Extract from BIA’s “The CCO’s Role in eDiscovery: Clean, Comply, Collaborate”
What is the CCO’s role in eDiscovery and how does one enforce rules that are always evolving?
At first glance, the Chief Compliance Officer or CCO’s role in eDiscovery is plain and simple, just as it appears: to make sure that everyone at their organization is following the rules. Corporate compliance standards are mandated at the local, state, federal, and international levels, and they can vary widely, according to factors of the industry in which you operate or the agreements you have with clients and regulators. Rulebooks about data management—how to handle, organize, store, transfer, or delete it—are already complicated and getting more so every day. Wherever should a CCO start?
The CCO’s role in eDiscovery is to COMPLY.
In study upon Harvard study asking GCs, corporate executives, and compliance officers to call out the greatest threats to their businesses, one increasingly resounding answer is regulatory risk. Staying informed of ever-changing laws about privacy, ethics, data management and security constitutes a full-time job in many organizations all on its own. Add to that the responsibility of keeping all the departments in an organization in compliance with those ever-changing laws and regulations, and the CCO’s role in eDiscovery starts to resemble that of an air traffic controller.
Compliance with what? The CCO must enforce compliance with internal controls as well as external audits and investigations.