New federal rules governing electronic discovery take effect Dec. 1, leaving corporations scant time to evaluate and implement any technology or procedures to help handle looming new standards of producing electronic records in litigation.

The biggest change: Companies must be prepared to address e-discovery issues immediately after a suit is filed. Under the new rules, companies will have to meet within 30 days of a case being filed to discuss how to handle electronic data, including retention practices, the types of records that might be demanded, and what information is considered “accessible.”


Previously, companies could simply wait for a discovery request, which could take as long as a year after the lawsuit’s initial filing, says Andrew Cohen, associate general counsel of EMC Corp. The 30-day rule will mean educating employees “to understand that, upfront, they have to take steps to identify relevant content and lock it down. The new rules create an incentive for companies to get better control over information that is not being very well-controlled.”

Getting better control over that information will not necessarily be easy. Already, general counsels and IT managers face a host of software vendors (EMC among them) hawking records retention technology—with very few, if any, offering just the right solution for a company’s needs.

“There’s probably not going to be a vendor out there that has a piece of litigation management software [that lets the company] readily push a button and pull the relevant data from its databases,” says Albert Frevola, a lawyer with Gordon, Hargrove & James. “You need a vendor that’s going to be able to work with the IT people to get an understanding how data is stored and how it can be extracted in a way that doesn’t destroy its original properties.”

Craig Freeman, of Xerox Litigation Services, acknowledges that the e-discovery market “has exploded … There are a lot of companies out there doing this, which makes for a difficult landscape. Hundreds of companies have hung out signs saying, ‘We do e-discovery.’ But what does that mean?”

Choosing among the myriad of options can be a daunting task, but several factors should be considered.

What Do You Have?

“When you look at this business, it’s first about understanding what you already have,” says Thomas Aleman, a principal with Deloitte Financial Advisory Services and leader of its analytic and forensic technology group. “The number one thing you need to do is conduct an assessment or gap analysis: where your data is, how it’s stored, who creates and maintains it.”

Jim Daley, a partner with Redgrave Daley Ragan & Wagner, a law firm that specializes in electronic discovery, says that few major organizations “have their house in order in terms of knowing themselves, their IT and the regulatory landscape in terms of beginning to build a process for a solution … There’s just so much unmanaged information out there.”

What Do You Want It To Do?

Before rushing out to buy new technology, companies must consider the problem they want the technology to solve, says Kevin Moncrief, a director of security and technology solutions for Ernst & Young. Some may only need a top layer of software to track what data will be needed for some specific piece of litigation, and which employees are custodians of that data; others might need larger IT systems to reach into databases and collect that relevant data itself. “There are a lot of different ways to design a technology to support preservation or collection of data,” Moncrief says.

Will It Work As Promised?

That question may seem obvious, but “no” is the answer a painful number of times, says Brian Brockway, a spokesman for software company CommVault Systems. “The company may have started to roll it out and then found it wasn’t as easy and efficient as they expected it to be, and just halted the project, looking for an alternative solution,” he says.

Companies should always consider e-discovery software in the context of its greater IT environment—particularly whether the software will be compatible with the corporate email system, says Gary Fox, of IT consulting firm Dimension Data North America.

How Much Does It Cost?

Cost is always going to be an issue for corporations looking to e-discovery solutions, says Art Gilliland, a marketing director for IT security software maker Symantec. He advises that companies weigh the cost against potential savings they might reap from better information management.

That cost-benefit analysis, however, does hinge on a company having the right policies and procedures to take maximum advantage of new software. “Electronic discovery is an enormous cost to the organization,” says Aleman of Deloitte. “If you can put in place some of these processes, that will reduce the cost down the road.”

Is Outsourcing An Option?


Some companies “will outsource pieces of their IT infrastructure, in some cases entire IT infrastructure, and in a sense outsource the responsibility of responding to discovery,” says David Burg, director of the investigations practice of PricewaterhouseCooopers. Whichever course of action is best “depends on the business and the business needs.”

Michael Wilson, a partner with the law firm Munck Butrus, says that companies must develop relationships with vendors that have the ability to retrieve information and the capacity to act in a timely fashion during fast-paced litigation.

“I’ve heard of nightmare scenarios where either an e-discovery vendor promised something they couldn’t deliver, or they took on too many projects for the number of people and capability that they had,” Wilson says. “You end up not getting any response or unqualified people to handle it. You end up with discovery you’re not confident in.”

Outsourcing “is a great way to go provided you’ve got some internal controls in place to maintain the chain of custody and authentication of records,” Aleman says. “If you’re just outsourcing storage, however, it’s not very effective.”