The Ultimate Ediscovery Guide: A Six-Step Approach to Moving Ediscovery In House, Part 2
STEP 5 – Choose for Your Needs
It’s not enough to know what an “ideal” ediscovery process looks like; you need to map out a specific approach that will work for the type and amount of litigation your business deals with and for the forms and volume of data you generate.
Too often, businesses that have grown frustrated with their problematic ediscovery processes hear about the latest and greatest technology or tool and adopt it without first evaluating how well it fits their needs. Jerry-rigging your process to work within a preexisting tool doesn’t produce optimal results.
Instead, work with your stakeholder team to decide where your greatest pain points are and how you can use technology to solve those problems. A hybrid or partial in-house method works well for most small to mid-sized or even moderately large corporations. You might decide to handle the left-hand stages of the ediscovery pipeline — identification, preservation and collection — in house, while continuing to send the more expensive and complex processing and review stages to outside counsel. Consider establishing at least some ability to complete early case assessment and analysis in house so you can target your efforts and refine your approach as cases proceed.
Bear in mind that the early stages create the greatest risks, particularly the risk of spoliation of evidence, and that errors in these early processes aren’t typically correctable. Handling these stages in house allows you to control those risks and ensures that the people with the most knowledge about your data — your business’s employees — are involved with identifying and collecting it.
Note that this is not the only way to divide ediscovery. Some businesses choose to handle smaller matters entirely in house while using outside counsel for large matters. You may also find it advantageous to keep ediscovery for particular types of litigation — contract disputes, for example — in house, while sending trickier cases like intellectual property disputes to a law firm.
Considering your assessment of your litigation needs and the data audit you completed earlier, walk through the stages of ediscovery that you plan to migrate in house and determine exactly how you can best complete each. Remember that you want to create a repeatable, transparent process that can be used regardless of the facts of a specific matter. Consistency is defensibility, so set yourself up with a defined process.
Examples of Specialized Ediscovery Roles
- Data Control Officer or Data Analyst: May be responsible for data mapping, metadata processing and similar tasks
- Compliance Manager: Ensures organizational compliance with all applicable laws and regulations
- Ediscovery Project Manager: Monitors and ensures compliance across the organization with the entire ediscovery process for individual cases or the full caseload
- Data Collections Lead: Responsible for collecting data of any type from any repository or application
- Litigation Support Professional or Specialist: Combines paralegal skills with specialized knowledge in information technology and information governance to assist with all stages of ediscovery
Are there additional staff that you need to bring on board to manage your new ediscovery practices? You may already have a dedicated data control officer or an ediscovery project manager — but if you don’t, do you need someone to fill one or more specific ediscovery-related roles? With the increased volume of data created today and the complexity of that data, many organizations are finding that they need more than legal expertise in ediscovery — they need people with data and computer science backgrounds.
Additionally, give some thought to how your organization will comply with the European Union’s General Data Protection Regulation (GDPR) when it goes into effect in May 2018. Do you already have a Data Protection Officer (DPO) or a Chief Information Security Officer? If not, are you hiring for those positions or assigning an existing employee to fill that role? Any cross-border discovery exchanges that you engage in could raise significant data privacy concerns if they involve EU residents, so having a competent DPO who is up to date on your ediscovery processes and needs is a necessity for global businesses.
Turning from people to tools, give some thought to how technology can help you improve your ediscovery approach, especially if you’re upgrading from manual processes. For example, could you draft legal hold notice templates and custodian groups for different types of litigation in advance so you can respond more quickly to the threat of litigation? Would automatic hold reminders help your custodians keep better track of pending matters to ensure compliance with their duty to preserve evidence? Do you juggle enough litigation that audits and reports about pending matters and their associated holds would help you stay on track?
With the groundwork done, it’s time to go out and find the ediscovery tools that meet your needs. Dozens of ediscovery software platforms and packages are available today. Which one bests suits your unique needs and will fit in well with your new ediscovery process?
Before you start looking at individual options, consider transitioning to a cloud-based approach. Cloud-based systems don’t require costly hardware — a server alone can set you back tens of thousands of dollars — and don’t require maintenance. Upgrades occur continuously without disrupting your service and storage is flexible, allowing you to right-size your capacity. Plus, today’s cloud-based software systems have excellent security measures built in, and they aren’t subject to local power failures or natural disasters. While on-site software options are still available, they’re not the best approach for most businesses today.
To familiarize yourself with your potential options, start with a software research tool like Capterra. You can also check out G2 Crowd for customer reviews — but don’t stop there. Talk with real people within your industry to find out how they’re handling ediscovery. Are they happy with their software? Have they encountered hidden costs or unanticipated problems? What would they do differently if they were starting over? Word-of-mouth referrals tend to provide better, more unbiased information than any web resource. You might also consider attending a legal technology conference and spending some time in the vendor hall. And make sure your IT department is involved with software selection from the start; they’ll think of questions and issues that hadn’t occurred to you.
As you’re evaluating your options and narrowing the universe down to your two or three top choices, pay attention to the following considerations.
- How usable and useful is this product? Does it seem intuitive? Bells and whistles are fun, but products that no one can remember how to use won’t meet your needs. Straightforward and functional will probably serve you better in your day-to-day operations.
- How does this product stay current? Are the developers responsive to user feedback? How does it incorporate changes in technology? How flexible and scalable is it?
- How can this product help protect the chain of custody for ESI?
- How intrusive are data collections with this product?
- How well does this product’s output integrate with later stages of ediscovery? Will it produce results that you can export directly to a processing or review tool?
- How much training will it take to get your organization up to speed with this product? How much ongoing training will be required? Is training free, or is it an additional cost? Is training done on-site, or will staff have to travel to another location?
- What type of customer support is available, and how prompt and helpful is it?
- How does this product protect your data both at rest and in transit? What security measures does it use?
- What audit trails or reports does this product create? How easy are they to use and to understand?
Once you’ve identified a short list of suitable options, set up a proof of concept test. This testing period should be done without the vendor in the room; if you can’t use the software while you’re testing it, you’ll probably struggle to use it after you buy it. Also ask for references from similarly situated businesses and get their honest assessment of both the software and the customer support. Don’t believe everything a vendor tells you; look for an unbiased opinion from someone who’s been using the system for a while. And while you’re running tests, ask your IT department to help you conduct a security audit.
Finally, it’s time to be honest about your budget and the costs associated with your top options. Assess the total cost of ownership for each product, both annually and over time. Are there hidden costs? Is any aspect of pricing volume-based? Consider subscription and licensing fees, maintenance, updates, any hardware costs, storage costs, installation, staffing requirements and training costs. Remember that the price of software is rarely, if ever, the true cost.
Compare your calculated costs with the return you expect to receive on your investment. If you can have confidence in your legal holds and eliminate 95% of the data that must be reviewed, you will save at least 95% of the downstream costs — which could repay your software expenses quickly.
Once you’ve chosen the platform or service that you expect will work best with your specific business needs and negotiated the purchase, it’s time to fill out your team and arrange for training.
Consistent In-House Ediscovery Is an “Epic Game Changer”
Ryan Zilm, the Manager of Records & Information Governance at Andeavor Corporation, is fired up about bringing ediscovery in house.
Andeavor previously used a hodgepodge of four different systems, including Excel spreadsheets and legacy software, to manage its ediscovery. But that approach wasn’t producing consistent results.
“If it’s not consistent, it’s not defensible,” Zilm explained.
Zilm had previously experienced a common mistake: buying a tool and allowing it to dictate the company’s practice. This time, he started by assembling the key stakeholders and working through a Kaizen approach to determine what ediscovery process would work best for the company.
Andeavor knew it wanted a cloud-based solution. As Zilm explained, “We’re not an IT organization. We’re experts in oil and gas energy and refining. Our focus isn’t on data encryption, so we leave data security up to specialists.”
Just a few weeks after adopting Zapproved’s ZDiscovery Suite, Andeavor was already reaping the rewards.
“It’s been an epic game changer,” Zilm said. “We’ve seen a tremendous increase in what we can produce and how much data we can cull before sending it out for review.” In fact, Zilm estimated that in Andeavor’s most recent matter, its in-house platform had been able to reduce its initial data production by 95%. Identifying the key 5% of ESI for review instead of sending a “data dump” enabled Andeavor to save an amazing 95% on hosting and attorney review.
Zilm concluded, “Change is hard, but don’t be afraid to shake the tree. You need to be willing to change to support where you’re headed as an organization over the next three to five years.”
STEP 6 – Implement and Actualize
Do you already have everyone you need to handle the additional workload of in-house ediscovery? This depends largely on the volume of litigation you handle and on the amount of time your staff have historically spent dealing with ediscovery. If you’ve been struggling with clunky manual legal hold notices and hodgepodge data collection, your legal team may find that an upgraded, automated ediscovery system saves time, obviating the need to hire anyone.
Regardless of whether you need to expand your team, you need at least one dedicated full-time employee who is responsible for managing your business’s ediscovery response. A competent, trained ediscovery professional will help everything run more smoothly, monitoring compliance and minimizing the risks you encounter.
Arrange to have your current staff and any new hires trained on your new ediscovery platform. You’ll probably need to plan for both initial onboarding and continuing periodic training as the software itself evolves and adds new functionality.
Of course, your discovery obligations aren’t suspended during the transition to a new system. Give some thought to when you can make the changeover with as little disruption as possible. Do you have a quiet season (or at least a less busy season) when your employees will have time to get up to speed on a new process? If there’s an upcoming lull in your business, that might serve as a natural transition point when a new platform could be introduced relatively painlessly. Change is hard, even when it’s welcome change, so it’s wise to plan for disruption. That said, we’ve also seen businesses adopt a new system and find that it is so much more reliable and easier to use that the time savings and increased confidence outweigh the temporary discomfort of adjusting.
Is it high time for you to move some or all of your ediscovery process in house or to upgrade your old system? If your current approach isn’t producing consistent, reliable, auditable results, if you’re losing sleep worrying about unnecessary risks or if you’re just tired of paying outside counsel too much to handle your ediscovery, there are better options. By assessing your current situation, garnering stakeholder buy-in, defining an ideal ediscovery process, evaluating available options and training your team, you can bring your ediscovery in house — starting today.