IG .com Empower Your Information Governance with eDiscovery Technologies A useful guide designed to help information management professionals blend traditional IG methods with eDiscovery workflows. Written by The Engineering & Customer Success Teams at Logikcull.com Page 1 of 12 .com Advances in technology have made it affordable, even advisable, for businesses of all sizes to keep massive amounts of data. “Big data” is a buzz word that fills people’s minds with pictures of massive datasets they can use to track and predict customer behavior in ways that were previously impossible, or at the very least unaffordable. Shifts in data trends have resulted in the storage, retention, and preservation of huge collections of data, from in-house documents to online content. Unfortunately, storing, retaining, and preserving data isn’t enough. Data needs to be managed in order to be useful. All of this data can be a company’s greatest asset, but it can also be a dangerous liability. Data becomes an asset when it is transformed into useful information that is managed effectively. Data becomes a liability when it is unused, misused, or mishandled. The difference is often the result of conscious, purposeful, strategic efforts to transform data and manage the resulting information. Exacerbating the pitfalls of data mismanagement are the very real threats resulting from a digitized global world. When constructing an information management strategy, it is important to realize that the same technologies that empower organizations to collect, process, and transmit more data are also used by other entities to steal data. Some people still cling to the idea that data theft is the result of malcontent hackers who perform their heists with few resources. Unfortunately, current evidence indicates that corporate espionage may often be the result of concerted efforts on the part of foreign governments that leverage stolen data for economic gain. Related - Read our white paper on: How to Prevent Your Client’s Data from Getting Hacked This problem is so prevalent, so real, and so damaging, with losses ranging in the billions of dollars, that governments, universities, and private organizations are cooperating in an effort to end the pilfering. For example, Convington & Burling LLP, in cooperation with George Washington University’s Cyber Initiative, conducted a thorough exploration of economic espionage and trade secret theft in relation to the legal and policy landscape, and produced an excellent overview, stating, “In short, the same technologies responsible for accelerating global growth are also being used to steal proprietary information and harm economies.” Empower Your Information Governance with eDiscovery Technologies Page 2 of 12 .com For businesses, this means that foreign interests, perhaps empowered by government entities, are conducting massive campaigns to intrude upon corporate information networks in an effort to glean proprietary information, trade secrets, and other valuable information in an effort to make decisive advancements using others’ information investments. Combine this mounting threat with the overwhelming amount of data being generated and stored, it’s clear that classic information management strategies are no longer adequate. The solution proposed by many information experts is secure information governance. IG Introducing Information Governance According to Gartner, “Information governance is the specification of decision rights and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival and deletion of information. It includes the processes, roles, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals.” In order to truly grasp what that definition means for organizational processes, the definition must be broken down into component parts. Information governance is: • A framework established with conscious, purposeful, strategic intent. • A systematic specification of decision rights and accountability. •A means of encouraging behaviors that assign value to data, transform data into information, and put information to beneficial use. •A set of processes, roles, standards, and metrics that control the use, storage, archiving, and deletion of information. •An effective and efficient means of leveraging information to achieve organizational goals and objectives. Simply put, information governance (IG) ensures that data and information are organizational assets by creating the structure through which data is transformed into useful information, which is then managed effectively in a secured digital environment. Furthermore, for IG to add value to the organization, it has to empower information users with access to otherwise secured information, while minimizing the wastefulness of storing valueless and expired data. Empower Your Information Governance with eDiscovery Technologies Page 3 of 12 .com In its full context, IG sounds overwhelmingly difficult. Luckily, there is an unexpected resource that can tame the data monster and transform burgeoning data files into actionable, informative datasets with tangible value. Start with People Information governance is not, primarily, an issue of technology. The decisions regarding IG are not IT decisions. Gartner’s Debra Logan says, “The people who staff the functions that produce and use the information are the people who know its value, understand what they need to save for recordkeeping purposes, can point out the current version of documents, should know how long a given document or set of data is going to be useful from a business continuity perspective.” So, the decisions regarding IG require the input of the people who create and use information. However, an executive or manager must lead the IG charge, because the IG decision maker must balance the needs of information users with the expense of information governance to determine which organizational resources should be devoted to data management. An executive would also have the authority to address the culture and personnel of the organization, which may resist any changes to current information management practices. Save Everything In the age of “big data” and Web 2.0 capabilities, businesses can literally save everything. But why should they? Sure, if every byte of information is saved, users can go back and use it again. But do they ever use it again? Should they use it again? How much value does saving excess data really add to organizational efforts? The point of information governance is to take a serious look at these questions, determine what is really needed, make it useful, and discard what isn’t at all useful. Saving everything may be affordable, but it is not a useful consumption of organizational resources and does not facilitate the effective use of valuable information. Strategy vs. Technology Information and data management is not an IT problem, and it’s not a problem that can be solved solely with technology. The decision makers with the organization need to make and enforce IG decisions. Those decision makers need the input from information users to know what does and does not have value. But, once an Empower Your Information Governance with eDiscovery Technologies Page 4 of 12 .com organization has all of that, the organization will need an IT solution to manage the IG process. This will involve sorting through the data in a way that doesn’t consume an exorbitant amount of time and resources. Without such a solution, information governance is a pipe dream that will cost more than it’s worth. The solution exists, but in order to fully appreciate the technological solutions available to organizations engaging in information governance, it’s essential to understand the technical side of information. IGTechnical Side of Information Governance The The technical side of IG revolves around the framework itself: the processes, procedures, standards, and controls that ensure the effective and efficient management of information. Regardless of the information medium, managed information should support an organization’s mission and goals. It is especially important to consider the needs and responsibilities of the legal, compliance, and IT departments when structuring the framework that will manage the organization’s information. An effective IG framework will support a variety of information management processes, procedures, standards, and controls. While every organization must construct a unique IG framework to meet its information needs, every comprehensive IG framework shares some basic objectives. A strong, effective, and efficient IG framework will meet each of the following objectives in a way the supports the goals of the entire organization. Records Management Clearly, records management is an overarching goal of information governance. This is the first thing most people think of, which unfortunately results in an undervaluing or oversimplification of IG. According to Yusof and Chell in Records Management Journal, records management is consistently undervalued, in part because records management lacks the rigorous theoretical framework that supports many other business disciplines. Ironically, the need for information governance reinforces the importance of records management, particularly as it relates to other overarching objectives like accessibility, security, and compliance. Making systematic records management a founding aspect of the information governance framework ensures information empowers and adds value to the daily operations of the organization. Empower Your Information Governance with eDiscovery Technologies Page 5 of 12 .com Information Accessibility Along with records management, information accessibility is a main driver of information governance. There are few things that are more frustrating than to know that an organization has terabytes of information, and yet the people who need to use it cannot find it or access it. Successful information governance solves this problem by storing and archiving information with a mind to its use, so that the people who should have access do have access and those who shouldn’t have access don’t. In fact, according to Gartner, information should be so accessible that a keyword search interface should be available to locate it. Information governance makes this possible, while also protecting information from inappropriate access. Information Security In the end, information governance comes down to information security. Unfortunately, considering the domestic and foreign threats to information ranging from viruses and malware created by malcontent hackers to global espionage campaigns perpetrated by foreign governments, information security has to be rigorously protected. The alternative is simply unthinkable. Disruptions in service, lost or damaged data, and data theft can become huge financial disasters, some of which are sufficient to force a business to close its doors forever. Furthermore, in the high-regulation environment many businesses operate in, not only is information security required for the business’s well-being, it is required by law. Compliance Information security is, of course, not the only compliance issue organizations face. Every business operates in an industry full of industry, local, and government regulations and laws that seek to control operations in some way or another. These regulations and laws are constantly evolving, particularly in our present highregulation environment, which requires a higher degree of diligence when it comes to handling an organization’s information and documenting and proving compliance. Regulations govern what information a company can collect, how information should be used, how it should be retained, and who the company can share its data with. Noncompliance of these standards may lead to harsh penalties and sanctions, sometimes involving fines of $100,000 or more per violation. Contracts and permits may be lost. Lawsuits may be filed. The company’s reputation may be irrevocably destroyed. And it’s all preventable. Empower Your Information Governance with eDiscovery Technologies Page 6 of 12 .com A comprehensive IG framework ensures that the organization puts in place strategies for integrated security risk management and continuous compliance monitoring in accordance with industry standards and regulations. This framework empowers companies to retrieve records from any electronic or physical location to demonstrate transparency and compliance, as well as providing secure access to records, email, and other information sources for authorized users. In short, by building a strong compliance program within an effective IG framework, companies will minimize risks and maximize their ability to compete. Information Privacy Information privacy would appear to fall under either information security or compliance, and in reality it falls under both. However, considering its independent importance and the consequences of failing to secure private information, achieving information privacy is a distinct objective of any information governance framework. A secure IG system will ensure that private information and communications are accessible only to those that have proper authorization, preventing the dissemination of private information to unauthorized sources. Again, the consequences of failure can be monumental, leading to multi-million dollar lawsuits and exorbitant government fines. Thus, companies that collect and retain significant amounts of personal information must take strong measures to secure it. Those that succeed will protect themselves against data privacy lawsuits, like the recent lawsuit against the Schnucks supermarket chain, gaining a competitive advantage over companies that do not proactively protect personal data. The IG/eDiscovery Connection eDiscovery typically refers to one of two things. Electronic discovery, or eDiscovery, is a process used in litigation to “discover” documented information for legal purposes. eDiscovery is also an electronic document processing technology that allows you to learn more about your documents and manage them effectively. eDiscovery software, like Logikcull.com, was originally developed for use in litigation, and is still used to locate and include (or exclude) documents in a dataset based on content, file type, language, email domain, and much more, inside and outside the legal environment. In short, effective eDiscovery software is an easy, convenient way to manage electronic documents. Empower Your Information Governance with eDiscovery Technologies Page 7 of 12 .com eDiscovery software has had a big impact in litigation cases, reducing the costs of the discovery process significantly. However, eDiscovery software’s ability to tame data monsters isn’t just for law firms. eDiscovery capabilities can be as essential for information governance as information governance is for the litigation-related eDiscovery process. Using eDiscovery for Information Governance An effective IG system will utilize eDiscovery capabilities, so that you can use metadata to eliminate irrelevant files from your dataset. Your eDiscovery capabilities will also be able to intuit which parameters will be effective with a particular dataset, as some files may have poor optical character recognition (OCR) and others may be unreadable, unviewable, or unsearchable. Litigation experts have used semi-automated workflows to cull data, but an eDiscovery program used for information governance should have these capabilities built into the system. In short, eDiscovery is the IT solution that will sort through an organization’s unorganized data without consuming an exorbitant amount of time and resources, transforming information governance from an insanely expensive pipe dream to an attainable, affordable reality. Sample IG + eDiscovery Case Study: Matter Mobility For law firms that have newly hired attorneys coming into the firm or attorneys that have recently left the firm, matter mobility can become a huge drain on already strained resources. In the context of incoming attorneys, matter mobility is the process of importing a newly hired attorney’s files, which range from electronic records to handwritten documents or other physical evidence, into the firm’s document & matter management systems. This incoming matter mobility process can be fairly straightforward and quick, but can easily become time consuming in the event of a law firm merger where a large number of new attorneys are entering the firm or if the files themselves are complicated (i.e. unorganized, missing metadata, proprietary file formats, etc.). Where matter mobility is almost always a drain on resources is when an attorney leaves the firm and the matter-based files belonging to the attorney need to be thoroughly reviewed, culled, and exported by someone familiar with the outgoing attorney’s matters, usually another attorney, before the files can leave the firm. Unlike eDiscovery software, most document management systems used by law firms aren’t built for document review and culling, which makes it incredibly difficult to quickly Empower Your Information Governance with eDiscovery Technologies Page 8 of 12 .com complete even a small matter mobility project. To make matters worse, attorneys tasked with reviewing an outgoing attorney’s files are reluctant to do so because it is not billable work and thus takes away from spending time on their own client matters. This, combined with software that isn’t designed for quickly reviewing and culling files (e.g. using a Mac or iPad) from anywhere a reviewing attorney may be, makes matter mobility work a drain on a law firms valuable resources. A potential solution to significantly speed up any matter mobility project is to utilize the document review and culling capabilities commonly found in many eDiscovery software applications. In a proof of concept with the law firm Orrick, the Information Governance and Records Management team, utilizing a cloud-based eDiscovery software, was able to reduce the time to complete a common matter mobility project from 10 days to 2 hours. A time savings of 9 days and 22 hours for one matter mobility project is a significant reason to consider utilizing an eDiscovery software for matter mobility. The Orrick team was able to accomplish this by leveraging the eDiscovery software’s native capability to filter the files by email domains, date ranges, keywords, and a variety of other eDiscovery-specific analytical features. Since most eDiscovery software has built in document export options for producing data to requesting parties, the team was able to utilize this functionality, and easily package up the outgoing attorney’s files into a Zip file that could be conveniently transferred to another firm. This combination of Information Governance and eDiscovery software is just one area where efficiency seeking IG professionals can take advantage of existing software solutions to make IG an even more valuable function within any law firm or organization. Using Information Governance for eDiscovery The reverse is equally true, because organizations all too often face the possibility of litigation, even when they are rigorously compliant. Information governance that incorporates eDiscovery capabilities into the framework will be prepared for such possibilities, and may be able to use this preparedness to avoid, or at least limit the costs of the possibility of litigation. Empower Your Information Governance with eDiscovery Technologies Page 9 of 12 .com Simply put, when information is “discovered” for litigation that information must be collected, processed, reviewed, and produced. This process is often cited as the most expensive part of litigation. However, when an information governance framework utilizes the advantages of eDiscovery software, the required information has already been collected and processed, and, because this is done on behalf of the organization and with the organization’s full cooperation, the quality of the collection and processing is superior. So, the organization reaps an immediate savings on the cost of “emergency” document collection and processing. Typically, the eDiscovery process, in reference to litigation, can cost $3 million or more per year. Unfortunately, when done “under the gun” of litigation, this process may be done so poorly that reports approximate that more than 50% of reviewed documents may be produced improperly. This could result in a lost litigation case or the public release of proprietary information that should not have been disclosed during the review process. Poor eDiscovery can cost up to $60 million per year, which is simply the result of unpreparedness. Information governance that incorporates eDiscovery capabilities can ensure the organization is prepared, which will improve the quality of the review process while simultaneously decreasing its cost. Thus, the review process will produce reliable results that can forestall additional litigation expenses at considerable savings. Empower Your Information Governance with eDiscovery Technologies Page 10 of 12 .com The Bottom Line: IG & eDiscovery Works When people start considering information governance, it seems overwhelming. Maybe it still seems overwhelming. The stakes are incredibly high, too high to ignore. Creating an information governance framework is complicated. The process will span the entirety of the organization. But the rewards are many, including: • Significantly reducing the costs pertaining to security threats. •Significantly reducing the costs pertaining to litigation and eDiscovery. •Minimizing the possibility of data theft. •Minimizing the possibility of litigation losses and government fines due to compliance and security failures. •Maximizing the organization’s preparedness for transparency and compliance requests, as well as litigation processes. •Maximizing employee accountability for information management. •Improving business operations with regard to the use of information. •Improving the ability to achieve organizational goals. The aim of every business is to reach its goals with utmost efficiency and with the least disruptions. A comprehensive information governance framework empowers the business to achieve this overarching purpose more efficiently and more quickly. After all, information is power. In fact, information may be the most vital currency on the market today. Proper information governance leverages the power of information to further business goals, while protecting business assets. As difficult as this may seem, no business needs to engage in information governance alone. Information governance is a complex system of information management that begins and ends with the needs of the organization and its people in mind. By using an IG framework with eDiscovery capabilities, you can ensure that information governance is the affordable, effective solution that tames your data monsters. Empower Your Information Governance with eDiscovery Technologies Page 11 of 12 .com About Logikcull Logik is the creator of www.logikcull.com - the leading cloud-based eDiscovery platform. Logikcull is ideal for corporations and law firms that want an easy-to-use, affordable, and secure eDiscovery platform without needing to invest in significant hardware and software costs. Logikcull can be accessed using PCs and Macs as well as mobile devices including the iPhone and iPad. To keep customer data secure, Logikcull.com resides behind an enterprise SSAE16 SOC1 Type II certified data center. For added security and customer comfort, Logikcull is not hosted in a public cloud like Amazon Web Services (AWS). Some use cases for Logikcull are: eDiscovery & document review, information governance, document archiving, document collaboration, deal rooms, matter mobility, and internal investigations. Logik is headquartered in Washington, DC and was founded by Andy Wilson and Sheng Yang in 2004. Visit www.logikcull.com Email [email protected] Call 1-800-951-5507 Follow us on Twitter @logikcull Empower Your Information Governance with eDiscovery Technologies Page 12 of 12
© Copyright 2024