Think Upstream to Avoid Risky Data Transfers Every Step of Your eDiscovery Process | Ipro Tech



The discovery process has traditionally been reactive, triggered by impending litigation.

That didn’t change when Electronically Stored Information (ESI) was included in this process in 2006. And when you look at the EDRM (eDiscovery Reference Model), which came into being at the time and continues to be the basis of the eDiscovery process, it seems pretty straightforward.

A legal expectation is sent to custodians, instructing them not to destroy ESI. Then, those who control this data, preserve data in some form. Then this data is collection and treaty in usable formats so that it can be reviewed. Ultimately, review the teams review this information, begin to present a case and produce in a format stipulated by the guidelines of the Department of Justice.

But this process by nature is reactive from the start. This often makes this seemingly linear process convoluted and confusing, involving multiple stakeholders and data transfers, which can increase data risk.

Without thinking up front, the process might look like this:

Legal detention

Legal hold notices are sent, but without a clear process of how this is done, how holds are confirmed and how data custodians should respond, this can lead to unintentional theft of ESI, which can result in delays or legal sanctions.

Identification / Storage

Once data is identified as requiring retention, time must be spent on locating that data and how to lock it down without theft, especially if there is no data card. This often involves the IT department of an organization, which creates an additional stakeholder, and who may or may not have a clear understanding of the preservation process as it relates to the needs of the legal department. Automatic deletion protocols may also be in place which could also cause unintentional theft.


Once the data is located and preserved from deletion, it should be collected. Again, if an organization is simply reacting to a trigger event, it may need to hire an external digital forensic service provider who knows how to extract the necessary ESI without theft. This adds another stakeholder and another data transfer, which can put an organization’s data at risk. Even if an organization has done collections in the past, as new data sources (SaaS tools, social media, collaboration apps, etc.) are continually being created and added, it may need to hire a digital forensics expert who specializes in these types of data. The data. And if this was not planned, it can again lead to delays, additional costs and risks.


Now that the data has been collected, it needs to be processed, which often involves another service provider. Not only does this add another stakeholder, but data has to leave one organization to be hosted elsewhere, creating more risk and cost.


Once the data is processed, it should then be sent to a review team. Some service providers offer a first pass exam along with processing, but even with that, an organization’s outside lawyer will also want their lawyers to review the documents. This creates even more stakeholders, data transfers and costs. Additionally, if there is no clear process from the start, it is at the examination stage that issues with the ESI may finally be noticed, which may require going back to perform more. collections and / or treatments, which leads to a more in-depth examination.


This step can be thought of as something as simple as pressing a button (it often is), but there are always things that can go wrong. The production is not always completed according to the order of the applicant and may need to be redone. Redactions cannot be burned and Personally Identifiable Information (PII) and other sensitive, privileged, or private information may be disclosed. Again, not thinking about these risks up front can lead to risks, costs, and work delays.

The thing to remember is that a disjointed process can still lead to a functional outcome. And this is where many teams may not realize the need to change. They can just think, that’s how we’ve always done it and not want to mess things up. But with the huge stores of data organizations are creating and the growing attacks against that data – not only against the organization itself, but also against law firms, data storage and hosting facilities and businesses. ‘other third-party vendors – the need to mitigate risk is more complex than already.

This is why it is so important to think upstream. Organizations can no longer afford to be reactive with this process, but rather must adopt a “when not if” mindset. It starts with ongoing, ongoing data management and insight before a dispute arises. At the same time, setting up processes for each step based on this data insight will streamline things and reduce risk. It can also reduce the number of stakeholders and data transfers involved, which not only reduces risk but also costs.

Don’t stay in responsive mode with a process like this in this month’s eDiscovery Blues comic book. Start thinking ahead to avoid a process that is more like an arrow and less like a bowl of spaghetti.

[View source.]


Leave A Reply

Your email address will not be published.