Posted on: May 12, 2016in Blog
Simple Guide on How to Transfer Data Correctly
Have you ever struggled with issues as a result of ESI being transmitted in a way that causes problems such as spoliation of the metadata or the data is corrupted in some way or just the way it was sent caused issues for processing?
What does “data transfer” mean? The topic can address many areas including but not limited to types of ESI in question, original collected ESI vs production data, self-collected ESI, technology usage, transfer requirements. Some of these topics have been covered and contain deeper information relating to specific challenges, recommendations and other related information. For our purposes we are focusing specifically on the process of moving data from one place to another. We have covered topics relating to unique, and specific challenges facing data handling challenges around types of data or types of media below
When you are using physical media for the transfer of ESI, there are certain things you must consider, because if not done properly there could be sanctions imposed.
Do you have a mobile device that needs to be forensically examined or just getting information out of it? Before shipping the device to your forensic services provider, watch this two-minute video on how to ensure a time-efficient process.
Did your client send you data that they collected themselves? Did opposing counsel send production data in a format you can’t load directly into a review tool? There are things you should – and should never – do when you receive data during discovery?
All of the above reference materials give relevant and useful in-depth analysis around many of the issues dealing with data.
The Do’s and Don’ts of Transferring Data During Discovery
1. DO NOT forward ESI as attachments using firm, corporate or personal email accounts.
Emails or other loose ESI that has been attached to an email can cause many issues from spoliation of the original metadata to issues with processing and capturing only the relevant information. In the event that attachments are sent the best option is to ZIP the original ESI attachments transfer separately by secure FTP or copy to external media to the team responsible for handling the ESI
2. DO NOT provide a single location to transfer, copy, forward or move files.
For example, a folder on an internal server, a folder on external media for all custodians or other entities engaged in self-collection. This will often cause data to be overwritten due to similar naming conventions or cause other metadata issues.
3. DO make defensible copies of any media, or data, prior to transfer.
4. DO track the media and use a reliable shipping vendor such as FedEx or other resource.
5. DO encrypt data that is to be shipped and ensure that all parties know how to work with encryption software.
6. DO provide any entity responsible for collection with transfer protocol requirements to ensure that best practices are followed.
7. DO educate, and provide oversight on transfer protocols for entities that engage in self-collection.
Educate anyone that needs to have information on how best to transfer data. Provide oversight by helping build protocols, communicate those protocols and ensure they are being followed.
8. DO provide all internal team members with transfer protocol documentation to ensure consistency.
9. DO NOT engage in, or encourage, file sharing through Dropbox or other unsecured file transfer protocols especially if there is potential private data such as HIPAA information.
10. DO ensure that all data is tracked and recorded appropriately with a tracking log in something as simple as MS Excel as well as ensuring that the chain of custody is maintained.
11. DO engage with a knowledgeable resource to ensure that all protocols developed for internal use are vetted in accordance with federal and local rules.
It is important to remember that while the act of transferring ESI can be seen by some as a simple, innocuous act there are real implications if done wrong which can include sanctions, adverse inference and other significant results.
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted April 26, 2017
How to Use Office 365 Advanced eDiscovery to Prioritize Your Review
Posted April 21, 2017
American Bar Association Section of International Law | 2017 Spring Meeting in Washington DC
Posted April 19, 2017
Office 365 Enterprise E5: 6 Features That Could Benefit Your Business
Posted April 12, 2017
Data Reuse in eDiscovery: 4 Questions to Help Start Your Policy
Posted April 05, 2017
ESI Data Mapping Basics for eDiscovery
Posted March 30, 2017
China’s Cybersecurity Law: Objectives, Compliance and Business Recommendations
Posted March 28, 2017
What will the future bring for the legal industry? | Q&A
Posted March 23, 2017
Beginner’s Guide to Litigation Response Planning and Execution
Posted March 16, 2017
7 Best Practices for a Defensible Legal Hold Process
Posted March 10, 2017
BYOD Privacy: 6 Considerations to Protect Your Business