Legal Hold – Balancing Risk in Place vs Collection


A critical early part of the eDiscovery process is a “litigation hold” or storage phase, which mandates that data relevant to the case should be preserved. In a typical case, after the data has been maintained, it is collected for further processing, auditing and other activities. The hold process is an important step – when data are not properly stored, spoliation claims and penalties can guide

There are many ways to create a litigation hold electronic data .. One of the most common is to combine keeping and billing phases – relevant data is collected by making a copy of it, and then set it aside in a safe storage. But recently there has been a lot of talk about creating but by maintaining data “in place”. This means that the data has been identified as related matters is somehow retained or locked down in the original location, without making a copy. It is an interesting concept, one that has both benefits and significant risks.

What are some of the potential benefits of trying to keep the data in place? The most popular is to avoid making a second copy of the data. Another advantage is the speed and efficiency – it is faster and easier to “lock” the data in place but it is to create a completely new copy. While this can both be true, real benefits can be limited in practice. In most cases, a copy of the data must be created early in the matter anyway, so it can be taken out of production, and for further processing, review and distribution of tips and other sources. Also, even when terabytes of data are involved, the cost of storage on inexpensive, making this benefit fairly nominal in practice for most cases.

other side of the analysis, there are many potential risks of trying to keep the data in place. These risks must be fully understood and weighed against the risk and complexity of the case. When considering data resides in advanced storage, such as records management repository or archive e-mail, keep in place is usually very simple and secure – they specialty branches generally have built-in functionality for disposal ban. But for other data, such as information stored on laptops, desktops and file shares, technology makes keeping in place based on the general security of the underlying operating system. In such cases, the hold is initiated by changing the security permissions desired file. Unfortunately, in most companies, the IT infrastructure provides individual employees with sufficient privileges that enable security that file to change again, allowing the change or even delete. In addition, keep in place does not work for many types of branches – for example, there is nothing to hold in place for e-mail counterpart held on the server

So it’s complicated -. What is the best practice? Understand the details of resting your way, whether copying or hold in place, and spread out the risk and efficiency requirements. In low-risk cases, where spoliation is not a significant concern, it may be efficient to just keep your data in place. Even in cases extensive collection criteria immense is subject to hold, it is not practical to immediately copy all the data, a combination of waiting in place, possible changes to IT systems and end-user education can be a good starting point. But in most cases of spoliation claims was important, or where early data collection is likely (thus eliminating a lot of benefits to keep the data in place), a collection of data that keep the process makes sense.


Leave a Reply

Your email address will not be published. Required fields are marked *