The Importance of Information Governance as Preparation for Successful E-Discovery
The first article of this series offered a basic introduction to information governance and how it differs from information management. In our last installment, we explored how information governance should influence the creation and/or ingestion of information and how doing so will lead to a more successful e-discovery process.
Now comes the hard step that seems to give many organizations fits: using, modifying, storing and retrieving information. This phase is equally as influential as creation and ingestion. Even if creating and ingesting are in perfect concert with information governance, chaos will result if the next step doesn’t sustain that level of governance.
Organizations often don’t understand just how important it is to have a sound strategy for use and storage of information until they are compelled by the court to locate and produce it under the rules of electronic discovery. The difficulty surrounding responding to investigations or litigation matters can be greatly reduced when proper attention is given to how information is being used, modified, stored and retrieved. Essentially, this is the heart and soul of information governance.
Recall from the preceding article that we noted these key differences between merely managing information and truly governing it:
A solid understanding of information governance will open windows of opportunity when use, modification, storage and retrieval are considered. This is the why, how, where (from/to) and what will be next of information use, which can raise such intricate questions that many organizations don’t even bother to examine them. But they should.
Unfortunately, many organizations find it too cumbersome to set basic use restrictions. And it is often senior management who fail to empower, support and even abide by such restrictions. Nevertheless, this is where it must begin. Two basic considerations are:
All modification of data should be closely monitored. Not all modifications should be allowed by any user; rather, only authorized users following strict compliance rules should be given the ability to modify information. What constitutes “modification”? In addition to editing, it is important to note these other forms of data modification:
The ability to determine where information is stored should be removed from the individual user’s hands. It is important that data storage decisions strictly follow the organization’s governance policies.
If governance of use, modification and storage have been properly established and deployed, as well as being properly governed, retrieval becomes incredibly successful, and frankly, quite easy. On the other hand, if the opposite is true, this can be an organization’s worst nightmare – and if the organization ends up in court, it can become very, very expensive.
Compliance for its own sake is not enough, organizations must be able to leverage that compliance and demonstrate how compliance is benefiting the organization. Electronic discovery is certainly one area where the benefits become immediately apparent and demonstrable.
Our last installment, Archiving, Release, and Destruction of Information, will address the archiving, destruction or release of information. It turns out that if we are diligent with the first 90 percent of governance, the final 10 percent can become straightforward and routine.