CIOs on Trial: A Check List for eDiscovery and Litigation

By David Cochran

(Back to article)

Today’s CIO encounters many challenges handling security and regulatory mandates that extend far beyond the once-simple duties of maintaining firewalls. CIOs are today’s corporate first responders to spot insider theft or illegal activity, recover lost or deleted data, and to ameliorate poor document retention.

Even before 2008's financial meltdown, courts realized that the amount of electronic data in litigation was growing exponentially. As a result, new Federal guidelines were introduced in 2006 http://www.cioupdate.com/article.php/3646801 to address this growing problem. At the core of any litigation today is the concept of understanding electronic data―where it is located, how it is managed, and how it can be accessed.

In the past, the litigation team consisted of inside and outside counsel, the business unit manager and outside suppliers. The legal responsibility for the management of a company’s data in most businesses falls squarely on the shoulders of the CIO. Thus, if a company is ever entrenched in a legal battle, the CIO needs to be part of the team and must be prepared to take the stand. Because of this person’s unique ability to discuss the internal systems that generate the data in question, a CIO will almost inevitably make any trial attorney’s short list.

In preparing to testify, a CIO must create a plan of action to address the data involved in the litigation. The CIO must be able to speak to the company’s internal IT functions as well as the complexity of the company’s data architecture. A CIO must also be prepared to defend the company’s work practices and policies in anticipation of, not just in response to, litigation. Creating a litigation response team that prepares these responses and policies ahead of time is critical.

The following are sample issues and questions that a CIO may need to address on the stand and, as part of the litigation response team, should be prepared to tackle:

Here are a few basic guidelines that the CIO must adhere to as part of the litigation team:

A good reference tool for the CIO is the Electronic Discovery Reference Model (EDRM), which can be found at http://edrm.net/. EDRM is a collaborative effort that involves corporations, law firms and suppliers working together to better delineate the best practices of managing litigation today. As part of the EDRM model, there are specific areas where a CIO can reference these best practices to help prepare and respond to litigation. The model covers each aspect of the litigation process and defines the necessary components to be successful.

CIO’s know that building a firewall after a system is hacked is too little, too late. Now, more than ever, they must extend that lesson to data management. Implementing a comprehensive plan in anticipation of litigation is the company’s best defense against anything, technology or otherwise, that threatens the company.

David Cochran is the COO of Planet Data, a leading international information management company. He has been involved in all aspects of litigation support and document management for the past 24 years. Before joining Planet Data, David was president and co-founder of Cerulean, LLC, a leading international information management company. Having worked on different litigation practices across the US, EU and Asia, he offers Planet Data clients global experience in litigation support and document management.