eDiscovery risk management is vital in board communication. Stay ahead with 5 ways to stay compliant & mitigate risk around electronic discovery.
“Information technology and business are becoming inextricably interwoven. I don’t think anyone can talk meaningfully about one without talking about the other.” — Bill Gates.
Some organizations have paid dearly during eDiscovery (the collecting and reviewing business’ electronically stored information) simply because they didn’t know better. Many organizations think their Directors and Officers insurance will cover all discovery costs. But D&O insurance can be easily exhausted covering electronic discovery since it is common for insurance providers to write liability policies without considering the costs if a plaintiff requests a backlog of electronic documents (like email).
While most organizations know how to prepare for the traditional discovery process, they don’t know how to properly prepare for eDiscovery. Usually their lack of preparation is because they don’t know the cost of eDiscovery or they lack the systems to manage their business’ electronic information legally. Not properly preparing for electronic discovery leaves your business vulnerable to exorbitant discovery costs, loss of reputation, and potential regulatory violations.
Why Is eDiscovery Important to a Company?
Staying ahead of electronic discovery requests can protect a company in the event of a legal investigation. The importance of eDiscovery is well-known in a courtroom. Rulings often depend on the evidence gathered from email eDiscovery. The process of collecting, reviewing, and organizing digital evidence (eDiscovery) is vital in building sound legal cases. It is also essential for companies to be organized and compliant when an eDiscovery request is filed.
A company should always respect the importance of an eDiscovery request. Lawyers will not ask for electronically stored information (ESI) unless it is vital to the case. Many lawyers must have a thorough understanding of ESI — being able to sort what is important and what is not — to meet the burden of evidence in a legal case.
The Benefits of eDiscovery
There are many benefits of eDiscovery for legal teams and corporations. One of the primary benefits is that eDiscovery is easily accessible and sortable compared to physical documents. Evidence produced during eDiscovery is also easier to share and use document tools for collaboration. There is also a drastically lower cost to produce eDiscovery than its physical counterpart. Typically, eDiscovery is faster to build and found to be more accurate.
There are, however risks associated with eDiscovery, like any digital document. The risks behind eDiscovery center are primarily data security, inadequate planning, and a lack of education. To successfully address risks, an organization must change how the business thinks — no more silos, regions, or business units. Policies must be used for governance and goals need to be set for business objectives.
Kelly Twigger, Esq., shared some insight on the responsibilities information creates for a company and details 5 risks to avoid in board communications.
1. Failure to Plan for eDiscovery
In 2006, a series of rules illustrated where eDiscovery comes into play.
- Third-party subpoenas
- Regulatory responses
- Government investigations
- Department of Justice second requests
To avoid the consequences of mishandling information, the following strategy can alleviate your company’s vulnerability to eDiscovery guidelines:
- Create a team that includes a variety of expertise: Information Governance, Legal, IT, and Business.
- Analyze risks
- Develop a process
- Implement and audit
- Electronically Stored Information (ESI) preservation
Planning processes need specific organizational risks and goals in mind. Often, eDiscovery of board communications occurs as a result of when a decision by the board is in litigation, shareholder derivative actions, breach of fiduciary duty, pension fund cases, etc.
The consequences of failure to plan for eDiscovery include the following:
- Exponentially higher discovery costs
- Reputation risks through bad publicity
- Potential regulatory violations
- Exclusion of witnesses results in a default judgment
- Sanctions in litigation
2. Email Vulnerability
Email eDiscovery is one of the most extensive types of ESI and, therefore a vulnerability. Phishing is one of the primary cybersecurity risks when it comes to email. Despite the continued threat against cybersecurity, 43% of all board of directors still use emails to send documents and information to fellow board members. (The Evolving Role of the Global Board—Thomas Reuters, 2014).
Today, experts recommend using a board portal for secure communications. A board portal is an excellent way to provide materials to board members in a contained form where management can control access.
3. Not Identifying All Sources of ESI That May Be Discoverable
Your eDiscovery team must thoroughly understand how different forms of communication used by board members interact with the rest of the company. They also need the skills to document and explain ESI communications along with their roles, who uses them, and why. Social media, texts, email, audio files, Word docs, spreadsheets, instant messaging, and photographs are all forms of communication that are discoverable.
How your board members communicate reflects on the organization. Offer training and implement standardized procedures for board communication with management and with each other to strengthen your company’s weakness against potential incriminating information.
4. Not Understanding How Data Is Captured and Stored
There’s a common misunderstanding about deleted data. While the information might not be easily accessible, it is never entirely gone. It is crucial to educate management and board members on how they might accidentally set themselves up for problems simply because they exchanged and kept sensitive content on company systems. Many cases are won and lost because discoverable information compromised litigation conditions.
5. Failure to Educate Board Members on the Risks of ESI
Just as information is power, prevention is vital in avoiding legal sanctions or prolonged litigation. When your company is preparing to implement company policies on handling information, some helpful training topics should include some of the following:
- Conduct in-person training with board members.
- Use an impartial presenter from an outside organization.
- Consider attorney-client privilege and use counsel to conduct training to shield contents of training from being discoverable.
- Have case studies and materials to support policies and positions.
- Be willing to discuss positions of board members relative to the inconvenience of issues versus risk management for the organization.
- Be careful with BYOD (Bring Your Own Device). Personal devices used for company communication still fall under eDiscovery guidelines.
By recognizing and reconciling these eDiscovery risks in your business, you will not pay the cost of being unprepared.
The Future of eDiscovery
The future of eDiscovery management is rapidly changing. For lawyers it is likely in AI and predictive software that can cut down on the review process. In contrast, the future of eDiscovery management for companies is creating well-organized systems of record for sensitive business information. Board of director communications, board meeting minutes, and task management must be under one secure roof like OnBoard.
Board management platforms like OnBoard can help companies stay ahead of legal compliance while collaborating in real-time.
About The Author
- Adam Wire is a Content Marketing Manager at OnBoard who joined the company in 2021. A Ball State University graduate, Adam worked in various content marketing roles at Angi, USA Football, and Adult & Child Health following a 12-year career in newspapers. His favorite part of the job is problem-solving and helping teammates achieve their goals. He lives in Indianapolis with his wife and two dogs. He’s an avid sports fan and foodie who also enjoys lawn and yard work and running.
- Board Management SoftwareNovember 16, 202310 Action Items to Reduce Remote Work Security Risks
- Board Management SoftwareNovember 13, 2023Vision Statement vs. Mission Statement: What’s the Difference? (Explained)
- Board Management SoftwareOctober 27, 2023How to Prepare an LLC Annual Report (Step-by-Step)
- Board Management SoftwareOctober 25, 2023What is a 501c3 Determination Letter? (Overview, Definition, and Examples)