KMWorld recently hosted a roundtable discussion to explore the relationship between e-mail management and e-discovery. Led by KMWorld’s senior writer Judith Lamont, participants included Dean Gonsowski, VP of e-discovery services with Clearwell Systems; Kevin Joerling, a certified records manager who serves as senior manager, standards and records management, with ARMA International; and Whitney Tidmarsh, chief marketing officer in EMC’s content management and archiving division.
Q Lamont: E-mail management and e-discovery are both challenging tasks in their own right. How should e-mail be managed so that e-discovery can be carried out most effectively when the situation arises?
A Joerling: E-mail really should be managed just like any other type of record. A lot of organizations make some big mistakes with e-mail because they are not sure how to handle it. Some take the approach of saving everything forever, which is expensive and cumbersome. Others go for the short-term solution, deleting all e-mail messages after 60 or 90 days, which can be risky in the face of investigation or litigation. The third option is to manage e-mail proactively. The e-mail messages come in, and the ones that are records are moved out of the e-mail system to a records management system. A retention schedule is placed around them, and they are deleted according to that schedule. E-mail messages that are not considered records can be deleted more quickly.
Q Lamont: Are special problems associated with e-mail as opposed to other records?
A Joerling: The volume is a big problem. Everyone is inundated with e-mail. Also, sometimes it is not clear whether a particular e-mail should be classified as a record. With other content such as reports or financial records, it may be more evident.
A Tidmarsh: Also, many e-mail messages are sent to multiple recipients, making the volume issues even greater. Ideally, a records management solution should de-duplicate these messages so there is just one copy of the e-mail and its associated attachments. This saves on storage costs and makes the information more manageable.
Q Lamont: What steps are required to set up policies?
A Tidmarsh: The first step is to define the rules that identify the documents that need to be managed as records, and set up an appropriate retention schedule. The organization should think ahead about what is pertinent—is it particular individuals, key words, departments or a class of users that make a document important to keep as a record? Any of these, or a combination of them, can be a part of policies.
A Joerling: Industries that are highly regulated generally are aware that they need to have policies in place, and they know they have to do a good job of it. Sometimes we see the less regulated organizations having a much harder time with records management because they are less accustomed culturally to the process of regulation. But all organizations should have something in place.
Q Lamont: How can technology help with the implementation of policies?
A Tidmarsh: Once the retention policy is articulated, a records management system can help by providing a visual way to define and apply those policies. For example, developers can choose from a drop-down list of options to incorporate policies into a system. After deployment, the system will automatically determine whether a certain document is a record and store it with the associated retention policy. Compliance with certain requirements such as the Department of Defense 5015.2 Certification can be built into a records management system.
A Joerling: Technology is an important enabler, but training is critical too. Employees need to know that they are an integral part of the process and that they are responsible for records management. They also need to be able to decide the right category for a particular document, so they need guidance.
Q Lamont: What should be done differently when an organization goes into e-discovery mode?
A Gonsowski: Once you are on notice that litigation is reasonably likely, even if the litigation has not been filed, you have a duty to start preserving information and shutting down any systems that are in place that would be preparing to delete information pursuant to the records schedule. You need to put a legal hold on all the categories of information that might be relevant to the potential litigation or investigation. The failure to do that can result in significant spoliation sanctions, all the way from fines to default judgments.
Q Lamont: How would this "hold" notice be conveyed?
A Gonsowski: The legal department would let the records management side of the house know that the usual policies should be suspended for documents related to a pending case. Historically, the legal and IT departments have not worked closely together in most organizations. Since IT is so closely involved with both managing records and with making changes to the systems for e-discovery, it’s important to overcome those barriers. IT may end up meeting with the opposing council or even testifying about the e-discovery process, so it’s critical for the legal and IT departments to coordinate closely. In any case, putting a legal hold on documents is a critical first step.
A Tidmarsh: This is another area where content management systems can be of great assistance. First, the rules can push information to those who need to see it. In addition, content management systems are able to implement "read and understood" tracking. This step documents that an individual has seen the communication relating to the legal hold, and provides an audit trail to show compliance.
Q Lamont: How do organizations identify documents potentially related to the case?
A Tidmarsh: First you want to take a wide view of the universe of possible information. EMC’s search technology, which includes a number of different search engines, will search not only the Documentum content management and records management systems, but also "files in the wild" that are either unmanaged or stored in other systems. Once all the potentially relevant information is found and classified, appropriate rules and policies can be applied to that portion of information that relates to a case.
A Gonsowski: The search phase of the e-discovery process is not always well understood, because it represents a different approach from the one found in everyday business operations. Normally, search is used to find the most relevant information to answer a question or find a document of interest. In e-discovery, you need to find everything. Often you need to "show your work," meaning the actual structure of the queries. Recent cases such as Victor Stanley Inc. vs. Creative Pipe Inc. have indicated that the courts may require proof that the search was "reasonable." The search should include any enterprise data system, not just the records management system.
Q Lamont: How do the parties agree on what those queries will be?
A Gonsowski: This process is one of the biggest changes resulting from the Federal Rules of Civil Procedure enacted in December 2006. The two parties are required to sit down at "meet and confer" sessions very early on in the litigation process. In the past, the defendant would use their own search terms and then hand over the results. In order to make the search process transparent, the two parties now have to agree on the search process, including metadata, timelines, date ranges, custodians, forms of production and other parameters.
Q Lamont: Are the queries refined over time?
A Gonsowski: Yes. E-discovery is an iterative process. For example, privileged information can be removed from the information gathered during the broad sweep. Trade secret information can be excluded, and other material may be excluded if it’s not relevant. But throughout this phase, the process needs to be defensible and auditable. The end game from the producing party’s viewpoint is to minimize the amount of information that needs to be reviewed by their attorneys, because that’s an expensive process.
Q Lamont: What if a potentially relevant document has been deleted?
A Joerling: This is where the importance of a stated policy comes into play. As long as you are destroying things in the normal course of business and you did not have a reasonable expectation of litigation, the courts have generally considered deletion to be appropriate. This type of ruling applies both to items deleted as part of a retention schedule, and items deleted because they would not have been considered records in the first place.
A Gonsowski: I agree, but there are some ambiguous areas. For example, a particular e-mail might not have been considered a "record" when it was generated, but in the context of e-discovery, it might be important in proving that two individuals had contact at a certain point in time. E-discovery is very oriented toward timelines, and e-mail messages represent data points along that line. Or, if legislation is pending and a particular individual is key to the case, a hold might need to be placed on all messages sent or received by that individual. But in general, the judge is going to be looking for reasonableness rather than perfection. If you have a good policy, and you can prove you did your best to adhere to that policy, it’s a much better situation than if you don’t have an audit trail to show you took reasonable steps to adhere to the policy.
Q Lamont: Do you see a change in how organizations are viewing e-discovery?
A Gonsowski: Yes, there has been big change, over about the past five to 10 years. Instead of treating e-discovery like a one-time fire drill, organizations are coming to the awareness that it is yet another core business process. There is now an awareness that the traditional aspects of people, process and technology apply to e-discovery just like they apply to enterprise resource planning or other business processes. So, e-discovery is being integrated into the enterprise in a much more proactive way, especially in organizations where litigation is relatively common
The organizations
Clearwell Systems provides the Clearwell E-Discovery Platform, an e-discovery processing, analysis and review product that helps enterprises respond to legal, regulatory and investigative matters. The company partners with EMC to offer that product as part of EMC’s Compliance and eDiscovery solutions
ARMA International is a not-for-profit professional association that addresses issues related to management of records and information
EMC provides hardware and software solutions for managing information infrastructures. The EMC Documentum product family helps companies manage all types of content for records management and retention.