Information Governance - includes Industry Participants

It’s 10:00.  Tomorrow you have to return or destroy all copies of client-provided data for a big client.  Do you know where your client-provided data is?  Chances are, if you are like most firms, you may not, especially when it comes to client-provided Electronically Stored Information, or ESI.  How can Information Governance (IG) help?

ESI is largely made of many copies of client data, modified as it travels through the eDiscovery work flow.  A typical work flow may start with a drive full of client data, which is then processed, sorted, searched, culled, analyzed, reviewed, and eventually produced, often on another drive, to an adverse party.  Through each of these stages, the client data is often duplicated and stored in different systems, some outside of the firm.  ESI is largely handled by a firm’s designated litigation support resources and they will often handle the brunt of IG focused processes. These people are often looking for direction on how to manage the many copies of ESI they intake, what they can destroy, what they must retain, how they must secure the ESI and who must play what role enacting IG procedures, especially if those procedures differ from normal IG process.

There are good reasons to handle ESI differently than normal firm work product. ESI is often voluminous, requiring large amounts of indirect cost (storage space, backups, processing power), or direct cost (vendor hosting charges).  Further, because it is largely client data, it can be handled differently, and often more aggressively, when dealing with retention and disposition.   And because the nature of this data often poses extra risk to a firm, the firm must ensure information security and vendor management processes appropriately address this risk.  However, appropriately handling ESI provides a lot of challenges.

To start with, the client data lifecycle often should be handled differently than firm work product. This lifecycle is often more aggressive than the firm’s traditional retention periods. Firms also need to develop solid processes for gathering and triaging outside counsel guidelines, and other methods for identifying how clients want their data retained, returned and/or destroyed

Scarce resources will challenges many firms, as will the need to establish clear roles between parts of the firm that haven’t typically interacted.  For example, many firms will need to forge a relationships between the litigation support department and the records management department. Other complications will vary by firm size and experience such as the number and complexity of vendor management issues, the types of resources available to deal with issues, single country versus international concerns, and the presence of contracts employees in support positions such as office services.  While small firms may struggle from lack of resources, or lack of formal systems, they may be more nimble when dealing with these challenges

For many lawyers and firms, keeping all litigation data is a standard practice to guard against the chance that the case can come back alive, no matter how slight. Firms’ business development departments might also be opposed to deleting client data since having that data may reduce client costs and give the firm an advantage when competing for litigation business.  When the time comes to dispose of or return that data, the process may be complicated, especially in systems that contain both client data and firm work product.  Those systems often don’t have the ability to be granular enough to treat firm work product and client data differently.  

With all these challenges, where can a firm start?  I'd start by regularly reading the IGPG eGroup posts where people much smarter than I post both the problems they are struggling with, and the solutions they have found.  At conference this year, I'd attend session IGPG3 " Ungoverned Information Equals Litigation Disaster: What your firm should do?   to get the perspective of both law firms and clients on this issue.  Finally, the Law Firm Symposium on Information Governance has a white paper coming out this summer that addresses the very question of where to start.  Look for these events this summer, and look forward to going to sleep at night knowing your client data is safe, sound, and managed.