AccuImage, LLC - The AccuView

From My Perspective

Businesses Lag in E-Discovery

The (E-)Discovery of Your Records

ECM Solutions Aid E-Discovery Efforts

About AccuImage, LLC

Contact Us

How to Subscribe or Unsubscribe

by C. Roy Payne

Happy New Year! I hope you enjoyed a relaxing and fun-filled holiday season!

Are you prepared for e-discovery? If you were involved in litigation today, would you be able to pull up any record, document or e-mail immediately upon request? Would you call upon your well-planned records retention policies and the system that manages those policies?

If not, you're not alone, and this issue of The AccuView is for you.

There's no question that legal discovery is getting less forgiving when it comes to electronically stored information. The number of legal discovery requests has been increasing for years, and those businesses that are unprepared to quickly fulfill requests are being reprimanded through fines and negative press. Today, everything - all communications in all formats - is now fair game for legal e-discovery. This includes traditional records and documents (whether in paper or electronic form), as well as e-mails, voice mails, photos, etc.

The good news is that technologies exist today to help you be prepared for e-discovery requests. The better news is that even if you never get an e-discovery request (and consider yourself lucky to be among the few businesses that don't), the technologies you implement can benefit your organization in so many other ways - including increased employee productivity, improved customer service, more efficient document management and data storage, and much more.

Enjoy this issue of The AccuView, and call us if you would like to learn more. My team and I look forward to discussing your technology needs and the various solutions with you.

Best regards,

C. Roy Payne
roy.payne@accuimagellc.com

Just over a year after the institution of the revised Federal Rules of Civil Procedure, about two-thirds of U.S. businesses remain unprepared to meet strict federal court requirements for the discovery and handling of electronic evidence, according to a data storage researcher.

The new FRCP regulations, ordered by the U.S. Supreme Court in April 2006 and in effect since December of that year, mandate that businesses must be able to quickly produce such data - including e-mail, digital documents, images, and digital audio and video - when required by litigation in a federal court.

To that end, a relatively new IT sector built around efficient storage and access to legacy business data has been developing, but apparently the genre still has plenty of space to grow. At the one-year milestone, it appears that few potential customers are paying attention and that many are simply ignoring the rules, according to a recent survey.

"The survey reveals serious legal issues for organizations that are either ignoring the new federal mandates for compliance and e-discovery or are clearly not well-educated on how to meet the technical requirements," said IT researcher Michael Osterman of Osterman Research. Osterman Research conducted the survey of 111 companies in the fall of 2007.

"I don't think it's difficult to understand the [FRCP] rules or that business owners don't know about them," he told eWeek. "I just think it sometimes takes 'headline shock' to make people move on some things, especially when we're talking about potential liabilities. In other words, if it hasn't happened to them yet, it hasn't happened."

Osterman said it often takes bad news happening to another company before business owners get serious about their own potential litigation problems. "Let's face it: Unless some company gets hit by a $15 million judgment, it is difficult for an IT manager or a CIO to go to his board and say, 'We might be liable under the new laws for not keeping all our e-mails and word docs,'" he said.

Many companies are still unclear on the concept of e-discovery in general, Osterman said. "There really is no consensus yet on whether a company should keep all its e-mail and other docs, whether a company should keep a finite number of years' worth of data, or whether it should keep more than 30 days' worth of data," he said. "As long as a company can prove it has predictable methods of storing or not storing data, it can show the court it has some sort of policy in place."

The uncertainty is about the nature of the policies, which can be different for each company. Only 47 percent of companies have some kind of e-mail retention policy in place, Osterman said. If they are taken to court, these companies would likely be required to search backup tapes, desktop files and legacy systems to find information that was deleted in the absence of a good-faith retention policy, he said. Manual e-discovery searches can be costly.

In addition, companies lacking an e-discovery policy risk being sanctioned for the illegal destruction of evidence, including courtroom penalties that can cost a company an important legal case on process grounds, Osterman said.

[Source: eWeek, January 7, 2008]

A comprehensive records retention program ideally provides policies and procedures specifying the length of time that an organization's records must be retained. The program provides for the systematic destruction of records that have met all regulatory, legal and business requirements. Records, regardless of media, are destroyed on a scheduled basis, as specified in the organization's records retention schedule. However, in the real world, many organizations today still struggle with developing, implementing and enforcing such policies. Why is this?

Challenges in Creating Records Retention Policies

Over 18,000 Records Retention Laws. Organizations are faced with thousands of records retention laws (statutes and regulations) from the U.S. federal and state governments and international laws. Not all of these laws pertain to every organization, but knowing which ones apply to you is a complex and time-consuming process. Even the seasoned records management professional can find it very difficult to stay current with the ever-changing laws.

Proliferation of Electronic Records. Most records created today are either "born" in digital format or are converted to digital format. Digital or electronic records have fundamental differences from traditional paper records, in that special treatment is needed to preserve the integrity and accessibility of electronic records over time. For example, some records retention laws require organizations to retain records for 50 years, or even permanently. It is much easier to retain paper records for 50-plus years than it is for electronic records. Why is this? Well, paper will easily last hundreds of years if stored in climate-controlled conditions. Electronic records, though, are much more difficult to store long-term, primarily due to software and hardware obsolescence. Another issue with electronic records is deciding what electronic data actually constitutes a record. For example, database files, voice mails, PDA files, etc. are potentially discoverable records in court but are difficult to manage.

Cohasset Associates recently completed their 2007 Electronic Records Management Survey and asked the question: Does your organization have comprehensive records retention schedules which include electronic records? Only 60 percent of respondents stated their organizations have electronic records included in their records retention schedule. These results are disturbing due to the fact that 40 percent of organizations today are not properly managing their electronic records.

Adhering to Records Retention Policies. Unfortunately, today, most organizations are not properly adhering to their records retention policies. Again, according to the survey, only 14 percent of the respondents indicated that they always follow their retention policies, 50 percent generally followed their schedule, 16 percent indicated when time permits, and 20 percent did not regularly follow their records retention policies. Obviously, organizations that do not consistently follow their policies are not managing their records properly. Generally, courts are more likely to administer harsher penalties for those organizations that have records retention policies and do not follow them than to organizations that don't have retention policies at all.

The primary reason for these disappointing survey results point toward the lack of senior-level management support for the overall records management program. Without this support, the program has inadequate authority and commitment to become accepted throughout the organization. Another reason may be that the records management professionals who are responsible for carrying out the records retention policies lack the strong leadership skills needed to implement these policies across the enterprise.

Records Retention Policies are Too Complex. Many organizations have developed detailed records retention schedules with hundreds or even thousands of records categories. These categories, also known as records series, are defined in the ARMA Glossary as a group of related records filed/used together as a unit and evaluated as a unit for retention purposes. An example of a records series would be a personnel file consisting of an application, reference letters, benefit forms, etc. The records series form the basis of the records retention schedule and are associated with a retention period. The problem with a large number of records series is that most employees will not spend the time to wade through all this information to find a retention period. Thus, records that should be destroyed may be retained indefinitely, which is not consistent with the records retention policies.

Legal Discovery Plan and Record Hold Orders. A legal discovery plan is established by organizations to respond to a legal discovery request. This discovery plan should be part of your records retention policies. The record hold order is a component of the legal discovery plan and is subject to the discovery request. With our highly litigious society, it is imperative that organizations have these plans in effect. Unfortunately, only 56 percent of respondents stated that their organizations had a discovery plan in place. This, in effect, means that 44 percent are taking a huge risk if they become involved in litigation. Organizations that do not plan ahead for litigation can be sanctioned by the courts for failing to produce requested records.

Long-Term Digital Storage. Another challenge for organizations today is ensuring that their electronic records will be accurate, reliable and trustworthy many years after they are created. Electronic records that need or are required to be retained long-term face the problem of software and/or hardware obsolescence. Software and hardware are routinely replaced, which can directly affect the accuracy, reliability and trustworthiness of the electronic records being stored. Survey data indicated that 46 percent of respondents were not confident that their organizations' records will be accurate, reliable and trustworthy many years after they are created.

An Enterprise-Wide Approach

As mentioned in this article, many organizations today have serious shortfalls when it comes to developing, implementing and enforcing records retention policies. Senior management, records management, information technology, legal and compliance personnel all need to collaborate with one another to ensure that records retention policies are developed, implemented and enforced throughout the organization. All employees then need to be thoroughly and continually trained in carrying out their responsibilities in adhering to the records retention policies.

[Source: DOCUMENT, December 2007]

Many organizations find that implementing an enterprise content management (ECM) system is a viable and relatively painless method for achieving e-discovery compliance goals. ECM is defined as "the technologies, tools and methods used to capture, manage, store, preserve and deliver content across an enterprise," according to AIIM.

ECM systems aren't small investments, yet these systems historically deliver quick results by saving businesses time and money. Time savings come from streamlined information searching, retrieving, processing and management; cost savings come from significantly decreased storage space.

An ECM system should let you:

have a single-instance store, which gives you inherently greater control over access and usage rights;
manage pointers, rather than copies of documents;
ensure content security;
manage content regardless of format while designating which pieces are, for federal regulatory purposes, records; and
automatically associate an object or file with the correct category, according to your organization's taxonomy and business rules.

All content is not records, but all content is subject to e-discovery. Your final response to an inspector general report might be the record, but the versions, edits and metadata they generate are also discoverable. An ECM system should distinguish between the two.

However, ECM systems are certainly not the only option. Document management and records management systems are also viable options. Most ECM solutions, however, offer these capabilities built in or as part of a more complete ECM offering, providing additional capabilities such as workflow. And most document and records management offerings do not manage unstructured data - such as voice mail messages and other data that may be demanded in an e-discovery situation.

ECM products also have all their functionality contained within the same code base. An ECM offering can serve as the architecture by which to implement and govern content management policies such that responding to an e-discovery inquiry can yield a quick and complete response.

On the technology side, an ECM solution can significantly ease your transition to an e-discovery-ready business. That said, an ECM system in and of itself won't make you an agile organization, nor will it alone mean you are home free on e-discovery. Those both start with careful policy planning. But because so much content is subject to discovery, policies, as a practical matter, require an ECM solution to bring them to life.

[Source: Government Technology, July 9, 2007]

AccuImage, LLC is a systems integrator that empowers their customers with solutions designed to gain the maximum value from their information at every point in the information lifecycle. Founded in 1996 and headquartered in Nashville, Tennessee, AccuImage specializes in the design, installation and support of document and content management systems, forms processing solutions, and electronic workflow systems. The company offers hardware and software from leading companies - AnyDoc Software, Böwe Bell+Howell, Canon, Captaris, Captovation, EMC Documentum, Fujitsu, Hewlett-Packard, IBM, Kodak, Kofax, Panasonic, Plasmon and Verity - as well as consulting, document conversion and professional services.