Any organization that has had to perform e-discovery probably knows all too well just how expensive and time-consuming the process can be. SharePoint 2013 has its own built-in portal known as the eDiscovery Center. Although the eDiscovery Center is meant to simplify the e-discovery process,
The SharePoint eDiscovery Center is really nothing more than a special-purpose site collection. Like any other site collection, you have to control access through a series of permissions.
As a best practice, never assign eDiscovery Center permissions directly to a user. Otherwise, permissions become difficult to manage. Instead, create an e-discovery group and add the members of your legal team to the group. You can then assign e-discovery permissions to the group.
It has also become standard practice for SharePoint administrators to block themselves from accessing the eDiscovery Center once it has been put in place. The eDiscovery Center exists solely to comply with subpoenas and other requests for data, so IT shouldn't have permissions to view content in the center once it's been established. At best, allowing the IT staff to have access can complicate the legal team's jobs. At worst, administrative access can represent a major conflict of interest.
Build a series of cases
The SharePoint eDiscovery Center treats an e-discovery request as a case (or record of sorts). As a rule, create a separate case for each e-discovery request. There are several advantages to keeping each case separate.
First, separating cases from one another allows you to keep the discovery results relevant and circumscribed to a particular issue. You don't want to hand an opposing party more data than is required.
Another advantage is that you can set a unique set of permissions for each case. Generally, your legal team will have access to all of the cases, but in some situations the legal team may need to provide access to others in the organization for various logistical purposes.
Beware SharePoint eDiscovery Center's limitations
SharePoint's eDiscovery Center provides the legal team with a simple but powerful query interface. The problem with this interface, however, is that it can provide a false sense of confidence. The center doesn't automatically query all available data. In reality, the query results depend heavily on how SharePoint is configured.
The eDiscovery Center makes use of the Search Service Application. Any data that is accessible to the Search Service Application should also be accessible to the eDiscovery Center. However, it is common for larger organizations to create multiple Search Service Applications to segment SharePoint search. If your organization maintains separate Search Service Applications, you need a separate eDiscovery Center for each.
Similarly, the eDiscovery Center can examine Exchange Server data and Lync data in addition to SharePoint data. However, these capabilities are not enabled by default. Before SharePoint can perform e-discovery of Exchange or Lync data, server-to-server authentication must be established. You also have to grant the legal team permission to access Lync and Exchange Server data before it can query those resources.
Refine query results
Another best practice is to train the legal team in using SharePoint's query engine to refine the search results based on various criteria. This can be extremely important for two main reasons.
For more on
SharePoint 2013 upgrades includes e-discovery
Data discovery tools prove valuable
First, when someone issues a subpoena for data, the intent is to use that data to build a legal case against your organization. As such, it is in any company's best interest to provide the minimum amount of data possible while still complying with the subpoena. Refining the e-discovery results can omit unnecessary data.
Second, the opposing party won't be the only ones examining the data. Your organization's legal team will also examine the data. The legal examination process can easily cost many thousands of dollars for every gigabyte of data. As such, the ability to effectively refine the search results can directly affect legal costs.
SharePoint 2013 is designed to perform in-place e-discovery. This means that SharePoint does not create a dedicated copy of discovered data as some e-discovery technologies do. Instead, the results are nothing more than pointers to live data. The advantage to searching live data is that the search results are guaranteed to be up to date.
Of course, you will eventually have to extract the discovered data and save it to portable media that can be used for various legal purposes. When doing so, it is a good idea to protect the portable media with BitLocker to Go or a similar encryption mechanism, which reduces the chances of the data being accidentally exposed.
It is also worth noting that if Exchange Server data is included in the query results, SharePoint provides an option to omit duplicate Exchange content prior to exporting the data. Doing so can reduce storage costs, as well as the costs and time required to examine the exported data.
The eDiscovery Center simplifies what is often considered a burdensome process. The key to relief, however, is to ensure that eDiscovery Center is properly configured and that your legal team is trained in how to use it effectively.
This was first published in August 2013