Posted on: May 12, 2016in Blog
Simple Guide on How to Transfer Data Correctly
Have you ever struggled with issues as a result of ESI being transmitted in a way that causes problems such as spoliation of the metadata or the data is corrupted in some way or just the way it was sent caused issues for processing?
What does “data transfer” mean? The topic can address many areas including but not limited to types of ESI in question, original collected ESI vs production data, self-collected ESI, technology usage, transfer requirements. Some of these topics have been covered and contain deeper information relating to specific challenges, recommendations and other related information. For our purposes we are focusing specifically on the process of moving data from one place to another. We have covered topics relating to unique, and specific challenges facing data handling challenges around types of data or types of media below
When you are using physical media for the transfer of ESI, there are certain things you must consider, because if not done properly there could be sanctions imposed.
Do you have a mobile device that needs to be forensically examined or just getting information out of it? Before shipping the device to your forensic services provider, watch this two-minute video on how to ensure a time-efficient process.
Did your client send you data that they collected themselves? Did opposing counsel send production data in a format you can’t load directly into a review tool? There are things you should – and should never – do when you receive data during discovery?
All of the above reference materials give relevant and useful in-depth analysis around many of the issues dealing with data.
The Do’s and Don’ts of Transferring Data During Discovery
1. DO NOT forward ESI as attachments using firm, corporate or personal email accounts.
Emails or other loose ESI that has been attached to an email can cause many issues from spoliation of the original metadata to issues with processing and capturing only the relevant information. In the event that attachments are sent the best option is to ZIP the original ESI attachments transfer separately by secure FTP or copy to external media to the team responsible for handling the ESI
2. DO NOT provide a single location to transfer, copy, forward or move files.
For example, a folder on an internal server, a folder on external media for all custodians or other entities engaged in self-collection. This will often cause data to be overwritten due to similar naming conventions or cause other metadata issues.
3. DO make defensible copies of any media, or data, prior to transfer.
4. DO track the media and use a reliable shipping vendor such as FedEx or other resource.
5. DO encrypt data that is to be shipped and ensure that all parties know how to work with encryption software.
6. DO provide any entity responsible for collection with transfer protocol requirements to ensure that best practices are followed.
7. DO educate, and provide oversight on transfer protocols for entities that engage in self-collection.
Educate anyone that needs to have information on how best to transfer data. Provide oversight by helping build protocols, communicate those protocols and ensure they are being followed.
8. DO provide all internal team members with transfer protocol documentation to ensure consistency.
9. DO NOT engage in, or encourage, file sharing through Dropbox or other unsecured file transfer protocols especially if there is potential private data such as HIPAA information.
10. DO ensure that all data is tracked and recorded appropriately with a tracking log in something as simple as MS Excel as well as ensuring that the chain of custody is maintained.
11. DO engage with a knowledgeable resource to ensure that all protocols developed for internal use are vetted in accordance with federal and local rules.
It is important to remember that while the act of transferring ESI can be seen by some as a simple, innocuous act there are real implications if done wrong which can include sanctions, adverse inference and other significant results.
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted June 21, 2017
Control Litigation Costs by Making the Most of Your Internal Capabilities
Posted June 15, 2017
Shanghai OSAC Quarterly Meeting
Posted June 15, 2017
5 Ways to Reduce eDiscovery Costs Before and During Litigation
Posted June 07, 2017
Defensible Deletion Strategy: Getting Rid of Your Unnecessary Data
Posted May 31, 2017
How Does the EU-US Privacy Shield Affect Cross-Border Discovery?
Posted May 24, 2017
Unique eDiscovery Challenges with Mobile Device Data and How to Solve Them
Posted May 17, 2017
How to Comply with 21 CFR and HIPAA Data Retention Requirements
Posted May 11, 2017
4 Key Advantages of Conducting Remote Depositions
Posted May 03, 2017
eDiscovery in International Dispute Resolution: What Experts Want You to Know
Posted April 27, 2017
China Expands Data Transfer Requirements for its Cybersecurity Law