Posted on: May 12, 2016in Blog
Simple Guide on How to Transfer Data Correctly
Have you ever struggled with issues as a result of ESI being transmitted in a way that causes problems such as spoliation of the metadata or the data is corrupted in some way or just the way it was sent caused issues for processing?
Metadata can be used to prove the authenticity of ESI - learn how to prevent inadvertent spoliation during data transfer and avoid sanctions.
What does “data transfer” mean? The topic can address many areas including but not limited to types of ESI in question, original collected ESI vs production data, self-collected ESI, technology usage, transfer requirements. Some of these topics have been covered and contain deeper information relating to specific challenges, recommendations and other related information. For our purposes we are focusing specifically on the process of moving data from one place to another. We have covered topics relating to unique, and specific challenges facing data handling challenges around types of data or types of media below
When you are using physical media for the transfer of ESI, there are certain things you must consider, because if not done properly there could be sanctions imposed.
Do you have a mobile device that needs to be forensically examined or just getting information out of it? Before shipping the device to your forensic services provider, watch this two-minute video on how to ensure a time-efficient process.
Did your client send you data that they collected themselves? Did opposing counsel send production data in a format you can’t load directly into a review tool? There are things you should – and should never – do when you receive data during discovery?
All of the above reference materials give relevant and useful in-depth analysis around many of the issues dealing with data.
The Do’s and Don’ts of Transferring Data During Discovery
1. DO NOT forward ESI as attachments using firm, corporate or personal email accounts.
Emails or other loose ESI that has been attached to an email can cause many issues from spoliation of the original metadata to issues with processing and capturing only the relevant information. In the event that attachments are sent the best option is to ZIP the original ESI attachments transfer separately by secure FTP or copy to external media to the team responsible for handling the ESI
2. DO NOT provide a single location to transfer, copy, forward or move files.
For example, a folder on an internal server, a folder on external media for all custodians or other entities engaged in self-collection. This will often cause data to be overwritten due to similar naming conventions or cause other metadata issues.
3. DO make defensible copies of any media, or data, prior to transfer.
4. DO track the media and use a reliable shipping vendor such as FedEx or other resource.
5. DO encrypt data that is to be shipped and ensure that all parties know how to work with encryption software.
6. DO provide any entity responsible for collection with transfer protocol requirements to ensure that best practices are followed.
7. DO educate, and provide oversight on transfer protocols for entities that engage in self-collection.
Educate anyone that needs to have information on how best to transfer data. Provide oversight by helping build protocols, communicate those protocols and ensure they are being followed.
8. DO provide all internal team members with transfer protocol documentation to ensure consistency.
9. DO NOT engage in, or encourage, file sharing through Dropbox or other unsecured file transfer protocols especially if there is potential private data such as HIPAA information.
10. DO ensure that all data is tracked and recorded appropriately with a tracking log in something as simple as MS Excel as well as ensuring that the chain of custody is maintained.
11. DO engage with a knowledgeable resource to ensure that all protocols developed for internal use are vetted in accordance with federal and local rules.
It is important to remember that while the act of transferring ESI can be seen by some as a simple, innocuous act there are real implications if done wrong which can include sanctions, adverse inference and other significant results.
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted October 27, 2016
Unplugged: What China’s Internet and Data Restrictions Mean for U.S. Companies and China’s Economy
Posted October 20, 2016
3 Areas of Focus When Migrating Data to a New Document Review Tool
Posted October 13, 2016
3 Best Practices for eDiscovery Custodian Interviews
Posted October 06, 2016
Latest Developments in U.S. FCPA Enforcement
Posted September 22, 2016
The Hybrid Approach to an eDiscovery Managed Services Model
Posted September 15, 2016
5 Document Management Best Practices for Beginners
Posted September 13, 2016
Innoxcell Annual Symposium 2016 | Shanghai Series
Posted September 08, 2016
Maintaining a Great Wall of Data Control in eDiscovery
Posted September 08, 2016
PREX16 | 5th Annual Conference on Preservation Excellence
Posted September 01, 2016
Uncovering Enterprise Vault Stub Files and Their Missing Attachments