A number of recent studies suggest that most companies are woefully unprepared to comply with federal litigation rules for producing electronic documents. Unfortunately, once you’ve been sued it is too late to get up to speed -- you’ve created a potentially expensive legal problem without realizing you were doing it.
Think a lawsuit is unlikely? Think again. A recent study from the law firm Fulbright & Jaworsky found that 90 percent of companies were involved in some type of litigation. Let’s face it: litigation is a reality for most U.S. businesses, no matter how small.
Waiting until you are sued to think about document retrieval processes leaves you exposed to claims that you did too little to preserve and produce necessary documents. Courts are increasingly likely to penalize companies for failing to properly retain documents, even if it can’t be proven the company intentionally destroyed documents to impede litigation.
This mandate poses obvious and significant challenges. What information needs to be saved, and for how long? If you were sued, could you find and recover the necessary information?
The enormity of this task is mind-numbing. Think of all the emails, instant messages and other electronic data your company generates over a period of years. Dealing with this retroactively can be a real nightmare.
There are steps you can take that will help protect your company from an expensive and arduous e-discovery process:
1. Develop and communicate a document retention policy
This sounds simple and obvious, but many small businesses lack clear policies, and even when a policy exists employees may not be aware of it.
It’s not enough to outline which documents need to be saved and the length they must be retained. This written policy needs to cover exactly how and where employees should save files. Being very specific about these steps not only increases the chances that employees will comply, but also help limit your liability in future litigation.
A written document retention policy minimizes the chances your company will have to struggle to explain the loss of important information. This is a mistake for which many companies have been penalized, even if their intentions were benign. Another common mistake is not complying with your own policy. If the policy specifies that documents should be deleted after a certain amount of time, it is important that those documents actually get deleted.
2. Implement strategies to prepare for litigation
While updating your document retention policies is a good first step, it’s not enough. Established e-discovery case law requires a company to preserve relevant documents once litigation is reasonably foreseeable. While these guidelines are clearly subjective, it is your duty to be cognizant of potential litigation, and save records accordingly.
Think about areas of potential litigation. Are there emails with a certain former employee that could be relevant? Records from a client or vendor?
The Arthur Andersen/Enron debacle is the best-known example of the value of adhering to a clear document retention policy. Destroying documents in a manner that is inconsistent with company policy will raise red flags in court, which can increase the probability of receiving financial penalties. Following a clearly established policy decreases the liability you will face if a case arises in which documents were already destroyed.
3. Work across departments to adopt controls
Representatives from the information technology, legal, and human resources departments should be included in a team charged with reviewing electronic communications systems. IT experts can lead the team regarding where the data is stored, how and when it is destroyed, and how it can be searched.
A legal expert (external if necessary) should guide the team on what the law requires. What information needs to be accessible? Who is responsible for retaining that information, and is the company meeting its legal obligation in communicating these policies to employees?
Finally, a human resources representative should be tasked with making sure policies are clearly communicated to employees and are followed. Documenting this communication and the steps taken to ensure employees are complying with the policy can be tremendously helpful in protecting the company legally in the future.
4. Implement search and retrieval plans
Unfortunately, many well-meaning companies end up doing more harm than good in this step, as it’s quite easy to unwittingly destroy evidence in the retrieval process. You won’t be able to count on this excuse standing up in court, so you may need to call on external help to ensure this process is completed correctly. When in doubt, do not change the state of a suspect computer without having an expert present. If it’s turned off, leave it off. On a Windows based PC the simple act of booting up destroys some types of evidence.
While no one likes to think about being dragged to court, legal action from employees and clients are a common occurrence. Taking the time to establish document policies now could very well save you from the much bigger headache of expensive, emergency action down the road.
Bill Huber is the National Technology Solution Leader of Tatum LLC. Tatum is the nation’s largest executive services firm focused on financial and technology leadership, with more than 700 executive partners and professionals across 33 markets.