Global eDiscovery: An Integrated, end-to-end Approach | Deloitte US has been added to your bookmarks.
An integrated, end-to-end approach
Global eDiscovery is difficult, and it keeps getting harder. Data volumes continue to grow, doubling every two years, as do the number and variety of data-carrying devices that could be relevant to a discovery matter. Companies can face prickly dilemmas as compliance and legal requirements in one region or country clash with privacy mandates in another. Across the globe, authorities are expecting companies to respond faster and more forthrightly to discovery dictates.
A systematic approach
Companies should consider an integrated, end-to-end approach to cross-border eDiscovery. This type of systematic approach can address the many requirements of eDiscovery workflow management, including downstream report production, while providing the flexibility to incorporate new processes and data. With an end-to-end eDiscovery approach, a central repository harnesses data from internal departments, vendors, eDiscovery platforms, and other sources.
Data quality improves as built-in validations and standardized field values and definitions enforce data entry rules. Efficiency increases as the need for manual and multiparty tracking diminishes. The end-to-end approach also provides a broad view of the data lifecycle and individual custodians' devices, collections, and shipments. Automated reports, the centralized data source, and enhanced data quality enable faster response to information requests. At the same time, this approach improves other reporting and expanded use of data analytics. Finally, an end-to-end approach helps transform eDiscovery from a situation-driven undertaking into an embedded, business-as-usual process.
Despite its many apparent benefits, an end-to-end eDiscovery operating model may present hurdles that companies will need to overcome. For example, technical, legal, and operational issues can cause the discovery capability to straddle several internal organizational units and departments. Determining who should be responsible can be difficult, but is an essential first step. The lack of a broadly accepted standard for eDiscovery operations is another potential impediment to end-to-end model development. In the absence of such a standard, some companies are finding guidance in the organizing principles of the ISO 27001 family of information security standards, which lend themselves to the discovery operating model challenge. In using such a standard, it is important to stay mindful that companies have different business risks, geographical coverage, regulatory requirements, and internal legal, compliance, and investigative structures. Also, the framework is not prescriptive, but instead provides topics for consideration. A company can choose the personnel, technical, and procedural controls that are appropriate to their needs.