Electronic Archives are one of the least understood – and yet one of the best – technologies available to the enterprise for improved operations, compliance and eDiscovery. Yet while most IT professionals are familiar with the benefits of Email Archiving, many see only the operational improvements that an archive can bring. So when they need to enlist in-house counsel’s assistance to approve the policies for the archive, they often miss the benefits to the legal department, making it more difficult to convince legal to help. In fact, discussing the benefits of the archive is a critical step. Many lawyers still misunderstand the purpose of Email Archiving, incorrectly viewing it as a tool to save everything forever – something they are almost always against.
If you’re having difficulty getting legal on board with your archiving project (or if you’re a lawyer and want to better understand how archives can help you), here are three significant areas that are improved with a good email archive deployed as part of an overall Email Management initiative.
Electronic discovery is the process of identifying, holding, collecting, analyzing and producing electronic stored information (“ESI”) to meet the requirements of litigation, investigation or open records / FOIA requests. Email messages are the most frequent – and arguably the most important – locations for ESI. Email is also one of the most expensive and risky sources of ESI because most companies do not effectively manage their email. This often forces enterprises, under the risk of sanctions for deleting data that is relevant to a lawsuit (a penalty known as “spoliation”), to search in virtually unlimited locations for email and then to process and review huge volumes of messages. Some enterprises have no established process for eDiscovery and are forced to retain backup tapes of email servers and fileshares as a stopgap measure, at enormous risk and expense. Worse still – some companies simply pretend to meet their obligations through a quick search of a few mailboxes on the email server, knowing that email is stored in other locations they cannot efficiently search, and then cross their fingers to hope for the best.
Almost all of this difficult and risky process can be avoided with an effective Email Archive operating as part of an overall Email Management initiative. With a good archive, the enterprise’s eDiscovery team can quickly search through just one location for all email, substantially reducing cost and risk. An effective Email Management program can further cut downstream cost and risk by enabling the defensible deletion of email messages that do not need to be retained. (If you have not already begun, you will also want to consider how you handle other ESI repositories for eDiscovery).
Good compliance programs today include processes related to the company’s electronic information, especially email. Companies of any size or reach are subject to anti-corruption legislation such as the Foreign Corrupt Practices Act (FCPA) in the US and the UK Bribery Act. Regulators also place demands on ESI retention and review, in addition to normal records retention requirements. And regardless of whether we like it, email is a location where many of our records are received and maintained.
A centralized archive for email – with the ability to enforce company mandated retention policies – can be a big win for compliance. An effective email sampling process can help to insure compliance with high-risk requirements like the FCPA, UK Bribery Act and even Sarbanes-Oxley. An archive with user-directed archiving capabilities enables a strong foundation for complying with records management and regulatory retention requirements. Similarly, with these controls in place, the enterprise can feel more comfortable with deleting expired content, knowing that it’s not subject to any further retention requirements. And for concerns on privacy and sensitive data, an issue that grows each day, an archive can help to insure that sensitive data does not leave the company’s firewalls without being encrypted.
Companies without archives often retain all of their email on their server, and the archive will drive savings through reducing top-tier storage requirements, shrinking backup windows and sizes, and substantially improving the efficiency of the email servers. Companies with mailbox size quotas have different issues – and with an archive they can quickly move to eliminate local email caches (typically PSTs or NSFs) that are unmanaged, insecure and can lead to disaster in eDiscovery matters. Users can have virtually unlimited mailbox sizes with no noticeable impact on their day-to-day work – even when working remotely or on an airplane.
Although operational improvements may not be your legal department’s main focus, your lawyers want the company to be more efficient, and helping them to understand these improvements is also an important step.
If your enterprise does not yet have an Email Management initiative, get legal and IT together to talk about the benefits. You will need help from legal in drafting and authorizing appropriate policies. (In determining best practices for policies and archiving, your legal counsel might be interested in The Sedona Conference’s guidance on Email Management). If you have already started, check to make sure that legal fully understands the benefits, has provided appropriate retention policies, is actively part of an efficient eDiscovery process, and that someone is verifying that users are maintaining information subject to regulatory frameworks.
Filed under: Uncategorized | Tagged: archive, archiving, compliance, eDiscovery, electronically stored information, Email, email management, EMC SourceOne, Information Governance, James D. Shook, ROI | 2 Comments »