1 / 19

Records Management for Paper and ESI

Information Management. Records Management for Paper and ESI Document Retention Policies addressing creation, management and disposition Minimize the risk and exposure. Identification. Litigation Hold Readiness

zachery-franklin
Télécharger la présentation

Records Management for Paper and ESI

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Management • Records Management for Paper and ESI • Document Retention Policies addressing creation, management and disposition • Minimize the risk and exposure

  2. Identification • Litigation Hold Readiness • Process of learning where everything relevant may be located and who has access to where and what • Establishing time frames • Determining the need for forensics

  3. Preservation • When does duty arise through litigation hold • Clearly defined, monitored, published process • Must allow business to continue to operate, but avoid the spoliation and potential sanctions related to destruction

  4. Collection • Timely Meet and Confers • Formalized agreements, preservation notices • The “acquisition” of the data • Must be comprehensive, maintaining integrity of data content and preserving its format • Close attention to metadata and chain of custody

  5. Collection- Meet and Confer • Meet and Confer discussions are required to address how ESI will be handled, as well as written documentation to the court.

  6. Collection- Data Acquisition • Traditional method- Acquiring of “all” potentially relevant data and processing it for review. $$$ • Interim method- Improved processing tools to dedup and neardup data= a smaller review pool of data. $$ • Targeted methods- Collecting only relevant items, using keywords, Boolean and other filtering methods. $

  7. Collection- Targeted Search Methods • Custodian filtering • Time and Date filtering • Privilege searching • Concept/Context searching • Keyword Searching

  8. Collection- Targeted Methods- Savings • Reduced storage needed for review platform. • Reduced hosting cost, typically charged by the GB. • Reduced attorney review hours. • Less (or no) down-time during data acquisition. • Metadata preservation is possible.

  9. Collection- Content and format • Must be comprehensive, maintaining integrity of data content and preserving its format. • FRCP requires data to be produced in a format that replicates how it was used.

  10. Collection- Risks • Failure to demonstrate a defensible identification, preservation and collection program. • Poor collection practices that result in over-collection and other inefficiencies. • Under-collection that misses relevant docs.

  11. Collection- Caselaw • AZ Seroquel • Coleman v. Morgan Stanley • In Re: Fannie Mae • Peskoff v. Faber • Qualcomm

  12. Collection- Pitfalls- Keyword Searching weakness • Under-inclusive- focus is on exactness e.g “car” vs. “Mercedes”, Specialized vocabulary or acronyms are excluded. • Over-inclusive- many irrelevant documents may be collected e.g. “car” might bring up car seats, car pools, etc. Caselaw: In Re: Fannie Mae. 400 keywords. • TREC project and Verizon tests are demonstrating clear weaknesses in existing search methodologies.

  13. Collection- Chain of Custody and Authentication • Familiar concept in criminal law, but historically it was rarely an issue in civil litigation. • As a result of the ability to change ESI, the requirement to maintain a defensible chain of custody now applies to every stage of the eDiscovery process. This involves: • Documenting the acquisition process. • Documenting the chain of custody thru the entire process.

  14. Chain of Custody –Forensic vs. Non Forensic • Forensic acquisitions- an exact image that includes everything on the hard drive such as slack space and deleted files not yet overwritten. Forensics tools utilized do not alter any data during the copying process (a bit by bit mirror image is created). • Non-forensic acquisitions- Civil litigation requires preservation of data relevant to a litigation, not necessarily forensic acquisition unless there are early issues regarding suspicion of fraud, theft of IP or deliberate concealment of assets or fear of spoliation. However, in all cases a chain of custody will assist in the admission of evidence and s.b. maintained.

  15. Chain of Custody – Hash Values • An electronic fingerprint. • Can be applied to a file, a section of a hard drive, or an entire drive. • If any item, even a single character is changed, the hash value will change.

  16. Chain of Custody – Admissibility • If opposing party objects to any ESI in a matter, it may be necessary to present an complete foundation for it. • If the ESI was collected by someone lacking qualifications or someone who is party to the litigation and potentially biased, it may not satisfy the court and the evidence may be excluded.

  17. Chain of Custody – Log • Regardless of whether a forensic or non-forensic collection is made you need to properly maintain the chain of custody, including: • A description of devices from which data was copied. • A list of folders that were copied. • Your process for making the copies. • Documentation of any hand-offs e.g. back to a law firm or to a processing company.

  18. Collection Tools • . Write blockers • . USB based portable collection tools • . Enterprise Collections • . Tape Indexing • Accessibility Issues are Changing!

More Related