Americans like to sue each other. According to Fulbright & Jaworski's "The Third Annual Litigation Trends Survey...
Findings," 90% of U.S. corporations are in litigation and, on average, corporations with revenue of $1 billion or more deal with 556 active cases. This translated into $31.5 million spent on legal matters last year.
Companies must respond to these litigations, whether frivolous or deadly serious. And the new Federal Rules of Civil Procedure (FRCP), which took effect on December 1, will cause storage policies and procedures to be even more closely scrutinized by forensic attorneys looking for smoking gun e-mails, or for evidence that such e-mails or documents have been destroyed or altered after litigation and deposition holds were issued.
"Attorneys are very good at placing the blame on other people, [as in] 'You mean you didn't save that file?'" says Donald Wochna, chief legal officer at Vestige Digital Investigations, a company that specializes in helping attorneys search for and recover documents. "An attorney wants to know if the IT guys are telling the truth about what their systems can and can't do," he adds.
The FRCP rules generally dictate that organizations focus on the following: tape cataloging, so they know what's "reasonably accessible" and what isn't; media restoration, which places legacy data into a repository for quick access; content archiving, which collects live and legacy data into a central repository; retention-management policies that tell how that saved data is preserved and ultimately disposed of in accordance with stated policies; and discovery management, the process in which data is analyzed, deemed "discoverable" and presented in a requested format. No attorney wants to get a spreadsheet, for example, delivered as a PDF file that strips out all the meta data; the formulas show how the numbers were computed and may be just as important as the numbers themselves.
"E-mail archiving is a good place to start beefing up your retention policies for unstructured data," says Michael A. Clark, managing director at EDDix, a company specializing in increasing communication between attorneys and storage managers.
E-mail archiving companies from Archivas to Zantaz are scrambling to position their products as the must-have repository to satisfy compliance regulations, including the new FRCP rules. Various array vendors are rapidly partnering with archiving companies; for example, EqualLogic recently established relationships for its PS Series arrays with Mimosa Systems' NearPoint server for Microsoft Exchange; with Archivas Cluster (ArC) software for fixed content such as e-mail and medical records; and with KOM Networks' KOMpliance.
Having a solid archive is one thing, but effectively managing information that may pertain to a legal discovery or litigation is quite another matter. Deidre Paknad, president and CEO at PSS Systems, a developer of information-retention products for litigation environments, offers the following advice for managing legal holds (the process of tagging documents that may have a bearing on litigation to ensure they aren't destroyed or deleted), evidence collection and global retention policies: Repeatedly communicate legal holds to all affected parties and monitor compliance with legal holds continuously. Interview affected employees to determine sources of information, and integrate your retention policies with discovery responsibilities. Lastly, says Paknad, "thoroughly document and demonstrate the efficacy of your process."
"E-discovery and records management [are] two sides to the same coin," says Pete Pepiton, discovery product manager at CA. He advises companies to realistically examine their retention policies, including how automated they are and whether they contradict other retention policies. "You'll find," he says, "that many companies' retention policies are crazily indefensible."
- Impact of General Data Protection Regulation on Storage Systems –IBM
- EU General Data Protection Regulation –MarkLogic
- The EU General Data Protection Regulation –Oracle Cloud
- Preparing for the General Data Protection Regulation –Fortinet, Inc.