Presentation is loading. Please wait.

Presentation is loading. Please wait.

ICPL 7/25/2007 What the New E-Discovery Rules Mean to You H. Morrow Long, MS, CISSP, CISM, CEH Director of Information Security Yale University What the.

Similar presentations


Presentation on theme: "ICPL 7/25/2007 What the New E-Discovery Rules Mean to You H. Morrow Long, MS, CISSP, CISM, CEH Director of Information Security Yale University What the."— Presentation transcript:

1 ICPL 7/25/2007 What the New E-Discovery Rules Mean to You H. Morrow Long, MS, CISSP, CISM, CEH Director of Information Security Yale University What the New E-Discovery Rules Mean to You H. Morrow Long, MS, CISSP, CISM, CEH Director of Information Security Yale University X Me

2 FRPC 2006 E-Discovery terms & points ESI is now a separate category of discoverable info. You must know what you have -- Sloppiness is no longer an excuse. Hire records management personnel? You must respond to a request by a finite time frame. Data is now delivered in electronic form as specified. Dont panic: Good faith efforts provide a safe harbor. You will not be in trouble as long as you follow your repeatable (and documented) policies & practices. ILM! You can face fines, adverse jury instructions or business disruption. Plan and prepare. Set up arrangements between general counsel and IT as well as with outside firms if you are going to need their assistance (outsourced provider, forensics firm).

3 3 National Environment… IG Audits are gaining momentum HHS audit of Yale subcontract from UMass Medical School (February 2006) Major signal about responsibilities relating to subcontracts $194K of a $572K NIH award was disallowed by HHS Cost transfers (preaward, accounts in deficit), effort, cost allocation methodology NIH, DoD and NSF serve Yale with subpoenas (July 2006) FBI agents went at night to faculty and staff homes (and to one vacation destination!) to question them All information related to 47 grants from 13 departments (many closed) were subpoenaed Issues thus far…allocation of research expenses, the reporting of faculty effort devoted to grants, and numerous other matters relating to grant administration. Just zero out the grant… Whistleblower…? IG focus is on cost transfers, allocation of expenses, effort, administrative charging and subaward monitoring, conflict of interest

4

5 Y: The audit said Yale found an that had been altered and reported it. The original had asked for costs to be transferred from other grants to the sub-grant, which was about to expire with funds still remaining. A reference to "spending down" the sub-grant was deleted in the altered . L: That was a matter of great concern to us. When we discovered the altered , we immediately reported it to the federal auditors. It is intolerable, no matter what the intention, for a Yale employee to alter a document in the course of a government audit. And it's wrong to charge a research grant that is about to expire for expenses unrelated to the grant. There is simply no doubt about it. Y: DHHS said Yale investigated and took disciplinary action. What was the outcome? L: Disciplinary action was taken. I can't comment about the nature of it; it's against our policy to talk about disciplinary actions taken against an individual. [http://www.yalealumnimagazine.com/issues/2006_09/q_a.html ]

6 Yale University - Federal G&C Investigation June 26, Yale is served with subpoenas from four federal agencies : HHS, NIH, DoD, NSF - 47 grants and contracts for $47 million in 14 Depts. The amount of documents that have been requested by the federal government amounts to … hundreds of thousands, even millions of pages, - Yale President Levin Yale Daily News, September 11, 2006 May NASA investigation into Grant and Contract Accounting.

7 Yale University Response and Actions Mobilizes to inventory, preserve, examine, catalog and index data to fulfil the subpoenas doc requests. 100 Day Plan to re-engineer Yale. New Research Administration department created. Space reserved to store investgations paper documents Floor of Class A office space reserved for the auditors and lawyers to sort through documents. Communications: Sends and posts official message to the Yale Community on June 30, 2007 notifying employees (and others) what has occurred and what they should do.

8 Official Yale Communications VP General Counsel June 30, 2006 memo to Yale July 25, 2006 guidance on how this policy applies to newly created research data, Reminders sent out on 11/2/2006, 3/30/2007. May 9, 2007 Memo on NASA Investigation

9

10 From: Dorothy K. Robinson Vice President and General Counsel Re: Federal Investigation into Grant and Contract Accounting Earlier today President Levin sent to you a memo to inform you of investigations being conducted by various federal agencies regarding Yales management of research grants. Several federal agencies have served subpoenas calling for the production of a broad range of documents relating to the Universitys charging practices and grant- and contract-related recordkeeping. The subpoenas cover many years, many grants and contracts, and many Yale departments. At this point, no segment of Yale is exempt from scrutiny. We are working with expert outside counsel to respond to the subpoenas and to provide advice on all aspects of the investigations.

11 Document Retention It is essential that all grant- or contract- related documents be preserved. Destroying relevant hard copy or electronic records may subject you to criminal prosecution as well as the full range of employment sanctions. Even inadvertent destruction or loss of relevant documents and electronic records can have very serious consequences. This memorandum summarizes your obligations to preserve documents.

12 Scope: As of now, the investigations cover all aspects of federally sponsored research agreements where the sponsor is the Department of Defense, the Department of Health & Human Services, the National Science Foundation, or any component of any of those agencies. In case of doubt, you should assume that a funding arrangement is covered.

13 We do not yet know how far back the investigations will go. One of the subpoenas calls for documents going back to Do not assume that older documents and records are not covered. All routine destruction of documents and records related to federally sponsored research should be stopped immediately. If you have routine document or record destruction practices, and do not know if the documents or records pertain to federally sponsored research, please err on the side of caution, and stop the destruction until further notice. There should be no further deletion of electronic documents, including s, relevant to federal research grants and contracts even if such deletions would have been routine.

14 What counts as a document or record? Documents and records that must be preserved include anything with words or numbers or data pertaining to federally sponsored research. That includes all letters, s, research notebooks, voic s, memoranda, notes, instructions, reports, analyses, telegrams, facsimiles, diaries, calendars, studies, logs, journals, books, plans, records, forms, charts, graphs, audio, visual and digital recordings, photographs (positive prints and negatives), slides, worksheets, checks, credit card charge slips, expense records, computation sheets, computer printouts and programs, tapes, videotapes, diskettes, CD-ROMS, DVDs, microfilm, microfiche, and handwritten comments on any of the above. It includes all copies of documents which are not identical, due to highlighting, handwritten notes, corrections, revisions, or other differences, no matter how minor. All versions of each document must be preserved.

15 Your document preservation responsibility is ongoing and exists until you are notified otherwise in writing by me. You are not being asked to copy or produce any documents now; you may be contacted by a Yale lawyer with specific instructions if that becomes necessary. … If you have any questions about any of these matters, do not hesitate to contact me, Susan Carney, Deputy General Counsel, or Harold Rose, Associate General Counsel, at Thank you for your careful attention to this very important duty NOTE: This official Yale University message can also be viewed at: https://light.its.yale.edu/messages/UnivMsgs/detail.asp?Msg=17885

16 … In my of June 30, I gave initial guidance on Yales legal obligation, during the governments investigation into grants and contracts management at the University, to preserve research data developed under federally sponsored research. Since then, many individuals have expressed concern about whether they are required to maintain every iteration of such research data until the investigation is completed. In response to these concerns, we have had discussions with the responsible government agent, who has now made it clear that the government does not wish its inquiry to interfere with the active conduct of scientific research. Specifically, we have been informed that, going forward, you do not need to preserve newly created research data. This applies to all types of data, including dynamic systems that continually update and analyze a base of existing information. However, if you currently possess federally funded research data that were created and preserved in a static form prior to June 28, 2006 (for example, lab notebooks), you should continue to preserve those data. …

17 Issues Everyone began to ask what they could/should do before they : –Repurposed PCs –Disposed of computers and disks and tapes –Erased large datasets of research files… Now there was The List of Persons of Interest. Over time the rule in IT became that you had to check The List to see if a user was a named Person of Interest. Our Remedy trouble ticket system even had a Red flag tag added to display when a ticket was a Person of Interest. Yales IT AUP (Policy 1607) provides a process for access to data on University owned systems without the users consent under a procedure with checks and balances (Section 2.B).

18 Yale Policy 1607 Section 2.B Conditions of University Access B. Process. Consistent with the privacy interests of Users, University access without the consent of the User will occur only with the approval of the Provost and cognizant Dean (for faculty users), the Vice President for Finance and Administration (for staff users), the Dean of Yale College or of one of the graduate or professional schools, as appropriate (for student users), or their respective delegatees, except when an emergency entry is necessary to preserve the integrity of facilities or to preserve public health and safety. The University, through the Systems Administrators, will log all instances of access without consent. Systems Administrators will also log any emergency entry within their control for subsequent review by the Provost, Vice President for Finance and Administration, dean, or other appropriate University authority. A User will be notified of University access to relevant IT Systems without consent, pursuant to , section A (1-5) depending on the circumstances, such notification will occur before, during, or after the access, at the University's discretion.

19 Problems We ran out of tape and disk in our central TSM network backup system servers. Research and administrator users ran out of disk space. People became afraid to delete any files at all… Eventually there was some tension between the Faculty and the Yale administration regarding : –Mandatory faculty training in research administration. –The process of accomodating the document preservation and production to the government in fullfilling the subpoenas.

20 Mandatory training sessions for any faculty member whose work is funded by a source outside Yale will be offered multiple times through March, according to the Office of Research Administration. The hour- long sessions will cover policies and procedures related to grant accounting and reporting, though administrative staff will be responsible for carrying out most of the procedures. Attendees will later take an online quiz and must receive a passing score of at least 90 percent. Faculty members who do not attend one of the sessions and pass the quiz by June 30 will be barred from submitting new grant applications, according to a Nov. 27 letter from Provost Andrew Hamilton. Though the training has not yet started, some researchers have already expressed dissatisfaction with the requirement, Deputy Provost Charles Long said. He said the mandatory training is a burden, but it is important to ensure that all faculty members understand the procedures better. Aside from the single training session, the ongoing changes in research administration should not have much direct impact on faculty members, he said. [YDN 2006/12/7 ]

21 Published: Friday, February 2, 2007 Faculty object to searches Univ. copies info from hard drives in response to grant accounting investigation Steven Siegel Staff Reporter As a federal investigation into possible mismanagement of grant monies at Yale enters its eighth month, some professors are speaking out against what they say is an inappropriately invasive response from the University [YDN 2007/2/7 ]

22 At a faculty meeting Thursday, some science professors said the University is impinging on privacy and academic freedom by copying documents from professors hard drives and requiring faculty members to undergo mandatory training or supervision in the grant administration process. But administrators said they have already addressed one of the facultys concerns about the training, and that they have simply taken steps required by government subpoenas. The University has been taking information off some faculty hard drives in response to subpoenas, which some professors charged was a violation of their privacy. [YDN 2007/2/7 ]

23 ITS Involvement 600+ Individuals named 400+ accounts preserved (held) 100 individuals disks restored or captured – GB disks shipped to internal investigators Additional tape units, disks and computers to handle ePreservation and restorals/capture. H/W Drive Encryption units for xfer to 3rd party firms. 8 TB of disk space used for e-Preservation SAFE TSM vault. Many hard disks, tapes and other media physically preserved (stored in my office, moved to cabinets) Cataloging/indexing system for preserved ESI. Wrote software to automate cataloging and restoring inactive (deleted/overwritten) files, tracking and reporting progress.

24 Timeline July - Preservation August - Project Planning September - Inventory October - December - Restores and Captures January - March - Clean up of outliers June - weve returned to regular mode operation of disabling/deleting accounts not on the list (now we have a new list which includes all of the accounts in holds The University negotiated with the Federal govt as to how many and who they needed to supply documents for, reducing the number of individuals files affected

25 E-Collection Philosophy The University negotiated with the Federal govt as to how many and who they needed to supply documents for, reducing the number of individuals files affected Weve taken the concept of undue administrative burden to heart (pre E- Discovery 2-tier), restoring data which is not unduly difficult to restore. We have collected data from backups rather than directly from systems to reduce inconvenience to users. We usually only do forensic capture when a legal or internal (e.g. HR) investigation will require it.

26 December Present E-Discovery E-Discovery takes affect : New Federal Rules of Evidence for ESI ITS and General Counsel discusses and determines: –We will use the procedures and processes we have been using for the G&C Investigation to handle eDiscovery holds. –General Counsel will send InfoSec a formal confidential request to preserve all centrally held data ( , PC backups and Pantheon home directory) for individuals/accounts. –InfoSec will coordinate tracking the preservation requests and responses. Weve had a dozen Hold requests from General Counsel. Were solidifying the P&P which has been hammered out. Weve taken one set of frozen files/archives off of hold (case was settled). Weve not unfrozen any of the G&C material (current case).

27 FRPC 2006 E-Discovery terms & points ESI is now a separate category of discoverable info. You must know what you have -- Sloppiness is no longer an excuse. Hire records management personnel? You must respond to a request by a finite time frame. Data is now delivered in electronic form as specified. Dont panic: Good faith efforts provide a safe harbor. You will not be in trouble as long as you follow your repeatable (and documented) policies & practices. ILM! You can face fines, adverse jury instructions or business disruption. Plan and prepare. Set up arrangements between general counsel and IT as well as with outside firms if you are going to need their assistance (outsourced provider, forensics firm).

28 Issues for e-Discovery & e-Preservation Data Formats - programs used, data formats change and many law firms can only handle certain files. Conversion is needed. De-duplication of messages & documents is major. Outsourcing is $$$ but really helps with the 2 tasks above. There needs to be a formal policy and process / procedure for both preserving and eliminating ESI (taking files off of a hold). Retention period? Should U have a ILM policy? Know what data you have and where it is (& how to get to it) Buy or build tools to archive and restore any data needed to reduce the $$ and time, remove manual steps & add accuracy Always have General Counsel contact faculty and staff first before an IT or InfoSec staffer is sent to secure or capture data from an end users system.

29 Conclusions

30 References - Yale Daily News Articles Univ. reviews accounting Day Plan YDN 2006/12/7 Univ. alters accounting for grants Faculty object to searches

31 References - Yale Official Announcements 2006/06/30 - Announcement of Investigation https://light.its.yale.edu/messages/UnivMsgs/detail.asp?Msg= /07/25 - Guidance on Research Data https://light.its.yale.edu/messages/UnivMsgs/detail.asp?Msg= /11/02 - Reminder on document retention https://light.its.yale.edu/messages/UnivMsgs/detail.asp?Msg=20321

32 This has been a chalk outline production.


Download ppt "ICPL 7/25/2007 What the New E-Discovery Rules Mean to You H. Morrow Long, MS, CISSP, CISM, CEH Director of Information Security Yale University What the."

Similar presentations


Ads by Google