Despite the explosive growth of electronic data and unstructured content in recent years, most organizations still take a manual and ad hoc approach to eDiscovery in response to litigation and regulatory inquiries, according to Forrester Research.
Just 23% of organizations claim to have an "end-to-end," holistic eDiscovery approach, a recent survey by the Cambridge, Mass.-based research firm reveals. Most companies instead rely on a mishmash of technologies -- including native operating system application search capabilities and enterprise search tools -- to "reactively" locate and report relevant content and data for eDiscovery purposes.
According to Brian Hill, a Forrester analyst and coauthor of the report, such disorganized approaches result in inefficiencies and wasted dollars, including inconsistent procedures that expose companies to potential legal risks and missed opportunities to save on "downstream" eDiscovery costs.
"Most organizations are grappling with eDiscovery in a very painful fashion," Hill said in an interview.
For one thing, he said, enterprise search tools and native database and application search capabilities were not designed for eDiscovery and have a number of limitations and deficiencies that could expose companies to risk.
Most enterprise search platforms, for example, cannot access all types of electronic, unstructured content that are covered by eDiscovery requirements, including some types of media content. Some search technology allows users to alter metadata, a definite no-no for litigation and other eDiscovery purposes.
These limitations on enterprise and other native search technologies are only going to grow as the types of content required to be covered for eDiscovery continues to expand, Hill said. The use of collaborative tools -- instant messaging and Microsoft SharePoint, for example -- is increasing the "scope and diversity" of digitally stored information.
Data volumes are growing too, adding to the problem. "Forrester clients regularly report message archive and file system growth of greater than 40% annually, making it nearly impossible to manually cull through documents and messages quickly and efficiently," Hill wrote in the report.
A lack of understanding between the main eDiscovery stakeholders, namely IT and legal departments, is also costing companies time and money. "IT and legal don't collaborate and coordinate as effectively as they should," Hill said. "And that's somewhat understandable."
To better manage eDiscovery practices, he said, companies must tackle the issue from both technological and people-based perspectives.
From a technology standpoint, it is important for organizations to understand that the eDiscovery technology market is highly fragmented, Hill said. And, with few exceptions, no single vendor can deliver an end-to-end eDiscovery product or product suite.
In most cases, organizations should consider investing in two distinct types of technology, he said. The first is archiving and records management technology that helps companies sift through the mountains of data and content sitting in corporate databases and applications. That determines what information must be retained for potential eDiscovery purposes and what can be disposed of. There are a number of vendors in this market with mature offerings, Hill said, including IBM, Oracle, HP and EMC.
Such technology not only helps a company reduce the amount of data it must sift through when it does receive an eDiscovery order -- and cut down on storage costs -- it also shields the company from potential legal risk, Hill said. That's because if a company is sued, for example, and has retained emails that it legally wasn't required to keep, it can still be required to turn them over. Better to have discarded the emails when the company had the chance to do so legally, the thinking goes.
The second type of technology Hill recommends is software that automates the review and retrieval of data and content. Such technology, from vendors like CT Summation, CaseCentral and Stratify, automates the process of tagging data and content as responsive or nonresponsive to an eDiscovery order and therefore requiring further review from the legal department.
Finally, organizations must facilitate better communication and coordination between the IT and legal departments, Hill said. Better understanding between the two will lead to a more efficient, less risky and less expensive approach to eDiscovery.
Legal departments, for example, often don't understand what is required from a technical standpoint to retrieve a certain type of data or content, Hill said. Lacking this information, they may agree in a lawsuit to provide data to opposing counsel that is costly or time consuming for IT to find and deliver, when a similar, more easily retrieved data type would have sufficed.
Similarly, IT departments rarely know just how expensive the review and processing phase of an eDiscovery order truly is. If made aware of this, as Hill suggests, "they might suggest more proactive steps" to make the processes more efficient from a technical standpoint.
Organizations should create a "multidisciplinary team" of IT, legal and other eDiscovery stakeholders to "bolster, measure, and improve information retrieval," Hill suggests. Doing so, he said, will help "make sure these groups work effectively together and make the eDiscovery process as efficient as possible."