EDiscovery and Records Management. Corporate Records Management Historically- Paper was the “Corporate memory”- a visible, physical entity. Original.

Slides:



Advertisements
Similar presentations
IT Security Policy Framework
Advertisements

The Impact of Auditing on Records Management Risk and Compliance Susan B. Whitmire, CRM, FAI Manager, Enterprise Records and Information Management BlueCross.
United States District Court for the Southern District of New York, 2004 District Justice Scheindlin Zubulake v. UBS Warburg LLC Zubulake V.
Records Management for UW-Madison Employees – An Introduction UW-Madison Records Management UW-Archives & Records Management 2012 Photo courtesy of University.
Litigation Holds: Don’t Live in Fear of Spoliation Jason CISO – University of Connecticut October 30, 2014 Information Security Office.
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
E-Discovery New Rules of Civil Procedure Presented by Lucy Isaki January 23, 2007.
John L. Baines OIT Security and Compliance Retention: Preserving Public Records.
W W W. D I N S L A W. C O M E-Discovery and Document Retention Patrick W. Michael, Esq. Dinsmore & Shohl LLP 101 South Fifth Street Louisville, KY
Coping with Electronic Records Setting Standards for Private Sector E-records Retention.
EDiscovery and Records Management. Records Management- Historical Perspective- Paper Historically- Paper was the “Corporate Memory” – a physical entity.
Security Controls – What Works
WELCOME Annual Meeting & Compliance Seminar. Code of Conduct - Impact on Corporate Culture by Andy Greenstein Knight Capital Group, Inc.
Developing a Records & Information Retention & Disposition Program:
1 E-Discovery Changes to Federal Rules of Civil Procedure Concerning Discovery of Electronically Stored Information (ESI) Effective Date: 12/01/2006 October,
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
What Will My Records Retention Schedule Look Like ?
Managing Risk in Cloud Computing Contracts Henry Ward and Todd Taylor April 30, 2015.
Electronic Communications State Owned System Mandates Presented by: Eileen Goldgeier.
Do you Know Where your Data is? Gregory P. Silberman, CISSP Technology Intellectual Property & Outsourcing Group Kaye Scholer LLP May 10, 2005.
Electronic Records Management: What Management Needs to Know May 2009.
Policies and Procedures Every Church Needs Copyright 2012©
THE CLOUD Risks and Benefits from the Business, Legal and Technology Perspective September 11, 2013 KEVIN M. LEVY, ESQ. GUNSTER YOAKLEY.
Copyright© 2010 WeComply, Inc. All rights reserved. 9/19/2015 Record Management.
Internal Control in a Financial Statement Audit
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Internal Control in a Financial Statement Audit
Internal Investigations: A primer Bob Cooper May 30, 2007.
EDiscovery, Records Management and Records Retention.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Information Systems Security Operational Control for Information Security.
2009 CHANGES IN CALIFORNIA DISCOVERY RULES The California Electronic Discovery Act Batya Swenson E-discovery Task Force
M a k i n g w o r k e r s ’ c o m p w o r k ® Content Management & Records Retention “A RIM Perspective” Nancy M. Maglothin, Records and Information Manager.
Against: The Liberal Definition and use of Litigation Holds Team 9.
Developing Plans and Procedures
P RINCIPLES 1-7 FOR E LECTRONIC D OCUMENT P RODUCTION Maryanne Post.
The Challenge of Rule 26(f) Magistrate Judge Craig B. Shaffer July 15, 2011.
Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.
The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.
EDiscovery Preservation, Spoliation, Litigation Holds, Adverse Inferences. September 15, 2008.
Electronic Records Management: A New Understanding of Policy, Compliance, and Discovery Robert J. Sobie, Ph.D. Director Information Systems Department.
IT Security Policy Framework ● Policies ● Standards ● Procedures ● Guidelines.
ILTA – Insight 2007 E-Disclosure --Preparing for Compliance-- Moderator: Sally Gonzalez, Director, Navigant Consulting, Inc. Panelists: Oz Benamram, Director.
Copyright ©2014 by Saunders, an imprint of Elsevier Inc. All rights reserved 1 Chapter 02 Compliance, Privacy, Fraud, and Abuse in Insurance Billing Insurance.
Information and Records Management INFM 718X/LBSC 708X Seminar on E-Discovery.
Data Governance 101. Agenda  Purpose  Presentation (Elijah J. Bell) Data Governance Data Policy Security Privacy Contracts  FERPA—The Law  Q & A.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
E-Discovery – Practical Experience from an Agency Perspective Robert Wright Former Chief, Plans and Program Management Unit FBI.
© 2010 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
All Employee Basic Records Management Training. Training Overview 1.Training Objectives 2.Clark County RIM Program 3.Key Concepts 4.Employee Responsibilities.
Welcome….!!! CORPORATE COMPLIANCE PROGRAM Presented by The Office of Corporate Integrity 1.
The Sedona Principles November 16, Background- What is The Sedona Conference The Sedona Conference is an educational institute, established in 1997,
Information Management in Retail: A Legal Perspective Chris Hill Barlow Lyde & Gilbert LLP 17 September 2009.
Legal Holds Department of State Division of Records Management Kevin Callaghan, Director.
E-Discovery And why it matters to a SSA. What is E-Discovery? E-Discovery is the process during litigation of discovering information relevant to litigation.
Generally Accepted Recordkeeping Principles: The Principle of Transparency Alaska Chapter of ARMA International Presented by: Tara Carey, ARMA Board Member.
EDiscovery Also known as “ESI” Discovery of “Electronically Stored Information” Same discovery, new form of storage.
Legal, Regulations, Investigations, and Compliance Chapter 9 Part 2 Pages 1006 to 1022.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
DON Code of Privacy Act Fair Information Principles DON has devised a list of principles to be applied when handling Protected Personal Information (PPI).
Investigations: Strategies and Recommendations (Hints and Tips) Leah Lane, CFE Director, Global Investigations, Texas Instruments, Inc.
School of Health Sciences Unit 3 Legal Aspects of Health Information and Health Care Statistics HI 135 Instructor: Alisa Hayes, MSA, RHIA, CCRC.
#16PACE Preparing For The Inevitable... How To Be Ready When The Lawsuit Comes And Steps To Proactively Limit Corporate Inconvenience And Liability Mitchell.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Leveraging the Data Map – A Case Study November 15, 2016
Records Management Compliance Training
Employee Privacy and Privacy of Employee Information
Information Governance Part 2
Neopay Practical Guides #2 PSD2 (Should I be worried?)
Presentation transcript:

eDiscovery and Records Management

Corporate Records Management Historically- Paper was the “Corporate memory”- a visible, physical entity. Original documents insured authenticity. Records Management policies were manageable.

Records Management- Digital Perspective Records management is no longer visible. Digital information accounts for greater than 90% of all records. The logical location of these stored electronic records is controlled by computers. And, although, it may appear to be less costly to store digital information, it is important to develop meaningful retention policies.

Corporate Records Management ARMA AIIM Surveys Survey -of 17,000 Businesses, Government agencies, non-profits and associations. While 83% of organizations reported formal records management programs 24% still reported them as ineffective. 25% of the record management programs did not address electronic records 34% did not have a formal plan for discovery requests for records including litigation hold orders. 13% still did not include electronic records in their litigation hold procedures. 47% did not have a formal retention policy.

Corporate Records Management ARMA AIIM Surveys Survey Survey results have actually improved and show some significant action taking place. But they also reflect a continued weakness in the processes and systems for handling electronic records. Principle driver: The magnitude of litigation and the demand for regulatory compliance has brought the need to address records management to many companies.

Corporate Records Management Objectives of a Sound Record Management program Preservation Compliance with Regulations & Statutes. Mitigate Legal Risk. Reduce Litigation and Discovery Costs. Enhance Knowledge Management and Increase Productivity.

Records Management- Preservation Anticipation of a Claim is all that’s required to trigger the duty to preserve potentially relevant evidence. Effective preservation (or destruction) is difficult. Other issues that must be addressed: Hardware/software changes. Employee turnover. Work on home computers. Reminders to organization. Suspension of defragmentation, alteration, wiping etc. Responsive vs. Reactive preservation.

Records Management- Legal Holds Litigation Hold Coordination- a litigation hold directs the organization or identified parties to segregate and protect from destruction certain documents and data that are, or arguably may be, relevant to a threatened or pending litigation. Counsel must be sufficiently knowledgeable of their companies or clients electronic systems to identify any potential source of relevant electronic data.

Eight Steps to Defensible Legal Holds 1.Identify when the preservation obligation began. 2.Determine what ESI should be preserved. 3.Designate a Technical Authority. 4.Issue timely legal hold notices. 5.Confirm compliance with legal hold notices. 6.Document compliance with the legal hold process. 7.Actively monitor compliance with legal holds 8.Release the legal hold once the matter is concluded.

Corporate Compliance Legal Issues Sarbanes-Oxley Act (SOX) Health Insurance Portability & Accountability Act (HIPAA) Foreign Corrupt Practices Act Government Bailouts Gramm-Leach Bliley Act Fair and Accurate Credit Transactions Act of 2003 (FACTA)

Compliance with organizational policies, industry standards, local, & National Government laws and regulations dictate evolving retention periods for all types of Data including s.  Sarbanes-Oxley Act (SOX)  HIPAA  SEC 17 CFR Part 210  Florida Sunshine Law  NASD 2860/3010/3110  FDA  Electronic Communications and Transactions Act  National Labor Relations Act  Employee Retirement Security Act of 1974  Americans with Disabilities Act  OSHA  Medicare Conditions of Participation  Title VII of the Civil Rights Act of 1964 Over 6,000 State & Federal Compliancy Laws & Regulations!

Corporate Compliance Legal Issues Accounting/reporting fraud Anti-boycott Antitrust Conflicts of interest Consumer protection Discrimination/EEO Document retention /Internet Use Environmental protection Export Control Foreign Corrupt Practices Act Fraud prevention Intellectual Property Money Laundering Insider Trading Protection of Confidential Information Political contributions Lobbying Government contracting Product Quality Workplace Safety Gifts & Entertaining Privacy Harassment Executive Pay

Corporate Compliance Challenges Capturing, maintaining, retrieving and protecting information in a consistent manner. Creating a governance and approval process. Unstructured data v. structured data –E.g. audio and video files.

Corporate Compliance- Technology Review Legal should be involved with the corporation’s technology selection(s) to insure that it satisfies compliance requirements and will handle any necessary complexity. Additionally, they need to insure that standards and procedures are properly communicated to the organization.

Costs Understand the cost of preservation vs automatic destruction policies. Make sure that you establish methods to reinforce your policies and test their effectiveness. Anticipate litigation.

Knowledge Management From a legal perspective maintain your records so they can be updated and be useful for future needs or litigation.

Some of the questions you must answer for your client or company Has relevant data been properly preserved? What is the time, difficulty, costs to recover and retrieve relevant data? What business disruption will occur? How can relevant data be identified and irrelevant or privileged data be sorted out? How can this data be preserved to be used for potential future requests or other matters?

Changing Perspectives on Record Management Ignorance no longer a valid defense. retention policies are difficult or impossible to put in place. Sarbanes-Oxley requires compliance, yet is vague in many areas. Cost shifting strategies and burdensome arguments have a very low success rate.

Best Practices Proactively prepare for future litigation. Map critical electronic data, systems and backup media. Align Legal, IT and the Business. Disaster recovery strategies must no longer be the only purpose of record retention. Create evidence management/ preservation programs and publish, publish, publish

Example Create the Retention schedule/ guidelines and publish to a employee handbook Create a list of every department and division within the corporation and then within that department each major category of documents Create a complete numbering system; i.e LEG ; representing the Legal Department, the Litigation division, and expense records For LEG define the details for that record type electronic and paper life…i.e; online for 3 years, after that destroy, any events that could have an impact, etc. Create a records retention manager and hotline for monitoring and answering immediate questions.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.