When it comes to the discovery of electronically stored information (ESI), many legal professionals are reactive. A case is filed (or if they’re a third party, a third-party subpoena is issued) and it’s time to begin identifying ESI to be preserved and then collected so that it can be loaded into an eDiscovery platform for searching & culling, review, and eventual production.
If you’re a legal professional that doesn’t start thinking about discovery until the case is filed (or the investigation is launched), you have fallen behind before you ever started. That’s because today, eDiscovery begins before the case is ever filed.
The Importance of Information Governance
As we discussed in our last post, the estimated volume of global data created is expected to reach 181 zettabytes (which is 181 trillion gigabytes!) by next year and data is doubling in organizations every two years. Organizations must have a strong Information Governance (IG) program today to keep up with the explosion of data. Benefits of a strong IG program include:
- Risk Mitigation: IG helps in mitigating risks by connecting various stakeholders and creating a common understanding and unified implementation across critical areas.
- Value Generation: A well-implemented IG program contributes to value generation by ensuring that information is managed effectively throughout its lifecycle and important data can be easily re-used.
- Strategic Information Management: IG is key to achieving business objectives, including those associated with discovery. It also leads to facilitating compliance with external requirements, and minimizing risks associated with sub-standard information-handling practices.
- Information Security: A strong IG program minimizes information security risks by protecting personally identifiable information (PII) and ensuring access by authorized users only.
While index in place technology is the fuel to your organization’s IG engine, humans are still needed to drive the IG “car”. IG best practices are mandatory to maximize the benefits of index-in-place technology if for no other reason than to manage the data to be indexed!
Three Important Components to Get Started With an IG Program
As reflected by the maturity and reference models below, there are a lot of factors to consider when developing an information governance program for your organization. However, here are three important components your organization needs to get started down that path:
- Stakeholder Involvement and Buy-In: To be successful, an IG program must be organization-wide and involve key stakeholder groups. The Information Governance Reference Model (IGRM) published by EDRM identifies seven key stakeholder groups as follows: Records Information Management (RIM), Legal, Risk. Privacy, Security, IT & Business units. Getting those key stakeholder groups on the same page can be difficult, but it’s vitally important to develop a comprehensive and mature IG program.
- Policies and Procedures: Any important framework needs a set of policies and procedures on how data should be managed and protected. It’s important to establish a framework that ensures data security, integrity, quality, and compliance within your organization. The Information Governance Implementation Model (IGIM) from ARMA is a useful tool to connect the various stakeholders of IG, by establishing a common understanding and unified implementation series that bridges policy and technology through eight critical areas – steering committee, authorities, supports, procedural framework, capabilities, information lifecycle, architecture and infrastructure.
- Data Mapping: Data Mapping is the initial step an organization takes to understanding the various types of data it possesses and pinpointing their specific locations, which is key to data security, integrity, quality, and compliance. Through a Data Mapping exercise, an organization can determine the kinds of data it holds, where the data is stored, how it is processed, and who has access to it. You can’t manage the data effectively until you know where it is.
IG is Part of a Mature Legal Operations Function
While IG is an organization-wide initiative, it’s also an important component within departments as well, including the legal department. Legal operations within corporations have evolved to become business partners and risk managers within those organizations leading innovation to address risk and compliance needs.
As part that evolution, the Corporate Legal Operations Consortium (CLOC) published a reference model called the CLOC Core 12 maturity model. The CLOC Core 12 model reflects 12 core functional areas that legal ops professionals can reference to achieve consistent functional and department maturity growth.
Information Governance is one of those 12 core functional areas, and it relates to several other functional areas that lead to operational maturity within your legal department. For example, an effective IG program supports and drives functional areas including Knowledge Management, Financial Management, Firm & Vendor Management, and Business Intelligence. It facilitates Strategic Planning and Project/Program Management. And it both leverages and feeds Technology. Information Governance is foundational to the success of other functional areas within your legal operations and within the organization overall.
Data Discovery Seamlessly Leads Into eDiscovery
Data Discovery involves locating and accessing specific data within an organization – giving insight into its data and creating a significant value add to an organization.
Sound familiar? Well, it’s from our website, but that’s not what we mean. What happens at the beginning stages of eDiscovery? You’re identifying (locating) and preserving and collecting (accessing) data for the case.
Data discovery is a wonderful by-product of an effective information governance program – especially when that program is leveraged by effective technology. It enables your team to effectively get a “jump start” on eDiscovery because you’ve already developed an understanding of where your data lives (locating) and how to get to it (accessing).
At the risk of getting “model happy”, let’s illustrate the point with one more model – the EDRM model. The EDRM model used to have a small box at the left of the model titled “Information Management”. Today, the entire IGRM model is contained within the EDRM model to illustrate the importance of information governance at the beginning of the eDiscovery life cycle. Not only that, but EDRM is currently discussing a remodel of the iconic EDRM model (EDRM 2.0), in part because of a push to the left since so many more tasks (legal holds, searching, analysis) are being performed “in place” within organizations today.
Regardless of potential changes to the EDRM model to move tasks further left, data discovery within information governance today enables a seamless transition to eDiscovery when the case is filed – much of the work in the Identification phase is already accomplished. That’s huge!
Today, eDiscovery Begins Before the Case Is Ever Filed
Why are so many legal and eDiscovery professionals frazzled during cases? Because they’re already behind before they ever get started! If your organization isn’t planning for eDiscovery before cases get filed through a robust and mature information governance program that facilitates locating and accessing specific data within your organization, your team will be frazzled too.
A mature information governance program establishes a framework that ensures data security, integrity, quality, and compliance within your organization – all of which are needed to conduct eDiscovery effectively. There’s no time like the present to get started!
For more regarding Trustpoint.One’s Information Governance capabilities, click here.
