Posted on: March 16, 2017in Blog
7 Best Practices for a Defensible Legal Hold Process
Legal holds may be issued in a wide variety of circumstances including actual, imminent, or anticipated government investigations. Obvious situations arise when notice is received, when a government agency files notice, restatement of public companies earnings or when similar circumstances within the corporation or business have previously led to legal proceedings.
Others are not so obvious. A complaint to HR, managers discussing an employee termination, a hostile customer complaint — these require a balanced approach for corporate internal investigations.
Careful documentation on why a legal hold was issued, or ultimately not issued can save many headaches down the line. While there is no bright-line test regarding the duty to preserve, legal personnel should ensure their organizations have appropriate records retention policies that define procedures that meet both business and legal requirements.
Creating a Defensible Legal Hold Process
Employees should be educated as the timely issuance of a litigation hold is critical to minimizing the risk an organization faces arising from the loss of relevant ESI that may be requested for production or used by the organization in its own defense. In particular, guidance should be provided to IT staff about document retention and the types of documents most frequently requested in litigation. Workflows may have to be changed to ensure the organization can meet its eDiscovery requirements.
A legal hold can vary based on numerous factors including the way an organization stores data, the scope of litigation and the accessibility of data, but there are general best practices that include:
- Periodic reminders
- No legalese
- An explanation of the preservation obligation and the consequences from the failure to follow the notice
- A description of the matter and relevant time period, as well as types of data to be preserved
- A directive to stop document retention and destruction polices for information related to the hold
- Directions to departing employees
- How to handle instant messaging, blogging and social media
- Instructions on who to contact with questions and a signed acknowledgement of receipt and understanding binding employees to abide by the hold policy
How to Prevent Spoliation During Legal Hold
It is more common now to see an adversary shift their focus from the merits of the case to claims of spoliation if they perceive a better chance of success.
Courts have authority to issue sanctions for spoliation of potential evidence, whether done intentionally or through negligence. Sanctions can include fines, payment of attorneys’ fees, adverse inference instructions to the jury, evidentiary preclusion, striking a pleading or granting a default judgment against the spoliator.
8 Legal Hold Best Practices to Avoid Spoliation
To prevent spoliation, consider the following practices:
1. Identify and manage information systems that routinely remove or alter content. This may involve auto-delete functions that regularly expunge old, outdated, archived or expiring files. It’s common for information systems to have automatic functions that routinely alter stored or real-time data. Identifying and managing these automated actions functions can be critical in eDiscovery.
2. Assess the impact of hardware-related actions, such as removal of backup drives, overwriting or routine destruction of aging or obsolete equipment. For example:
- A company may throw away old computers without preserving hard disks containing ESI.
- A manager may let a cloud subscription expire without making a backup copy of uploaded files
- Track and manage processes that routinely update ESI, which may prevent the preservation of data.
- Files, spreadsheets, and databases may be automatically updated or altered based on periodic calculations or analyses
- Automatic updates of desktop operation systems, browser versions, software, mobile apps, and online accounts may interfere with data preservation
- Virus scanning software and tools designed to save storage space may interfere with an information system and its processes
3. Consider digital storage capacity based on current and future data quantity. A client may want to reduce overhead by limiting storage capacity to be appropriate for normal business operation. However, such cost-saving measures may conflict with emerging needs on information governance and records retention.
4. Ensure that potential ESI sources are properly addressed, including online and offline devices, software, cloud-based ESI, and apps.
5. Implement controls related to user logins, passwords, authentication and document certificates that may alter ESI or prevent access.
6. Establish a secure repository for collected ESI to prevent altercation or destruction. Protect passwords, codes, and instructions required to access ESI.
7. Preserve non-work related emails, online accounts, profiles, call records that may contain business correspondence.
With the constant evolution and breakneck speed of technological advances, it’s imperative that counsel bring together a multifaceted team of stakeholders to support Information Governance and Discovery initiatives. The proliferation of data has necessitated cross-functional teams working together like never before. Only by truly understanding the limits and consequences of technology and actions can organizations protect themselves from future spend, and all but guarantee cost savings for years to come through well-documented workflow and governance initiatives.
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted June 21, 2017
Control Litigation Costs by Making the Most of Your Internal Capabilities
Posted June 15, 2017
Shanghai OSAC Quarterly Meeting
Posted June 15, 2017
5 Ways to Reduce eDiscovery Costs Before and During Litigation
Posted June 07, 2017
Defensible Deletion Strategy: Getting Rid of Your Unnecessary Data
Posted May 31, 2017
How Does the EU-US Privacy Shield Affect Cross-Border Discovery?
Posted May 24, 2017
Unique eDiscovery Challenges with Mobile Device Data and How to Solve Them
Posted May 17, 2017
How to Comply with 21 CFR and HIPAA Data Retention Requirements
Posted May 11, 2017
4 Key Advantages of Conducting Remote Depositions
Posted May 03, 2017
eDiscovery in International Dispute Resolution: What Experts Want You to Know
Posted April 27, 2017
China Expands Data Transfer Requirements for its Cybersecurity Law