Responding to Large Scale Litigation

Post incident game plan

Organizations which may have limited experience with large scale litigation within the United States are faced with significant hurdles when dealing with government inquiry, third party requests, and plaintiff requests for production. Understanding and appraising the myriad of complex preservation obligations can provide an organization with a host of opportunities to develop and institute a defensible process and ultimately protect shareholder value.

Developing a post incident game plan

Organizations, in concert with their teams and consultants, should consider focusing on the following core areas during the first ninety days post incident and into the response effort:

  • Establish a multi-disciplinary Core Team: At the outset, organization should assemble a Core Team to spearhead and tackle the various competing demands of the incident, the post incident response effort, the internal investigation, and prepare post incident plans of action to mitigate future incidents.
  • Identify potential data sources: This may include traditional sources such as laptops, hard drives, mobile devices, mail servers, accounting systems, HR applications, instant messaging applications, voicemail servers, etc., as well as nontraditional sources such as social media, third party or private could systems, eRooms, SharePoint sites, third party systems and communication vehicles, etc.
  • Preservation of data: Once data sources have been identified, steps should be taken to preserve potentially relevant data whether internal or external to the organization.
  • Plan for separating employees: HR and IT should develop a plan to mitigate the loss of data through the loss of employees, either voluntary or involuntary, during the normal operation of business.
  • Plan for decommissioned IT assets: IT and finance should develop and execute on a plan to account and preserve decommissioned IT assets during the normal course of business operations.
  • Acquisition and tracking of data: The Core Team should work with its outside legal counsel and vendors to establish leading practices around the forensic collection of and tracking of data sources.
  • Processing and hosting data, and managing data/document review: Data should be collected and processed on a rolling schedule, and thus a processing, hosting, and document review plan of action should be created at the outset in consultation with inside and outside counsel and the selected vendors.
  • The importance of being ready to respond to eDiscovery: Experience has shown that a company's ability to respond deliberately and decisively within the first 90 days of an incident or crisis can be critical to the business outcome.
Responding to Large Scale Litigation