Zapproved’s Brad Harris on Fundamentals of a Good Evidentiary Preservation Plan

This article, written by Brad Harris, VP of Products, Zapproved, was originally published in the Appellate Advocate.


The duty to preserve evidence is well established; litigants must take reasonable steps to ensure information is not deleted or altered once the duty arises. The duty to preserve applies equally to both plaintiff and defendant, and is set forth in state and federal caselaw. Yet many organizations still lack an effective plan for dealing with these risks.

This article details the four elements of a good evidentiary preservation plan: recognize the trigger; define the scope; communicate the need to preserve; and release the hold. By having a plan, organizations can minimize cost through efficiency and mitigate risk.

Recognize the Trigger

The first element of an effective preservation plan is defining when a duty to preserve has attached. We all know that a duty to preserve arises when an organization reasonably anticipates litigation. But who makes the decision that a triggering event has occurred? How do they know a decision needs to be made? And what criterion is used to make the decision (remembering that a repeatable process, consistently applied is the goal to ensure defensibility).

Who makes the decision of when a trigger event has occurred? Typically, it is an attorney in the legal department, but that is an issue that an organization should map out, so that there is a process by which other organizational leaders can reasonably identify and follow. The events that give rise to a potential trigger often occur during the normal course of business. A disgruntled employee threatens to sue if their grievances go unaddressed. A business dealing goes south and a breach of contract anticipated. Or a competitor is considered to be infringing on the organization’s intellectual property (IP). In each case, it is often in the line of duty that a business manager is the individual who first becomes aware of the potential for future litigation, and must be trained to recognize and report this for final determination by the legal department.

It’s also important that the decision regarding whether an incident has risen to the level of “anticipated litigation” be understood and documented regardless of whether it is determined that a trigger event has occurred or not. In some cases, the decision can be clear—a lawsuit gets filed, or a major incident occurs that is sure to bring litigation. In other cases, it may not be so clear. For example, does an employee threatening to sue always rise to the level of a triggering event? What factors are considered in evaluating a given situation? And do you have precedent based on documenting your rationale for decision making previously that offers institutional knowledge regarding how certain situations fail to reasonably lead to litigation for the organization?

One rule of thumb for determining when a preservation duty has attached is when an attorney intends to seek “work product” protection, which by definition means that at that point, the possibility of litigation was at least anticipated.

Define the Scope

Once a duty to preserve has attached, the organization must next determine a reasonable scope for the preservation efforts. What information may be relevant to the anticipated litigation or discovery request? What information may be needed to defend a claim or issue, or support your allegations?

This step in the preservation plan should include defining who should be engaged in the scoping process. Is the legal department equipped to identify where potentially relevant information may be retained within the organization? Are there others within the organization—Information Technology (IT), Information Security, Human Resources (HR), Records Management, or others—that can assist? Many organizations create a standing “Discovery Response Team” to quickly pull in knowledgeable people who are experienced at helping translate the types of information the legal department is in need of preserving, with the myriad of potential data sources and insights regarding where they reside.

The organization may also invest in some type of “data mapping” that at a minimum helps capture institutional knowledge concerning where certain types of data exist, and who should be informed when preservation actions are required. Such data maps may simply be a record of where commonly sought information is stored, who has control over that data, and how data can be preserved when required. When a new preservation obligation arises, such knowledge can be invaluable to make efficient and repeatable decisions, while allowing the team to focus just on a small subset of new information types or sources.

Scoping a preservation obligation also involves identifying who needs to be informed of the need to take action— employees who have control over information on their computers and mobile devices, IT data stewards who have responsibility for maintaining company applications and data repositories, and third-party individuals in custody of relevant information.

Communicate the Need to Preserve

The third element of an effective preservation plan is determining how the organization will notify those who need to take action to preserve information, and what instructions will be afforded. First and foremost, the legal hold notification needs to be clearly understood by the recipient regarding what steps they should be taking to properly preserve information. Who sends the notice? Are templates used to improve consistency of the message for the recipient of the notice? Additionally, are custodians consistently surveyed for assistance with any other possible data sources or custodians? These additional steps help make the process clear, consistent, and repeatable.

Second, the notification process should ensure that the recipients received the notice, read and understood the actions expected, and agreed to comply. Just sending an email and hoping they “get it” is extremely hard to defend if called into question later. Rather, automated tracking of acknowledgements, following up on delinquent responses, and following up with custodians to ensure their understanding and compliance is becoming a common best practice. Such acknowledgements may also come into play as the hold notification evolves and changes over time (as most do).

Third, the notification process should recognize the ongoing nature of most preservation obligations. Relying on employees to preserve information in their possession or control is far more defensible when backed by routine and regular reminders. Automation of these notifications help legal counsel remain engaged in the process to ensure employees have the knowledge and abilities to respond appropriately.

Finally, the notification process should account for potential points of failure. When is information at greater risk of spoliation? Certainly the starting point would be data sources that have routine data purging taking place, such as automatic deletion of email messages after a certain number of days have passed. What about other records information initiatives or protocols? When relying on employees to protect information in their possession, it is critical to think about what happens if the employee leaves the company, transfers to a new department, or receives a new computer. Other common “points of failure” involve new applications or data repositories being adopted by the organization, and the inevitable migration of relevant information. IT may also have their own initiatives to upgrade equipment or modernize the infrastructure—all of which may have impact on ongoing preservation obligations.

Release the Hold

To avoid a common syndrome of “preserving information forever,” an effective preservation plan doesn’t end with preserving the data, but with releasing the hold and resuming normal operations. It is imperative that organizations also plan for the release, including: providing written notice to custodians, checking the pending holds for those affected custodians, and taking the opportunity to clarify with each custodian, which holds from which they’ve been released, and for which are still in effect.

Similar to recognizing the triggering event, the preservation plan should describe who makes the decision to release a hold, and under what circumstances? For example, if the duty to preserve were in response to “anticipated litigation” that never materializes, what triggers a review to consider releasing the hold once litigation is no longer reasonably expected? Corporations may consider establishing a process to determine when a legal hold expires by regularly reviewing all pending holds with a committee charged to determine which might no longer be required.

It is also important to consider the implications of releasing a hold and resuming “normal retention and disposition practices” within the organization, specifically in the context of any organization that relies on automated disposition of emails based on age. When a hold is in place, such automatic deletion is suspended and custodians may come to rely on their seemingly endless quota of email storage. When the hold is lifted, emails can suddenly disappear because they no longer comply with retention policies. Finally, corporations should reach out to third parties who may be storing preserved data such as a law firm or opposing counsel or other e-discovery vendor. The data should either be destroyed according to the terms of any agreement or case management order, or be returned to the corporation for destruction in accordance with written policy.

Going beyond the plan

Having an effective preservation plan is critical for efficient, timely, and defensible response to a preservation obligation. But to realize the benefits, the organization must put the plan into practice. Steps should be taken to communicate and reinforce expectations, especially senior management and IT. The plan should be periodically reviewed and updated as an organization’s litigation profile evolves, new players engage, and new data sources emerge.

The organization should also incorporate regular training on effective preservation response to help build a “culture of compliance” that will improve effectiveness and efficiency of how an organization executes their duty to preserve. Some questions to ask in the development of a preservation ready organization:

1. Are employees that may be subject to a legal hold educated about their obligations and trained on how to implement a hold?

2. Are HR and IT policies routinely updated to incorporate legal hold policies?

3. Do managers reinforce the importance of compliance, and are there consequences when the plan fails to generate the desired results?

By investing in the development of a good evidentiary preservation plan, corporations will limit risk and be better equipped to respond to litigation and regulatory inquiries.