Saturday, July 24, 2010

eDiscovery - Your Next Crisis?

Litigation has a long tradition in the US. Now, as firms and enterprises increasingly shift from paper to digital knowledge assets, that litigation trend is also moving into the digital arena. Ediscovery is a broad term applying to one of a series of responses to a "triggering event." That event starts begins an obligation to preserve and disclose data that may be due to a judicial order, or even the mere knowledge of a future legal proceeding that is likely to require preserving and finding relevant information stored in your electronic documents. In the Ediscovery world, these assets are now called Electronically Stored Information or ESI. Ediscovery is a relatively new concept. You could be excused if you are not familiar with the term. In the US, the Federal Rules of Civil Procedure or "FRCP" issued rule 26, and related rules, in December 2007. This update to the FRCP made all ESI "discoverable" just as non-electronic information, usually paper, is discoverable. ESI, eDiscovery, FRCP… these and related acronyms are enough to make your head swim. But keep your head above water and pay attention, because if you are not ready for eDiscovery, you could be in for some serious pain, both to your organization's bottom line and to its reputation.
In my view, eDiscovery is built on a series of tools and best practices that should be present in every enterprise and that everyone should proactively follow. Sadly, few actually are prepared, because these tools and practices are often seen as optional, a distraction from the main business activities. The tools I refer to are Enterprise Content Management (ECM), Records Management (RM) and Search. The best practices relate to the processes and procedures you follow to oversee all your ESI, records and non-records.
So how do you get started? Meet EDRM, the Electronic Discovery Reference Model, and its sibling, IMRM, the Information Management Reference Model. I told you this wouldn't be simple.

Reference Models

The EDRM group, responsible for both these reference models, is a consortium of vendors and other interested parties wanting to develop comprehensive guidelines, standards, and tools to reduce the incidence of eDiscovery nightmares, or provide ways to cope when they occur. The Electronic Discovery Reference Model (EDRM) provides guidelines, sets standards, and delivers resources to help those who purchase eDiscovery solutions and vendors who provide them,  improving the quality of the tools and reducing the costs associated with eDiscovery. IMRM, related to one part of EDRM, complements that model.


IMRM, shown below and courtesy of EDRM.NET, aims to "provide a common, practical, flexible framework to help organizations develop and implement effective and actionable information management programs. The IMRM Project, also part of the EDRM industry working group, aims to offer guidance to Legal, IT, Records Management, line-of-business leaders and other business stakeholders within organizations." This project within the EDRM group suggests ways to facilitate a common way among these different groups to discuss and make decisions on the organization's information needs.

Although this diagram has the ring of endless numbers of PowerPoint slides you've seen on a variety of topics, it re-iterates some basic, commonsensical ideas that all should adopt but most ignore. I won't go into details about this, but the general themes are obvious. These various different business units, often at odds and seldom understanding each other's language and values, must work together to manage ESI, whether records or not. The result could be that eDiscovery nightmare. Some key takeaways: Decide and oversee the ways your organization creates and saves information. Throw away what isn't needed, keep what you must – all within the corporate requirements for both records and other ESI. IT will benefit (less to back up, archive, and index for search); Legal will be happy you are reducing risk; Records Management will appreciate getting all the help with ESI it can get; and business profits will be shielded somewhat from the risks of bad information management practices.


Now what of the EDRM model itself? Again, this is not an easy concept but still critical to prepare for that inevitable crisis. To understand this model, courtesy EDRM (, read left to right and notice how the process sifts through huge volumes of ESI and aims to focus on the important, most relevant pieces. EDRM has eight ongoing projects to fill out the details of their goals to "establish guidelines, set standards, and delivering resources."

IMRM is related to the left-most process, "Information Management," but don't view it as a picture of Information Management itself. Instead, think of IMRM as a way of promoting cross-organizational dialog– always important, critical if that eDiscovery request comes a knocking.

So those two models give you the grand overview. In upcoming posts I'll look at some of the elements of these models in greater detail. I also spoke to several leading eDiscovery vendors recently. I'll also tell you their views and my impressions about . In my next few posts, I'll tell you their views and my impressions about vendor involvement with EDRM in general. Sure, each vendor has an element of self-interest. That's understood. Are these guys just out to make a buck on the "next big thing," or are they up to something truly useful , for eDiscovery and maybe more in this collaborative effort? 

In my next post I'll look at the first element of the EDRM model, Information Management. You'll see what vendors had to say, and I'll give you my assessment about whether their participation in this is just vendor smoke or indeed a way for you to get started preparing for that next crisis.