Even before your organization faces civil litigation or a criminal investigation, it’s essential to have a records retention policy in place and an understanding of how to perform electronic discovery (eDiscovery) to remain in compliance with legal expectations. During the eDiscovery process, your organization will identify, collect, and exchange electronic evidence during an investigation or legal case. Some common pieces of electronic evidence involved in eDiscovery processes include emails, social media posts, calendars, cell phone data, instant messages, and software.
Since non-compliance with eDiscovery regulations can result in significant legal and financial penalties, organizations must know how to properly collect, preserve, and prepare their data during eDiscovery.
4 Tips to Collect, Preserve, and Prepare Data for eDiscovery
Whether your company is currently facing litigation or simply wants to be prepared for potential litigation, it’s essential your team knows how to correctly preserve, collect, and prepare data for eDiscovery. As you prepare for eDiscovery, review some of the main best practices for eDiscovery below:
1. Properly Preserve Any Data Related to a Litigation Hold
If your organization’s data is involved in a legal hold, custodians at your company who are responsible for this electronically stored information (ESI) will need to preserve it for a set period of time. Until the legal hold specifies the data is no longer needed, you must preserve the data to comply with the law. Keep in mind that court orders, adjustments to a government investigation’s scope, party agreements, and changes in technology may cause the legal hold’s terms to change.
When your data is placed under a legal hold, your IT team must be informed that they should not destroy any applicable ESI or paper documents. If your systems are set up to automatically delete types of data involved in the legal hold, the automatic deletion process should be suspended. Additionally, copies of the data should be stored in secure, centralized locations, such as an endpoint backup solution provider’s cloud.
You’ll also want to keep a record of communications to those responsible for preserving the data and a master list with the preserved data. If you don’t already have a data map, it’s best practice to create one. A comprehensive data map will include information about the type, location, and owner of relevant ESI in your organization. Doing so will allow your team to collect applicable data faster and ensure the owners of ESI included in the eDiscovery process know the data should be preserved and not deleted.
2. Collect the Data in a Transparent Manner
After you’ve mapped the data and ensured it will be properly preserved, you’ll need to collect it before you send it to any relevant parties. Since ESI and other related metadata need to be efficient, targeted, justified, and proportionate, you’ll need to document the entire collection process to protect yourself from claims you’re cutting corners or not properly collecting data.
As a result, part of the collection process should involve applying hashing to original or copied data. This hashing helps validate the data’s integrity, allowing people to check that copied and original data match through the data’s identifiers. Comparing hash values can also help you determine if you need to collect additional information due to results that show incomplete, incorrect, or missing data.
3. Prepare the Data and Securely Deliver It to the Requestor
Near the end of the eDiscovery process, you’ll need to prepare the data you’ve preserved and collected so it can be delivered to the requestor. After investigators believe the review dataset for the case is complete, you’ll have to decide how to prepare the data in the dataset for a requestor. For example, you can prepare the data in their native format or an image format. You may also prefer to extract text from the original format or print the documents for the requestor.
Typically, native format types aren’t recommended if you need to redact data, as this format doesn’t allow it. However, image formats do allow you to redact information and emboss Bates numbers on the image. Typically, PDF or TIFF files are used for image formatting, as these file types are easily openable on any system. Unless you need to print or extract text for a specific reason, an image-formatted file tends to work best for most organizations and the requestor.
Once you’ve formatted the data, you’ll need to securely deliver it to the requestor. Since data can be compromised during the delivery process and result in complications, it’s best to transfer the files using a physical or cloud-based data carrier. If you go with a cloud-based service, check that they encrypt your data in transit and at rest to ensure it isn’t compromised during the transfer process.
4. Select an Endpoint Backup Provider With eDiscovery Tools to Prevent Lost Data
During eDiscovery, accidentally deleting or losing data can result in serious penalties that organizations will want to avoid. While the above steps can ensure you’re properly collecting, preserving, and storing your data, mistakes or disasters can result in the permanent loss of data stored on your organization’s endpoints. For example, hard drives can fail, and computer users can accidentally delete files.
As an organization, one of the best ways you can prepare for eDiscovery and ensure your data is safely stored is with an endpoint backup solution featuring eDiscovery tools. These backup solutions copy data from your company’s endpoints and then securely transfer the copy to their servers. If you lose the data on your endpoints, these solutions ensure you can download a copy and comply with legal holds.
While choosing an endpoint backup provider, ensure they include continuous protection, custodian invisible backup, file metadata preservation, version retention, and chain-of-custody validation. These features help avoid compliance issues that could cause fines and sanctions. The solution should also have easy eDiscovery integration to streamline the process. A solution with integration documentation and open API will simplify accessing preserved data from your eDiscovery platform.
Endpoint Backup Solutions Featuring eDiscovery Software
At CrashPlan, our endpoint backup solutions feature eDiscovery tools to make the eDiscovery process as easy as possible for our users. As part of our legal hold features, our backup and eDiscovery software runs on our open API to make integrating it with your eDiscovery platform easy. We also help organizations optimize their workflow by including data access, custodian management, and legal matter and preservation policy creation features in our legal hold interface. With our endpoint backup solutions, you can safely centralize all your backup data in one location and access it easily during eDiscovery.
Learn more about our legal hold and eDiscovery solutions today. If you want to see how CrashPlan can streamline eDiscovery and protect your data, please sign up for a free trial of CrashPlan Enterprise.