Strategies for a more Integrated Approach to Litigation Management
Increasingly, executives and corporate boards are realizing that their litigation “readiness” may be putting their organization at undue risk. Despite investing billions of dollar in processes and technology to locate, retrieve and produce required documents that are electronically generated and stored, only one in five companies characterized themselves as “well prepared” and felt confident in their ability to manage the risks associated with legal discovery. Of those with a Records Information Management (RIM) policy in place, confidence wasn’t high, with some 40% of companies surveyed indicating they failed to stringently enforce their own policies.
Widely considered to be the most costly and time intensive aspect of the litigation process, discovery is not something to be done piecemeal or in damage control mode. The risks are simply too high—and are escalating with recent court decisions. Yet, for too long, executives (and boards) have been willing to “roll the dice” as they have failed to make an integrated, pro-active approach to litigation management a priority.
A holistic or integrated approach to managing litigation challenges is as basic to an organization as a crisis management plan or a risk management plan. Yet, for too long, litigation management has been left out of the business process improvement push.
Parallel Processes
Litigation management is a process, not an endpoint. It needs to be viewed in the same way companies view their manufacturing processes, hiring or R&D processes, their risk management or crisis management processes. Like other processes that are so fundamental to a business’ operation, litigation management cannot (and should not) be isolated within the company’s legal department. The e-discovery process is pervasive—as it includes virtually any (and every) document or data set produced by employees in every division and department of the company.
The cornerstone of preparedness is thoughtful planning and training of key personnel backed by the right systems, including processes and technology to ensure efficiencies and streamlined communications. To be effective these elements must be coupled with regular review and updates to ensure the processes and policies in place remain relevant. With today’s rapid technology advances, keeping generation, retention and storage procedures for electronic documents current can be daunting.
As with crisis management, investments of time and resources must be made to audit, plan and map out processes. Many find this upfront investment in planning is directly proportional to the level of risk or exposure the company potentially faces. Minimizing business interruptions and potential damage to the company’s reputation are byproducts of successfully run processes. At the same time, having a robust readiness process positively impacts a company’s ability to expedite early case assessment—to determine which cases merit time and resources, which cases pose the greatest potential risk or liability.
Litigation readiness requires disciplined planning, thinking and a commitment to refresh policies and procedures to ensure changes in document generation, storage and management are always factored in. Without that careful pre-planning, the organization’s e-discovery procedures will not be defensible in court, exposing the company to added risks, sanctions, fines and potential obstruction of justice charges.
The amended Federal Rules of Civil Procedure (FRCP), which went into effect on December 1, 2006, had the same far reaching effects that governmental regulations such as the Sarbanes- Oxley Act (SOX) and the Health Insurance Portability and Accountability Act (HIPAA) had on businesses. In fact, the impact of FRCP may be even more widespread, since the requirement for an effective and disciplined electronic information management infrastructure is one shared by public companies as well as private businesses; in short, any business operating in the United States.
The demands of discovery require businesses to preserve any electronically stored information (ESI) that may be considered relevant evidence in a potential lawsuit. Fail to produce the requested documents and the consequences are severe, including monetary sanctions and potential charges of obstruction of justice.
Even ESI that was considered “not reasonably accessible” by the courts may be subject to discovery demands which, based on recent court decisions, are likely to continue to shift and change. Some companies operate under the misconception that having a document destruction policy in place is an adequate safety net. A basic “do this, then this” approach is not suitable since the legal requirements for document retention can vary widely from department to department. Finance teams, for example, are required to keep certain securities and filing document for a given number of months. And, perhaps even more challenging for companies to navigate is the onslaught of new technologies that are changing the very nature of documents—how they are created, accessed, used and archived. Additionally, the court’s view of reasonable or acceptable data management and retention policies is not a constant, or set in stone. It is changing as new technologies and processes come into use.
Companies today face a daunting challenge in simply keeping up with technology advances and understanding how those changes impact their litigation management processes. In the past, discovery was comparatively simple and straightforward: Ask for documents, get documents on paper. With rapid technology advances dramatically altering the landscape the need for Records Information Management (RIM) is ballooning exponentially. All employees within a company need to begin to understand this—and act accordingly. Much of what will likely become relevant discovery in the future will not, cannot, or should not be printed. Web 2.0, user-contributed data-driven sites and a host of other new technology solutions foster an environment where the data is more fluid or dynamic than ever before—yet that ephemeral data is still discoverable (see sidebar for the latest.)
And, just when a company has its litigation readiness policies in place, technology advances change the landscape again. New applications, including user editable websites (such as wikis), web blogs and instant messaging (IM), Twitter, Facebook, and groupware applications are changing the nature of what is—and is not—discoverable data. Meta data (or data about the data), for example, is the type of ephemeral data that could be required by the courts to produce, yet remains challenging for companies to track, preserve and archive.
Like crisis management, the success (or failure) of e-discovery planning will affect the entire organization. The process cannot be isolated or contained within the company’s legal (or legal and finance) teams. The discovery tentacles stretch into every area of the organization—and can quickly put a halt to day-to-day business operations. The pervasive nature of e-discovery, coupled with the rising levels of risk many corporate boards will find themselves in, warrants a senior team member from each of the company’s core functional areas may need to be actively engaged in the planning, testing and program refining process.
In recent years, closer integration of legal and technology teams has led to the adoption of innovative technologies that are transforming the way teams work, manage work product and respond to pressing legal issues. The next major challenge is for legal and IT to collaborate with other functional areas within the organization and work together to identify core legal and business processes that could help streamline the processes associated with document creation, management, and recovery. Providing the tools is a step forward. Streamlining the processes and supporting those refinements with the proper technology is a more integrated or holistic—and effective—way to approach the challenges.
Moving to a more integrated approach to litigation management—and by extension, the discovery process—will require corporate counsel to adjust their practices and adapt. They must collaborate, understand the technical aspects of the process and anticipate shifts in the landscape. Perhaps more importantly, they must demand the same from their outside counsel and their discovery partners.
Redefining the Document—and What is Discoverable
A core part of the challenge ahead hinges on the fact that the accepted term “document” is dated and conceptually misleading in context of litigation readiness and electronic discovery issues. Collection and review of voice, video, databases, and Internet-based communications all come into play. When addressing these types of data, the average person’s concept of a document--something that may be printed, read, and held in a person’s hand--begins to blur. Now companies need to tackle a wider (and ever expanding) set of data as part of the discovery process.
Although expanding the legal definition of a document to include electronic data creates the obligation to produce that data as part of discovery, courts offer no guidance on how that production should be carried out. It’s not surprising that the approaches and methods used to produce electronic data for discovery vary radically. With paper documents or even word processing files, the definition of document was clear and contained. The document was started, worked on, saved. There was a linear progression or structure. Adding one level of complexity—information about the document’s lifecycle—was still manageable. The challenge for companies today is that familiar structure no longer fits digital data, creating immense records management challenges.
Technology: Simplified Complexity
Exactly how new, more ephemeral data sources impact records and litigation management is not always at the forefront of the minds of those who select, pay for or implement new technologies like instant messaging (IM), collaboration software, data warehousing, ISP-hosted e-mail, and cloud or web-based applications. While each new solution presents an opportunity for improved personal productivity and corporate efficiencies, it also raises challenges (some still untested) relative to litigation readiness and e-discovery processes.
Issues relating to data dissemination and archiving are coming the forefront.
• How do you archive when the data is “live” and changes by the nano-second?
• How can data capture and regular deletion policies be enforced when employees begin saving emails to their local inboxes?
• How do you control the location of data with pervasive use of thumb drives, micro drives and other devices that enable employees to take data home, on the road—wherever and whenever they need to?
Some businesses are employing biometric devices (such as fingerprint recognition systems) to help control storage and transporting of data—but those devices are costly and add another layer of complexity for users and the IT teams supporting them. This is just the start of the IT / litigation readiness chasm. Oftentimes, since the consequences are still unknown or uncharted, engaging in a cost / risk analysis with IT staff and governance, risk and compliance (GRC) team members does not happen.
One of the key factors adding to the technology tangle is simply too much data—and too much of it being stored because the cost to do so is low, prompting companies to “just store it” rather than systematically review and purge. The reported average storage capacity of a company’s Windows NT servers is 43 terabytes—if those stored documents were printed, they would stack over 800 miles high. From a litigation readiness perspective, this data can begin to feel like dead weight.
New Direction
As with most complex business processes, the first step toward creating and documenting a streamlined, holistic approach in a discovery playbook is to document a detailed understanding of the current state. This is a fundamental part in shifting from a reactionary mode (or a crisis management mode every time a major litigation matter hits) to one in which a planned process is followed. It is also a fundamental step in developing a defensible process that is tailored to the business.
This initial step is a substantive one—and one that an increasing number of in-house teams have dedicated time to addressing. In a recent survey of over 350 corporate counsel, approximately 40% rated themselves as “proactive” when it came to litigation readiness; yet, only 26% acknowledged they had a discovery response workflow in place. Less than one-third (29%) believed they had appropriate processes in place for collecting potential evidence in a legally defensible manner.
The costs and time associated with computer based discovery can be greatly minimized with prior planning—upfront investments to conduct an audit, outline the processes and roles and responsibilities of key players will yield tremendous benefits over the long run. A clear first step for companies interested in improving their litigation readiness include:
AUDIT:
• Assess current approaches / sources for data generation/document creation, management, and retention. Document and map the current state -- what records are retained, what policies are in place, what systems and data structures exist (and where), what processes are employees following, what is being enforced—and what is not.
• Identify the key players and decision makers.
• Identify different levels of risk the current litigation management approach presents—and what actions and investments could be made to help mitigate those risks.
READINESS PLAN
• Define roles and responsibilities.
• Create a lexicon or terminology to ensure all involved have a common understanding of terms, decisions, risks.
• Set forth proposed policies and annotate with the team’s rationale; how were these decisions made, what trade-offs were considered
• Map out how the new / proposed records retention practices should be applied companywide
• Ensure proposed approach conforms with international standards
• Set forth an update or refresh plan to ensure plan (including all policies and procedures) remains current with technology advances and changes as well as changing court definitions on what is discoverable, and what is not.
Companies do not operate blind today when it comes to crisis management—virtually every Fortune 500 corporation has a plan in place that is reviewed and refreshed periodically. The same diligent planning should be applied for litigation management, which has the potential to escalate into a costly, cumbersome and potentially high risk exercise for the organization. Establishing best practices for data retention and preservation can help legal and IT teams (and the rest of the organization) address issues proactively. A constant refresh to ensure that policies and procedures are taking in to account technology advances as well as newly defined court interpretations of what is discoverable is an absolute must in order for a company to ensure its litigation readiness.
Litigation Process Reengineering
Business process reengineering (BPR) is process that corporations began to adopted in the 1990s—and one that continues today as teams assess their current practices and seek radical redesign of processes, better use of advanced technologies and more focused use of human capital.
A core component of business process reengineering is the active participation of cross-functional teams.
“By redesigning processes, by measuring and managing them, and by organizing around them, companies are able to achieve unprecedented and sustainable improvements in operating performance.” BPR approaches and thinking are new to many legal teams—yet, it is at the heart of what litigation readiness processes demand. Some advice from the “father” of reengineering, Dr. James Hammer (who passed away in Summer 2008) underscores the importance that BPR can play enterprise-wide. Remarks from the bestselling book “Reengineering the Corporation: A Manifesto for Business Revolution” that Hammer
co-authored with James Champy underscore the importance for all in the corporation to get involved and commit to a different way of working.
Widely considered to be the most costly and time intensive aspect of the litigation process, discovery is not something to be done piecemeal or in damage control mode. The risks are simply too high—and are escalating with recent court decisions. Yet, for too long, executives (and boards) have been willing to “roll the dice” as they have failed to make an integrated, pro-active approach to litigation management a priority.
A holistic or integrated approach to managing litigation challenges is as basic to an organization as a crisis management plan or a risk management plan. Yet, for too long, litigation management has been left out of the business process improvement push.
Parallel Processes
Litigation management is a process, not an endpoint. It needs to be viewed in the same way companies view their manufacturing processes, hiring or R&D processes, their risk management or crisis management processes. Like other processes that are so fundamental to a business’ operation, litigation management cannot (and should not) be isolated within the company’s legal department. The e-discovery process is pervasive—as it includes virtually any (and every) document or data set produced by employees in every division and department of the company.
The cornerstone of preparedness is thoughtful planning and training of key personnel backed by the right systems, including processes and technology to ensure efficiencies and streamlined communications. To be effective these elements must be coupled with regular review and updates to ensure the processes and policies in place remain relevant. With today’s rapid technology advances, keeping generation, retention and storage procedures for electronic documents current can be daunting.
As with crisis management, investments of time and resources must be made to audit, plan and map out processes. Many find this upfront investment in planning is directly proportional to the level of risk or exposure the company potentially faces. Minimizing business interruptions and potential damage to the company’s reputation are byproducts of successfully run processes. At the same time, having a robust readiness process positively impacts a company’s ability to expedite early case assessment—to determine which cases merit time and resources, which cases pose the greatest potential risk or liability.
Litigation readiness requires disciplined planning, thinking and a commitment to refresh policies and procedures to ensure changes in document generation, storage and management are always factored in. Without that careful pre-planning, the organization’s e-discovery procedures will not be defensible in court, exposing the company to added risks, sanctions, fines and potential obstruction of justice charges.
The amended Federal Rules of Civil Procedure (FRCP), which went into effect on December 1, 2006, had the same far reaching effects that governmental regulations such as the Sarbanes- Oxley Act (SOX) and the Health Insurance Portability and Accountability Act (HIPAA) had on businesses. In fact, the impact of FRCP may be even more widespread, since the requirement for an effective and disciplined electronic information management infrastructure is one shared by public companies as well as private businesses; in short, any business operating in the United States.
The demands of discovery require businesses to preserve any electronically stored information (ESI) that may be considered relevant evidence in a potential lawsuit. Fail to produce the requested documents and the consequences are severe, including monetary sanctions and potential charges of obstruction of justice.
Even ESI that was considered “not reasonably accessible” by the courts may be subject to discovery demands which, based on recent court decisions, are likely to continue to shift and change. Some companies operate under the misconception that having a document destruction policy in place is an adequate safety net. A basic “do this, then this” approach is not suitable since the legal requirements for document retention can vary widely from department to department. Finance teams, for example, are required to keep certain securities and filing document for a given number of months. And, perhaps even more challenging for companies to navigate is the onslaught of new technologies that are changing the very nature of documents—how they are created, accessed, used and archived. Additionally, the court’s view of reasonable or acceptable data management and retention policies is not a constant, or set in stone. It is changing as new technologies and processes come into use.
Companies today face a daunting challenge in simply keeping up with technology advances and understanding how those changes impact their litigation management processes. In the past, discovery was comparatively simple and straightforward: Ask for documents, get documents on paper. With rapid technology advances dramatically altering the landscape the need for Records Information Management (RIM) is ballooning exponentially. All employees within a company need to begin to understand this—and act accordingly. Much of what will likely become relevant discovery in the future will not, cannot, or should not be printed. Web 2.0, user-contributed data-driven sites and a host of other new technology solutions foster an environment where the data is more fluid or dynamic than ever before—yet that ephemeral data is still discoverable (see sidebar for the latest.)
And, just when a company has its litigation readiness policies in place, technology advances change the landscape again. New applications, including user editable websites (such as wikis), web blogs and instant messaging (IM), Twitter, Facebook, and groupware applications are changing the nature of what is—and is not—discoverable data. Meta data (or data about the data), for example, is the type of ephemeral data that could be required by the courts to produce, yet remains challenging for companies to track, preserve and archive.
Like crisis management, the success (or failure) of e-discovery planning will affect the entire organization. The process cannot be isolated or contained within the company’s legal (or legal and finance) teams. The discovery tentacles stretch into every area of the organization—and can quickly put a halt to day-to-day business operations. The pervasive nature of e-discovery, coupled with the rising levels of risk many corporate boards will find themselves in, warrants a senior team member from each of the company’s core functional areas may need to be actively engaged in the planning, testing and program refining process.
In recent years, closer integration of legal and technology teams has led to the adoption of innovative technologies that are transforming the way teams work, manage work product and respond to pressing legal issues. The next major challenge is for legal and IT to collaborate with other functional areas within the organization and work together to identify core legal and business processes that could help streamline the processes associated with document creation, management, and recovery. Providing the tools is a step forward. Streamlining the processes and supporting those refinements with the proper technology is a more integrated or holistic—and effective—way to approach the challenges.
Moving to a more integrated approach to litigation management—and by extension, the discovery process—will require corporate counsel to adjust their practices and adapt. They must collaborate, understand the technical aspects of the process and anticipate shifts in the landscape. Perhaps more importantly, they must demand the same from their outside counsel and their discovery partners.
Redefining the Document—and What is Discoverable
A core part of the challenge ahead hinges on the fact that the accepted term “document” is dated and conceptually misleading in context of litigation readiness and electronic discovery issues. Collection and review of voice, video, databases, and Internet-based communications all come into play. When addressing these types of data, the average person’s concept of a document--something that may be printed, read, and held in a person’s hand--begins to blur. Now companies need to tackle a wider (and ever expanding) set of data as part of the discovery process.
Although expanding the legal definition of a document to include electronic data creates the obligation to produce that data as part of discovery, courts offer no guidance on how that production should be carried out. It’s not surprising that the approaches and methods used to produce electronic data for discovery vary radically. With paper documents or even word processing files, the definition of document was clear and contained. The document was started, worked on, saved. There was a linear progression or structure. Adding one level of complexity—information about the document’s lifecycle—was still manageable. The challenge for companies today is that familiar structure no longer fits digital data, creating immense records management challenges.
Technology: Simplified Complexity
Exactly how new, more ephemeral data sources impact records and litigation management is not always at the forefront of the minds of those who select, pay for or implement new technologies like instant messaging (IM), collaboration software, data warehousing, ISP-hosted e-mail, and cloud or web-based applications. While each new solution presents an opportunity for improved personal productivity and corporate efficiencies, it also raises challenges (some still untested) relative to litigation readiness and e-discovery processes.
Issues relating to data dissemination and archiving are coming the forefront.
• How do you archive when the data is “live” and changes by the nano-second?
• How can data capture and regular deletion policies be enforced when employees begin saving emails to their local inboxes?
• How do you control the location of data with pervasive use of thumb drives, micro drives and other devices that enable employees to take data home, on the road—wherever and whenever they need to?
Some businesses are employing biometric devices (such as fingerprint recognition systems) to help control storage and transporting of data—but those devices are costly and add another layer of complexity for users and the IT teams supporting them. This is just the start of the IT / litigation readiness chasm. Oftentimes, since the consequences are still unknown or uncharted, engaging in a cost / risk analysis with IT staff and governance, risk and compliance (GRC) team members does not happen.
One of the key factors adding to the technology tangle is simply too much data—and too much of it being stored because the cost to do so is low, prompting companies to “just store it” rather than systematically review and purge. The reported average storage capacity of a company’s Windows NT servers is 43 terabytes—if those stored documents were printed, they would stack over 800 miles high. From a litigation readiness perspective, this data can begin to feel like dead weight.
New Direction
As with most complex business processes, the first step toward creating and documenting a streamlined, holistic approach in a discovery playbook is to document a detailed understanding of the current state. This is a fundamental part in shifting from a reactionary mode (or a crisis management mode every time a major litigation matter hits) to one in which a planned process is followed. It is also a fundamental step in developing a defensible process that is tailored to the business.
This initial step is a substantive one—and one that an increasing number of in-house teams have dedicated time to addressing. In a recent survey of over 350 corporate counsel, approximately 40% rated themselves as “proactive” when it came to litigation readiness; yet, only 26% acknowledged they had a discovery response workflow in place. Less than one-third (29%) believed they had appropriate processes in place for collecting potential evidence in a legally defensible manner.
The costs and time associated with computer based discovery can be greatly minimized with prior planning—upfront investments to conduct an audit, outline the processes and roles and responsibilities of key players will yield tremendous benefits over the long run. A clear first step for companies interested in improving their litigation readiness include:
AUDIT:
• Assess current approaches / sources for data generation/document creation, management, and retention. Document and map the current state -- what records are retained, what policies are in place, what systems and data structures exist (and where), what processes are employees following, what is being enforced—and what is not.
• Identify the key players and decision makers.
• Identify different levels of risk the current litigation management approach presents—and what actions and investments could be made to help mitigate those risks.
READINESS PLAN
• Define roles and responsibilities.
• Create a lexicon or terminology to ensure all involved have a common understanding of terms, decisions, risks.
• Set forth proposed policies and annotate with the team’s rationale; how were these decisions made, what trade-offs were considered
• Map out how the new / proposed records retention practices should be applied companywide
• Ensure proposed approach conforms with international standards
• Set forth an update or refresh plan to ensure plan (including all policies and procedures) remains current with technology advances and changes as well as changing court definitions on what is discoverable, and what is not.
Companies do not operate blind today when it comes to crisis management—virtually every Fortune 500 corporation has a plan in place that is reviewed and refreshed periodically. The same diligent planning should be applied for litigation management, which has the potential to escalate into a costly, cumbersome and potentially high risk exercise for the organization. Establishing best practices for data retention and preservation can help legal and IT teams (and the rest of the organization) address issues proactively. A constant refresh to ensure that policies and procedures are taking in to account technology advances as well as newly defined court interpretations of what is discoverable is an absolute must in order for a company to ensure its litigation readiness.
Litigation Process Reengineering
Business process reengineering (BPR) is process that corporations began to adopted in the 1990s—and one that continues today as teams assess their current practices and seek radical redesign of processes, better use of advanced technologies and more focused use of human capital.
A core component of business process reengineering is the active participation of cross-functional teams.
“By redesigning processes, by measuring and managing them, and by organizing around them, companies are able to achieve unprecedented and sustainable improvements in operating performance.” BPR approaches and thinking are new to many legal teams—yet, it is at the heart of what litigation readiness processes demand. Some advice from the “father” of reengineering, Dr. James Hammer (who passed away in Summer 2008) underscores the importance that BPR can play enterprise-wide. Remarks from the bestselling book “Reengineering the Corporation: A Manifesto for Business Revolution” that Hammer
co-authored with James Champy underscore the importance for all in the corporation to get involved and commit to a different way of working.
“I would advise anyone considering a reengineering program to confront early on the tough business decisions that such a transformation demands. Don’t assume that problems will get swept under the carpet or someone lower in the organization will make decisions for you. This ‘reengineering thing’ will not just happen. You have to vigorously attack the business issues and then actively demonstrate leadership from the top down.”
“Reengineering is not gone…the truth is, it never went away. Real businesses have been using reengineering assiduously to transform vast segments of their operations.”