Extract from Duncan Bradley’s article “Redaction Blunders in Context”
There are many great articles that focus on the headache (and harm) that occurs when sensitive data is not redacted properly in eDiscovery, investigations, and regulatory compliance–including data privacy mandates. In many recent redaction blunders, redactions were not permanent and irrevocable and sensitive data was disclosed.
This blog focuses on sensitive data detection as a precursor to applying effective redaction because data can’t be protected unless its existence is known. The types of sensitive data common in eDiscovery and investigations, the types of detection tools within eDiscovery platforms such as OpenText™ Axcelerate™, and what to look for in redaction capabilities will also be discussed.
The types of sensitive data in eDiscovery and investigations
There are three primary types of sensitive data that must be protected in eDiscovery, investigations, and compliance mandates:
1. Privileged data can exist as entire communications or portions of documents safeguarded under attorney-client privilege. Privileged data is typically text-based, varies by matter, and does not follow common strings or patterns. Failing to find and protect all privileged data can have disastrous consequences, including court sanctions, serving up the smoking gun to opposing counsel and a black eye with current and prospect clients.
Regular Expression engines and search filters are the primary tools to detect privileged data wherever it exists. Redaction is rarely applied because the objective is to safeguard privileged data by preventing it from leaving the private and secure environment where it already resides.
