IT-legal disconnect hinders e-discovery efforts: survey
IT-legal disconnect hinders e-discovery efforts: survey
February 10, 2009: A lack of collaboration between enterprise IT and legal departments is hindering eDiscovery efforts, resulting in massive regulatory compliance and eDiscovery risks, according to a survey commissioned by Recommind.
The provider of search-powered information risk management (IRM) software asked senior IT managers at US enterprises averaging more than 17,000 employees to examine the importance of eDiscovery to the enterprise as a whole, the coordination of eDiscovery efforts between IT and legal departments and the roles that each department plays in setting corporate policies and making technology buying decisions.
The results clearly demonstrate the need for greater coordination in scoping and implementing of eDiscovery-related projects — especially those related to critical steps in the eDiscovery process, such as identifying, preserving and collecting documents pursuant to a legal hold.
In recent years, IT and legal departments have operated largely independently of one another; however, with the complexity and costs of eDiscovery increasing exponentially, the responsibilities and needs of each department are quickly becoming inextricably linked.
In order to effectively meet information management, litigation, investigatory and regulatory challenges, legal and IT departments must foster open communication and collaboration with their confluent needs in order to properly identify, scope and implement projects and policies. With the average US company already facing 305 lawsuits at any one time — a number that jumps to 556 for companies with more than $US1 billion in revenue — enterprises urgently need to address this burgeoning risk.
Recommind’s survey demonstrates that there is significant work remaining to achieve this goal: only 37% of respondents reported that legal and IT are working more closely together than a year before.
This issue is compounded by the fact that only 21% of IT respondents felt that eDiscovery was a “very high” priority, in stark contrast with the overwhelming importance attached to eDiscovery by corporate legal departments.
Furthermore, there remains a significant disconnect between corporate accountability and project responsibility, with legal “owning” accountability for eDiscovery (73% of respondents), records management (47%) and data retention (50%), in spite of the fact that the IT department actually makes the technology buying decisions for projects supporting these areas 72% of the time.
Exacerbating these problems is an alarming shortage of technical specifications for eDiscovery-related projects. Only 29% of respondents felt that IT truly understood the technical requirements of eDiscovery. The legal department fared even worse, with only 12% of respondents indicating that legal understood the requirements. Not surprisingly, this disconnect is leading to a lack of confidence in eDiscovery project implementation, with only 27% of respondents saying IT is very helpful during eDiscovery projects, and even fewer (16%) believing legal is.
With the current financial downturn and greater government oversight of multiple industries expected to result in a wave of new, more stringent federal regulations and a continuing rise in lawsuits, enterprises of all sizes need to think about proactive information risk management (IRM) in some capacity. This includes understanding the many aspects of an eDiscovery project: what vendor to select, how to implement its solution, how to get more value out of existing technology and what processes and people to put in place to manage the eDiscovery system once it’s installed.
For guidance, enterprises can rely on industry organizations such as the Sedona Conference, the DESI Workshop and the EDRM Project, which provide extensive support for enterprise IT and legal departments that want to better understand how to handle eDiscovery-related initiatives.
“If enterprises are to minimize information risk and sustain growth during the economic downturn, IT and legal must communicate regularly, have a complete understanding of their respective roles and collaborate through each step of the eDiscovery process, from project scoping to vendor selection to implementation to the actual mechanics of an event,” said Craig Carpenter, VP & General Counsel,Recommind.
“Our survey clearly demonstrates that many enterprises don’t yet have the processes and communication channels in place to build a consistent, systematic and defensible response to eDiscovery events. This data should serve as a wake-up call to enterprises and industry alike that we have a lot of work ahead of us if we are to create repeatable, accurate and cost-effective eDiscovery response systems.”