Posted on: April 05, 2017in Blog
ESI Data Mapping Basics for eDiscovery
What is data mapping?
A data map is a comprehensive and defensible inventory of a corporation’s IT systems that store information, which may be relevant to litigation and other proceedings.
Creating your data map is only one small step you should take when defensibly preparing for litigation. Use this beginner's guide to litigation response planning to what else you should to do to proactively prepare your organization.
Data mapping also serves the purpose of identifying the potential sources of ESI (electronically stored information) and the location of those sources. Specifically, it should also include who manages those sources, and details about the scope of ESI available from each.
ESI Data Map Key Elements
There are a few key elements of an ESI data map. First, it should identify the IT systems most likely to be relevant based on the organization’s discovery portfolio. For non tech-savy individuals, the data map should also include a plain English description of the IT system’s purpose and role so that it is easily understood. Lastly, the data map should be able to provide answers to critical discovery questions about IT systems. Be sure to include any record retention policies, or policies focused on the purging, and deletion of ESI in your data map.
A data map can also help an organization understand its risk profile. Understanding your company’s risk profile will allow you to validate your understanding of the current state of data storage, and highlight if there is sensitive data in unknown areas of the network. By analyzing your risk profile, you can attempt to secure data and prevent loss, and gain visibility into risk data usage patterns while allowing your private information to stay secure.
Platforms to Include in your ESI Data Map
It’s important to know where all your information is located, and keep the log current by making regular updates. Maintaining an outline of where electronic materials and hard copy documents are stored, and who has access to them allows any information to be easily located if needed.
Consider including the following digital platforms in your data map that may hold crucial evidence at any given time:
- Emails and servers
- Text messages
- Instant messaging/Chat
- Cloud systems
- Audio recordings
- Digital Storage (i.e. iPads, CDs, DVDs, flash drives, backup drives)
- Mobile apps
- File hosting services
- Social Media (i.e. Twitter, Facebook, YouTube, Instagram)
- Online profiles
- Multimedia (i.e. photos, videos)
- Electronic logs (i.e. user log-in, user entry, Facebook “likes”)
- Security monitors
- Internet transactions
- Browser data (i.e. history, cookies, search queries)
- Digital footprints (i.e. IP location)
The dramatic growth in ESI presents a constantly changing environment that directly affects the risks, obstacles, expectations and methods you must face when it comes to eDiscovery. The inaccessibility of data can no longer be a crutch on which to rely on or petition the court regarding to expense of production. An updated data map that accurately depicts your IT systems and sources of ESI will streamline your legal hold and eDiscovery process should litigation arise.
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted June 21, 2017
Control Litigation Costs by Making the Most of Your Internal Capabilities
Posted June 15, 2017
Shanghai OSAC Quarterly Meeting
Posted June 15, 2017
5 Ways to Reduce eDiscovery Costs Before and During Litigation
Posted June 07, 2017
Defensible Deletion Strategy: Getting Rid of Your Unnecessary Data
Posted May 31, 2017
How Does the EU-US Privacy Shield Affect Cross-Border Discovery?
Posted May 24, 2017
Unique eDiscovery Challenges with Mobile Device Data and How to Solve Them
Posted May 17, 2017
How to Comply with 21 CFR and HIPAA Data Retention Requirements
Posted May 11, 2017
4 Key Advantages of Conducting Remote Depositions
Posted May 03, 2017
eDiscovery in International Dispute Resolution: What Experts Want You to Know
Posted April 27, 2017
China Expands Data Transfer Requirements for its Cybersecurity Law