Posted on: May 12, 2016in Blog
Simple Guide on How to Transfer Data Correctly
Have you ever struggled with issues as a result of ESI being transmitted in a way that causes problems such as spoliation of the metadata or the data is corrupted in some way or just the way it was sent caused issues for processing?
What does “data transfer” mean? The topic can address many areas including but not limited to types of ESI in question, original collected ESI vs production data, self-collected ESI, technology usage, transfer requirements. Some of these topics have been covered and contain deeper information relating to specific challenges, recommendations and other related information. For our purposes we are focusing specifically on the process of moving data from one place to another. We have covered topics relating to unique, and specific challenges facing data handling challenges around types of data or types of media below
When you are using physical media for the transfer of ESI, there are certain things you must consider, because if not done properly there could be sanctions imposed.
Do you have a mobile device that needs to be forensically examined or just getting information out of it? Before shipping the device to your forensic services provider, watch this two-minute video on how to ensure a time-efficient process.
Did your client send you data that they collected themselves? Did opposing counsel send production data in a format you can’t load directly into a review tool? There are things you should – and should never – do when you receive data during discovery?
All of the above reference materials give relevant and useful in-depth analysis around many of the issues dealing with data.
The Do’s and Don’ts of Transferring Data During Discovery
1. DO NOT forward ESI as attachments using firm, corporate or personal email accounts.
Emails or other loose ESI that has been attached to an email can cause many issues from spoliation of the original metadata to issues with processing and capturing only the relevant information. In the event that attachments are sent the best option is to ZIP the original ESI attachments transfer separately by secure FTP or copy to external media to the team responsible for handling the ESI
2. DO NOT provide a single location to transfer, copy, forward or move files.
For example, a folder on an internal server, a folder on external media for all custodians or other entities engaged in self-collection. This will often cause data to be overwritten due to similar naming conventions or cause other metadata issues.
3. DO make defensible copies of any media, or data, prior to transfer.
4. DO track the media and use a reliable shipping vendor such as FedEx or other resource.
5. DO encrypt data that is to be shipped and ensure that all parties know how to work with encryption software.
6. DO provide any entity responsible for collection with transfer protocol requirements to ensure that best practices are followed.
7. DO educate, and provide oversight on transfer protocols for entities that engage in self-collection.
Educate anyone that needs to have information on how best to transfer data. Provide oversight by helping build protocols, communicate those protocols and ensure they are being followed.
8. DO provide all internal team members with transfer protocol documentation to ensure consistency.
9. DO NOT engage in, or encourage, file sharing through Dropbox or other unsecured file transfer protocols especially if there is potential private data such as HIPAA information.
10. DO ensure that all data is tracked and recorded appropriately with a tracking log in something as simple as MS Excel as well as ensuring that the chain of custody is maintained.
11. DO engage with a knowledgeable resource to ensure that all protocols developed for internal use are vetted in accordance with federal and local rules.
It is important to remember that while the act of transferring ESI can be seen by some as a simple, innocuous act there are real implications if done wrong which can include sanctions, adverse inference and other significant results.
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted May 24, 2017
Unique eDiscovery Challenges with Mobile Device Data and How to Solve Them
Posted May 17, 2017
How to Comply with 21 CFR and HIPAA Data Retention Requirements
Posted May 11, 2017
4 Key Advantages of Conducting Remote Depositions
Posted May 03, 2017
eDiscovery in International Dispute Resolution: What Experts Want You to Know
Posted April 27, 2017
China Expands Data Transfer Requirements for its Cybersecurity Law
Posted April 26, 2017
How to Use Office 365 Advanced eDiscovery to Prioritize Your Review
Posted April 21, 2017
American Bar Association Section of International Law | 2017 Spring Meeting in Washington DC
Posted April 19, 2017
Office 365 Enterprise E5: 6 Features That Could Benefit Your Business
Posted April 12, 2017
Data Reuse in eDiscovery: 4 Questions to Help Start Your Policy
Posted April 05, 2017
ESI Data Mapping Basics for eDiscovery