In today’s fluctuating business and regulatory environment, enterprises are increasingly burdened with escalating litigation costs and the specter of lawsuits that threaten to run up millions in legal fees and adverse judgments as well as consume hundreds if not thousands of precious hours of employee productivity.
One of the biggest enablers of these phenomena are the changes to the Federal Rules of Civil Procedure (FRCP) governing Electronically Stored Information (ESI). These and other rules have precipitated a deluge of vendor solutions promising to “fix” problems stemming from legal or IT’s inability to efficiently and cost-effectively meet their enterprise’s ESI and litigation management requirements.
Why so many point solutions
Consequently, legal teams are too often driving technology or service provider adoption decisions based on their familiarly with legal-practice-specific solutions to address various activities defined by the Electronic Discovery Reference Model (EDRM), aided and abetted by a seemingly unending number of vendors great and small who are beating a path to the general counsel’s door promising yet another collection of point solutions to overcome the latest technological challenge or bottleneck. Chief among the complaints are lack of integration or interoperability, poor scalability, a population explosion of indexes, and siloed, replicated content - not to mention a lack of centralized policy management and transparency across the entire corpus of enterprise content and data.
Legal team tail wagging the records management dog
In too many cases, records management professionals and the products that support their efforts have been overlooked - not unlike how mainframe disciplines and best practices were largely ignored when PCs and network computing became the rage in the 1990’s. Recently, after a fair amount of criticism for a lack of clarity in the Information Management section of their model, EDRM embarked upon the IMRM Project to “provide a common, practical, flexible framework to help organizations develop and implement effective and actionable information management programs. The IMRM Project aims to offer guidance to Legal, IT, Records Management, line-of-business leaders, and other business stakeholders within organizations.”
Unfortunately, IMRM disregards the extensive work that ARMA International has done with its Generally Accepted Recordkeeping Principles GARP, which includes a wealth of advice on ediscovery practices and an information governance maturity model to help organizations improve their business practices, leverage their technology assets and lower their risks. Sadly, legal teams also fail to acknowledge the contribution that records management professionals can make and the proven technologies they have implemented over the years that provide a scalable, policy driven foundation for information governance.
Why records management matters
Mature records management (RM) solutions and best practices provide a foundation and framework on which records can be declared, secured, and managed. Information governance best practices, regardless of how much they can be automated, are inseparable from the human component, which includes employee education and training along with policies that can be adhered to without severely straining business workflows or losing vital corporate information assets. In addition:
- Think IM architecture and the requirements of the RM disciplines,
- Get records management right, and your compliance risks and costs go way down,
- Look to RM for accountability, transparency, operability, and defensibility,
- Think about functionality needed to manage unstructured data which constitutes the bulk of records.
HP TRIM and SharePoint example
The proliferation and use of Microsoft SharePoint as an ediscovery tool among all classes of enterprises has created a thriving cottage industry throughout the ranks of information management vendors and service providers. This is primarily due to the fact that while SharePoint is a popular and useful collaboration tool, today it lacks the policy management and repository scalability that most enterprises require. HP with the new features of its TRIM 7.0 RM solution allows SharePoint to act as the user interface while enabling organizations to “proactively capture, classify, and manage evidence of their decision making and business activities in an enterprise scalable records management system.” This includes the ability to declare hundreds of data or content types business records and allows for ESI to be discoverable in case of litigation or a compliance audit.
According to HP, the TRIM 7.0 solution offers these key customer benefits:
- Proven records management for your enterprise,
- Increased compliance and faster response to legal discovery requests,
- Improved employee productivity and business process efficiencies,
- Transparent records management and site archiving for SharePointm
- Built in compliance with the international standard for records management, ISO 15489,
- Compliance with US Department of Defense Security Standard DoD 5015.2 Chapters 2, 3, 4 and with other major standards.
The consensus among IT, RM and other line-of-business executives as well as the vast majority of industry pundits and even many e-discovery vendors is that legal should not be making critical technology decisions in a vacuum if at all. There are too many examples of poorly implemented, stop-gap solutions that neither scale nor conform with information governance best practices or take advantage of enterprise or service-oriented architectures that would support a superior view of enterprise wide data and, ultimately, provide greater assurance that all pertinent ESI is being managed properly while lowering risks and costs. Some more enlightened general counsels and litigators have engaged IT, RM, and other critical constituencies within the enterprise such as compliance and HR. However, the overwhelming evidence indicates that legal is in a reactive mode rather than taking a more strategic view.
Action Item: CTOs and IT professionals need to help make the case to management and legal that records management solutions often contain the security, policy management, interoperability, and integration of disparate modules. In short, they provide a holistic architectural framework and approach that will ultimately serve the enterprise better in controlling costs and reducing risks. This means bringing records management practitioners, solutions and best practices to the table.