Paving the Way to Efficiency: 5 Steps to
Proactive Records Management
Getting ahead of the risks, costs and burden of eDiscovery can be accomplished with a company-wide electronic
records retention program, along with an email management strategy. While this approach can be tough for records
managers and legal counsel to sell internally in the face of
reactive demands and current constraints on capital expenditures, it can reduce risk and negative brand impact, as
well as save time and money. It is far better to manage
records and information proactively than in response to
compliance breaches or litigation. To bring this to life takes
five steps:
Step 1: Form an interdisciplinary team that includes Legal, IT
and Records Management. This team defines improvements
to the records management and eDiscovery processes, and
searches out appropriate services and technology. Addi-
tional team members may come from Compliance, Human
Resources or other operational areas typically involved in
litigation or regulatory investigations. The team may also
include outside counsel and eDiscovery vendors and con-
sultants. Appoint one person as records manager. He or she
will have actionable oversight over the ongoing eDiscovery
program. The team’s primary responsibilities include:
>;Identifying the types and formats of records that are
frequently requested (email, back office documents,
database records).
>;Identifying primary applications or systems (backup
files stored online or on tape, enterprise content
management, email servers, disk-based archives).
>;Determining how to connect the records retention
schedule to the electronically stored information.
>;Building parameters for the company’s rapid
response collection and review processes.
Step 2: Deploy the technology for searching records in the
collection phase. Some eDiscovery products migrate frequently searched data types and systems to searchable
archives, while others index data on the network for subsequent search and collection. In either case, establish a
secure repository for collected and preserved data. Be especially careful to purchase a product that can automatically
search backup tape as well as online records.
Step 3: Apply retention policies to electronically stored
records. Sometimes companies must make difficult choices
around whether to delete records or preserve them. Cer-
tainly with a reasonable expectation of a lawsuit you must
preserve potentially relevant information. In any case,
establish a compliant records retention program and faith-
fully destroy data that falls out of the retention period, and
that is not involved in a lawsuit or a reasonable expectation
of one. By documenting and legally and consistently applying
corporate retention policies to email and other electronic
records, you can greatly lower risk during future litigation
and investigations.
Step 4: Automate the retention process for new electronically stored information. First, it’s critical to institute a formal email policy and communicate it to employees. Products
are available that use built-in policies to identify records
according to preset parameters. These products classify
records and assign retention rules. They may also prompt or
carry out actions to destroy records when eligible. Strongly
consider using this type of product or service to automate
information management and movement schedules company-wide. For example, Iron Mountain’s enterprise email
management service collects emails and their attachments
and archives them in a searchable, Web-based repository.
Step 5: Document all the above steps. Formalize and
document the eDiscovery workflow; the eDiscovery team
members and their contact information; the hardware and
software products used for eDiscovery; and the policies
that track and automate the process.
Once the initial work of corporate-wide records management is done, subsequent business processes will fall
into place. You will be able to:
>;Understand and define the scope of data requirements.
>;Locate the storage that holds potential data and
identify the resources you need to access and make
useful that information.
>;Identify and preserve discovered data.
>;Organize data for efficient review.
>;Preserve chain of custody throughout the post-collection workflow.
Conclusion
What does it take to change an expensive, outdated eDiscovery process? It takes understanding that foundational
work like records management is crucial to successful
eDiscovery. It also takes interdisciplinary teams of IT,
Legal and Records Information Management working
together to build that strong foundation.
Iron Mountain is a leader in this vital process. They are
building on their deep information management expertise
to serve their huge customer base. More than 90 percent
of Fortune 1000 companies and thousands of small- and
medium-sized businesses already trust Iron Mountain
to store, protect and manage their critical data. When it
comes to enterprise-wide records and information management for eDiscovery, as well as storage management
and compliance, Iron Mountain is uniquely qualified to
partner with your company. ▲
CHRISTINE TAYLOR is an analyst with Taneja Group
( www.tanejagroup.com).
