In my last post, I wrote about the importance of data mapping and knowing where your electronically stored information (ESI) lives within your organization. Today, I want to touch upon document retention policies and the importance of purging unnecessary data.
If you've been following the conversation in e-discovery circles, then you undoubtedly know how imperative it is to implement a comprehensive data retention policy to ensure a defensible e-discovery process. Without uniformly and routinely enforcing your data retention policy, you risk getting slapped with the dreaded spoliation accusation. And as we've seen in many cases, the monetary cost of spoliation can surpass the entire claim being litigated.
But the preservation of ESI only addresses half of a retention policy's intended purpose. In addition to outlining what information should be held and for how long, a data retention policy should also speak to data purging. Specifically, the policy should address what information should be purged, when should this information be purged and what process should be undertaken to purge this information.
There are several reasons to include data purging procedures in a data retention policy.
First, amassing giga- and petabytes of old information unnecessarily complicates your IT infrastructure. Your organization must store this information somewhere. If it is to be retained indefinitely, your IT department will need to continually add storage devices to your organization's IT network. Although data storage is relatively inexpensive, the time you must devote to continually update your data map represents a significant cost.
Second, the more data you have within your organization, the more data you will have to search through, collect, process and review should a matter arise. Anything on the corporate network outside of privileged information is fair game for a requesting party. Therefore, the more information you retain, the higher your e-discovery costs.
Third, the more varied and dispersed your data and your data stores, the more likely you are to inadvertently miss ESI that is potentially responsive to a matter. Think of your organization's network as a file cabinet. If your file cabinet is cluttered with outdated, unnecessary documents, it is going to be significantly more difficult to locate information than if you were to routinely clean out your file cabinet. By purging data uniformly and routinely, you can decrease the risk associated with failing to identify, collect and produce responsive ESI.
Finally, by destroying information uniformly and routinely according to a document retention policy, you are increasing your policy's defensibility. As long as the ESI is not subject to legal hold or other retention obligations, purging the information does not present an increased risk of spoliation. In fact, the opposite is true. In order for your data retention practices to hold up in court, you must uniformly and routinely retain and purge data according to your policy. This also gives reason to periodically auditing your retention and purging practices to ensure the policy is being adhered to routinely throughout the organization. Evidence of these audits can serve to embolden your position in court.
So, yes, data retention is an essential ingredient for a defensible e-discovery process. But compliantly preserving ESI should not overshadow the importance of purging unnecessary data. By cleaning house, so to speak, you can decrease your organization's risk and costs while strengthening your e-discovery efforts.
Russ Gould is director of product marketing at Guidance Software.
No comments :
Post a Comment