Compliance Management

The convergence of eDiscovery and eCompliance

Electronically stored information (ESI) is a rich source of material in litigation proceedings, and as a result, eDiscovery has experienced rapid growth during the last five years. It has taken center stage in numerous high-profile cases as corporations have struggled to identify, collect, cull, analyze and review ESI in a cost-effective and defensible manner. The problem is that eDiscovery is largely a reactive and manual process.

Now, with eDiscovery requests growing and the data volume increasing from the gigabyte to the terabyte range, corporations struggle to meet the new regulations and timelines -- largely imposed by the Federal Rules of Civil Procedure (FRCP). Corporations are beginning to look to technology to streamline the traditionally manual discovery process, deliver a defensible process and reduce high labor expenses. 

At the same time, information compliance and governance issues have grown to critical proportions. With the pace of regulation continuing to increase, its impact on IT has become substantial. Regulatory compliance has become a critical element in IT decisions in the same way that client/server, ERP and other major technological innovations have in recent years.

From an IT perspective, the problem of compliance management issues is most acute for unstructured ESI -- the data that resides in files and file systems across laptops, desktops and cloud-based file storage systems. Unstructured data accounts for 80 percent of all corporate data. 

As one means of coping, organizations have deployed applications for email archival and enterprise content management (ECM) to address risk and compliance requirements. ECM platforms have become very nearly a corporate necessity and will continue to be the backbone for critical, high-value information management and collaboration capabilities for the foreseeable future. 

However, there is a growing challenge in enterprise content creation and management. With the increase in knowledge workers and user-friendly content creation tools, ESI volume is growing at nearly 100 percent yearly. With this volume of information, more than 80 percent of informational assets may reside outside ECM repositories.

The problem is how to find the key critical documents and records in today's informational ocean and pull them into the ECM workflow, while leaving the rest in place and indexing it. Because, importing all documents and records into the corporation's central ECM repository is no longer possible or feasible due to sheer volume. 

To help manage the information growth while maintaining enterprise content management control of high-value documents and records, corporations need visibility into important data outside the ECM repository. Gartner coined the term ”Lite-ECM” which describes a cooperative information access and management suite that seamlessly integrates and extends ECM platform capabilities to provide identification, search, analysis and auto-classification of information outside the ECM repository. 

Due to the confluence of legal and compliance regulations and IT management issues, the perfect ESI storm has emerged -- and with it, the confluence of both eDiscovery and eCompliance.
Looking forward, these features are necessary for any workable amalgamation of practical eDiscovery and eCompliance initiatives:
  • Enterprise-class scalability and performance. An eDiscovery/eCompliance suite must be scalable to search across hundreds to thousands of terabytes of electronically stored information, as well as scale into the billions of documents, and have the performance to process that data to keep pace with today's information growth.
  • Auto-discovery of data sources – An eDiscovery/eCompliance suite must have the capability to auto-discover informational sources anywhere on the network, since critical data may reside in the enterprise file, storage file server or a laptop in Shanghai.  
  • Holistic and Dynamic Organizational Information Map – Since network topology can change rapidly, having a dynamic and active continuous auto-discovery capability is critical for information indexing, internal investigations, litigation procedures and information capacity planning.  
  • Agent-less and agent information management – Organizations have enough critical data running on servers, laptops and desktops today. Having the option to run agent-less or agent searches is a critical capability. Agent-less search has a low impact on the IT infrastructure and is easier to deploy. Search with an agent takes longer to deploy, but can delivereffectively on active data sets.  
  • Robust search, analysis, and classification – Searching, analyzing and classifying information is a complex challenge. Having a strong analysis and auto-classification capability that can sort large data sets based on metadata, document content, file type, an so forth is necessary to accurately and quickly reduce the volume of data to a relevant and manageable set.
  • Tagging – Automating the tagging of individual content or grouping content into relevant virtual categories with a robust policy-based engine enables administrators to simplify the review and reporting process by delivering a virtualized organizational information overview.
  • Workflow management – After gaining insight into and classifying critical information, bring the “in the wild” data into the ECM platform for workflow management and preservation. With the ability to automate the move, copy, encrypt, and delete actions; an automated policy-based methodology accelerates the manual processes for processing all the enterprise data.
  • Unified management – With billions of documents and petabytes of storage, corporations can easily be overwhelmed by the volume of data. A robust eDiscovery/eCompliance suite must have a unified management view across the entire network and the ECM platform, to simplify operational management.
  • In-place record hold – Being able to tag and hold potential critical information at the source, i.e., server or laptop, is a capability that separates the efficient eDiscovery/eCompliance suite from an unusable one. It is not reasonable to move all potential critical data back to a repository before review. The in-place hold and review and subsequent collection process streamlines and accelerates the process.
  • Enterprise-wide critical information capture – With 80 percent of a corporation's informational assets outside the control of the ECM platform, an eDiscovery/eCompliance suite will need to have the flexibility to identify, access, search, and review information which resides in databases, email archives, servers, email systems and storage systems across the entire network. With an automated workflow policy engine, capture and movement of critical information to the ECM repository can be accomplished on a daily, weekly or monthly basis. 

Deploying an eDiscovery/eCompliance suite is a complex process, since it impacts IT, legal, human resources, records management and security teams. To meet stakeholder needs, it is imperative to convene a cross-functional team to gather requirements, review solutions and manage deployment of an eDiscovery/eCompliance suite, as well as to create a sense of ownership and responsibility.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.