Notwithstanding containment efforts, the coronavirus has spread worldwide. According to a recent McKinsey & Co. report, the U.S. economy could be in a state of recovery until as late as 2023. The hardest-hit sectors – commercial aerospace, air & travel, and oil & gas – might not even restart until sometime in 2021.
The COVID-19 pandemic is having a massive impact on a wide range of industries, including the eDiscovery space. However, despite the global crisis, litigation has not stopped and the eDiscovery process continues. Data is being collected, preserved, reviewed, and produced, hopefully in a cost-effective manner and fully-defensible manner.
Pandemic-Proofing Your eDiscovery Defensibility
Covid-19 has vast potential to expose flaws in the eDiscovery workflow, making the need for a defensible process more critical than ever. Here are some ways to strengthen your procedure:
- Collect data defensibly. Data collection from a custodian’s laptop may not be possible with social distancing guidelines unless remote enterprise-level forensic technology is available. Work with your outside and in-house counsel to formulate and document a plan ranking critical custodians’ availability. Then prioritize available network sources like file shares and email servers while deprioritizing physical media until collection is deemed safe for both collectors and collectees. The active data collection approach will vary from data source to data source, so work with your outside counsel and collection specialist on the best practices for a data source type. If your organization uses Microsoft O365, it might be time to develop a plan and approach for using the eDiscovery & Legal Hold modules in the Security and Compliance Center to streamline and document your collection efforts from Microsoft systems.
- Document your chain of custody. As the data transitions from its original source (e.g., Exchange, file shares, SharePoint, etc.) to the collection destination such as a data landing zone, maintaining step-by-step documentation in the chain of custody will be critical. Using hash values to track the data packages in your collection process is the best practice for authenticating your data downstream. Whether your organization is using basic spreadsheets or leveraging automated workflow technologies, identifying the individuals on the team who will be responsible and accountable for managing your data and paper trail is vital.
- Review provider reports. In the face of the pandemic, eDiscovery processing and hosting providers are being pushed to the brink in the management of their businesses, possibly putting significant pressure on their pre-COVID best practices and workflows. As a best practice, work closely with your eDiscovery providers to verify their chain-of-custody documentation, exception reports, and other standard reports that track data and physical media through the entire workflow. Then take the time to review the materials with your provider’s project manager to ensure full documentation.
Defensibility is the foundation of any eDiscovery workflow. Your organization needs to go the extra mile during this crisis to ensure that nothing falls through the cracks.
Do you have further recommendations regarding enhancing eDiscovery defensibility in a crisis? Tell us about them in the comments!
Jason is the founder and lead advisor for the eDiscovery Advisory practice providing valuable and insightful guidance to eDiscovery and Information Governance challenges.
He has direct in-house experience with a global financial institution and a financial regulator developing solutions around eDiscovery workflows, legal hold, legacy data, and matter management systems.
He has conducted more than 350 computer forensic examinations for civil litigators and has provided expert witness services related to electronic evidence topics and data preservation issues.
Jason has also conducted more than 700 CLE courses on topics such as eDiscovery, document retention, preservation archiving, collection methodologies, email archiving and compliance, effective communication with IT, and the technical aspects of electronic evidence.
Jason is currently certified as a Certified eDiscovery Specialist (ACEDS), Information Governance Professional (ARMA), AWS Cloud Practitioner (Amazon), & O365 MS-900 (Microsoft).