like legal, corporate governance, HR, and IT, and not as a project that is kicked off on an as-needed basis.

As we emerge from the most recent recession with its associated financial restraints, this idea may sound too expensive to deal with at the moment. However, as the Forbes article suggests, companies should see this it as an opportunity to introduce cost savings into the organization, by changing the current corporate culture so that employees understand how their role is governed by and influences e-discovery requirements.

A side effect of this corporate wide ESI management revolution is that IT will end up spending much less time and money managing digital information, and employees will see a dramatic reduction in the time it takes to find the information they need to do their job. The cost savings from this alone will more than offset any expense due to corporate training and auditing.

In 2011, transform your corporation’s e-discovery approach from a tactical search and rescue mission into a strategic business function.

Live From Applied Discovery’s “Understanding Proportionality”

Tuesday morning, Lexis Nexis sponsored a panel discussion on proportionality, discovery plans, and the effects that the new Ontario rules are having on the way litigation is being carried out. The panel consisted of Master Calum Macleod, Kelly Freidman of Ogilvy Renault, and our very own Susan Nickle.

Proportionality was described as one component of a set of rules designed to encourage a cultural change in the legal community. It is no longer acceptable to proceed unilaterally – parties must come together sooner and communicate more often, in order establish a real dialog and focus on the issues at the beginning of the matter, not at the end.

The new rules, and particularly the requirement for a discovery plan, are leading lawyers to develop a better understanding of technology. To be sure, most lawyers will not become techno-geeks, but it is important for lawyers to understand how electronic information is stored and where it likely resides. It is equally important for lawyers to appreciate that discovery has not changed just because documents are stored electronically – in the end, the case will hinge on same handful of documents. The only difference is that those documents will fit on a CD rather than in a banker’s box.

There were many questions from the approximately 90 people in attendance, including dialogue about  the concept of proportionality forcing litigants to think of alternative forms of proof, as some traditional forms of proof may be too cost-prohibitive.

The seminar clearly illustrated that the new rules are having an influence, and will continue to shape litigation into a more manageable, cost effective tool to resolve disputes.

Litigation Readiness – Nickle Live from LegalTech 2010

Interesting. I just attended a workshop titled “Litigation Readiness: The Impact of the Records Management Program”.  According to the panel, following a market research survey, 80% of companies surveyed reported having a records management policy. I found this statistic extremely high and query whether these reported policies are updated, followed and audited regularly. I have my doubts about that.

However, only 60% of those policies contained a litigation readiness component, and only 20% of those utilized litigation readiness software.  Further only 38% of those companies had a litigation response team in place to handle all of the e-discovery phases.

Also interesting – in the panel’s view (and these were employees of a service provider) the effectiveness of a litigation readiness program is based 90% on the policies and the team put in place, and only 10% on the software. In their words, technology is merely an “enabler” in the quest for defensible litigation readiness.

More later.

Our latest discovery

Wortzman Nickle is pleased to announce Rachael Chadwick is joining us as a Senior E-Discovery Analyst and Project Manager.  Rachael comes to us after years of experience as a Law Clerk whose practice focused on e-discovery. 

Rachael arrived just in time.  January 2010 has started off with a bang!  2010 is the year for lawyers, in-house counsel and organizations to embrace e-discovery.  Undoubtedly the new Rules of Civil Procedure that came into force in Ontario effective January 01, 2010 have had some impact on this.  We have been busy attending Meet and Confer sessions, meeting with organizations that are anxious to have Records Management Policies in place in the calendar year and meeting with other organizations who want to ensure that they have litigation readiness plans in place.  Top that off with several on going e-discovery review projects and we are off to an exciting start this year.  The addition of Rachael to our team adds to our office strength and the breadth of our e-discovery experience. 

Wortzman Nickle are off to LegalTech this week..stay tuned for updates!

The Policies of Privacy, Records Management and the Recession

 Wortzman Nickle has been actively working  on records management policies and litigation readiness protocols.   In our experience,  privacy issues and the treatment of personal information are frequently raised as concerns.   There are many reasons for a company to appropriately collect and retain an individual’s personal information.   However, once the information is collected, certain obligations arise under applicable privacy legislation.

 The recent economic recession has resulted in a rise in privacy complaints, largely because companies are more frequently collecting personal information and they are struggling with the manner in which they handle it.

 Several provinces are reporting a significant increase in employment related privacy complaints.  In particular, it appears that employers are asking for personal information such as SIN numbers and other information to enable them to perform credit checks on prospective employees even prior to an offer of employment is made.  In some cases, the employer is not even advising the employee that a credit check will be completed.  This collection results in a number of problems: a lack of consent for the collection of the personal information, a failure to advise that a credit check will be performed, the inability of the company to justify why a credit check was required at that stage, and potential problems relating to the retention and disposal of the personal information.

 The best way to deal with these issues is with defensible policies and protocols.

 Is your business governed by PIPEDA?  Is your policy falling short?

The Personal Information Protection Electronic Documents Act (“PIPEDA”) provides that companies must obtain appropriate consents; collect only what personal information they require for their business purposes; safeguard the information appropriately; and, dispose of the information as soon as the purpose for which it was collected is fulfilled.

 To ensure your records management program is consistent and doesn’t run afoul of privacy laws, review your program as a whole.  Ensure that your retention policy integrates well with your privacy policies and all other litigation readiness protocols.  If your policies do not work well together, it’s time for a rewrite.