Organizations lag in testing their ESI discovery policies

Companies are taking steps to prepare for litigation but still falling short, according to survey.

More organizations have developed a strategy for identifying, preserving, collecting and producing electronically

stored information for litigation or investigations, but they're falling short when it comes to testing their ESI discovery policies, according to a survey by Kroll OnTrack Inc., a Minneapolis-based supplier of data discovery products and services.

The survey, which is the company's fourth annual, showed that companies aren't accounting for the use of social networking in their ESI discovery policies and that IT is leaping ahead of their legal counterparts in awareness of ESI strategy implementation.

More than 52% of organizations in the U.S. have an ESI discovery strategy, an increase from 46% last year, according to the survey, which polled 203 individuals representing IT and in-house counsel at U.S. businesses. However, only 38% have tested their policies and 45% don't know if their policies have been tested, the study showed.

"The complexity that is necessary to have a good ESI discovery strategy makes testing an important component," said Jason Straight, vice president of business development at Kroll Ontrack.

More than half of the survey respondents said they didn't know if their organization has a data map, or inventory of where all data is stored. "Without that foundation of a data map, they can't have an effective data retention strategy," Straight said.

The lack of a data map has data security implications, said Kristin Nimsger, president at Kroll Ontrack. Not knowing where data is within an organization makes adequate protection of those assets virtually impossible, she said.

The survey showing a decline in the number of organizations that have updated their ESI discovery policies to address social media use isn't that surprising, Straight said. "Historically, there's a lag between the adoption of new technology by users and when legal catches up and starts to figure out how that may change or effect their organizations' obligations."

What was surprising, however, was the finding that IT has outpaced legal with their degree of ESI discovery knowledge, which runs counter to historical trends, Nimsger said. IT staffers are increasingly being tapped to participate in ESI discovery matters, increasing their awareness, she said. "They feel the ball is being handed to them."

Respondents to the study represented a broad range of industries, including financial services companies. As the most highly regulated and litigated industry sector, the financial industry tends to be on the cutting edge of ESI discovery issues, she said.

Financial services firms "tend to be more sophisticated in their understanding and more advanced in their policy creation," she said.

The survey found that despite the tough economy, companies' continue to spend about $1 million per organization on average annually on discovery.

Dig deeper on Electronic data discovery compliance

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSecurity

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

ComputerWeekly

Close