E-Discovery for Dummies Outline - Chapter 14 - Records Management
VI. Strategizing for e-Discovery Success
14. Managing and Archiving Business Records
a. Electronic Records Management (ERM)
b. A business record is not every email, memo, or word processing file. It’s a document that records a business transaction or operation. Usually the law requires that it be retained for a period of about 7 years.
c. A good document management policy requires that business records be retained and personal electronic files be purged.
i. Reduces the volume that has to be searched through.
ii. Guards against spoliation.
iii. Reasonable policy is a defense if something is inadvertently destroyed.
d. Business records
ii. Financial reports
iii. Proprietary information
iv. Quality control documentation
v. Project management reports
vi. Human resource reports
e. Not business records to be saved:
i. Earlier drafts
f. Records Management Organizations
i. Association for Records Managers and Administrators (ARMA)
ii. Association for Information and Image Management (AIIM)
g. Defensible ERM Program
i. Collect the least amount of ESI that’s legally defensible while meeting regulatory obligations and the company’s operational needs.
ii. Discard Non-records
iii. Apply retention schedules to the business records which are to be retained.
iv. Dispose of records on schedule.
h. DoD 5015 Department of Defense records management standards
i. ERM software must get DoD 5015 certification to be used by government agencies.
ii. Financial documents are retained for seven years.
iii. Environmental and health records get lifetime storage.
i. Sarbanes-Oxley Act (2002) – public companies must implement automatic internal control over financial reporting.
j. Osterman Research (2007) LiveOffice Study
i. 63% of 400 IT managers had to produce email because of a legal action.
ii. 53% said they were not prepared to meet the amended FRCP
iii. 30% unaware of the FRCP requirements.
k. Kahn Consulting (2008) – survey of 400 companies
i. Less than 25% believe their employees understand the governance, risk management, and compliance (GRC); records and information management (RIM) and e-discovery duties.
ii. Only 15% understand the legal hold duties.
l. The cost of the production of 1 TB of data can be $18-19 million. If only 10% is excluded, $2M is saved.
m. Acceptable Use Policies (AUP)
n. Automated Detection System
i. Flag emails with too many recipients
ii. Huge data volume emailed to free email accounts.
iii. Confidential files to personal account.
o. Avoid Pocket Archives – emails archived by users on their own.
p. Use systems with tagging rules to insure retention rules are followed.
q. ERM Program
i. Inventory of the records created and used.
ii. Classify records.
iii. Different retention periods for different classes.
1. Business needs
2. Regulatory requirements
3. Legal documentation
iv. Prototype to test workability and judge user acceptance.
v. Document the policy in writing
vi. Train employees, monitor their compliance, and keep the policy updated.
r. See Sedona Conference Commentary on E-Mail Management
s. FRCP 34(b)(2)(E)(i) –
i. Show where documents are retained.
iii. Sources of information
iv. Emails produced in usual course of business – show compliance by
1. Arrange by custodian
2. Sort in chron order.
3. Include attachments
v. Non-email produced in usual course of business
1. Arrange by custodian
2. List location on network / hard drive