Tag Archives: information governance

August 21, 2018 · 9:27 AM

When your “Compliance” and eDiscovery Processes Violate the GDPR

Time to reevaluate tools that rely on systemic data duplication

The European Union (EU) General Data Protection Regulation (GDPR) became effective in May 2018. To briefly review, the GDPR applies to the processing of “personal data” of EU citizens and residents (a.k.a. “data subjects”).” Personal data” is broadly defined to include “any information relating to an identified or identifiable natural person.” That could include email addresses and transactional business communications that are tied to a unique individual. GDPR is applicable to any organization that provides goods and services to individuals located in the EU on a regular enough basis, or maintains electronic records of their employees who are EU residents.

In additional to an overall framework of updated privacy policies and procedures, GDPR requires the ability to demonstrate and prove that personal data is being protected. Essential components for such compliance are data audit and discovery capabilities that allow companies to efficiently search and identify the information necessary, both proactively, and also reactively to respond to regulators and EU private citizen’s requests. As such, any GDPR compliance programs are ultimately hollow without consistent, operational execution and enforcement through an effective eDiscovery information governance platform.

However, some content management and archiving tool providers are repurposing their messaging with GDPR compliance. For example, an industry executive contact recently recounted a meeting with such a vendor, where their tool involved duplicating all of the emails and documents in the enterprise and then migrating all those copies to a central server cluster. That way, the tool could theoretically manage all the documents and emails centrally. Putting aside the difficulty of scaling up that process to manage and sync hundreds of terabytes of data in a medium-sized company (and petabytes in a Fortune 500), this anecdote underscores a fundamental flaw in tools that require systemic data duplication in order to search and manage content.

Under the GDPR, data needs to be minimized, not systematically duplicated en masse. It would be extremely difficult under such an architecture to sync up and remediate non-compliant documents and emails back at the original location. So at the end the day, this proposed solution would actually violate the GDPR by making duplicate copies of data sets that would inevitably include non-compliant information, without any real means to sync up remediation.Desktop_virtualization

The same is true for the much of the traditional eDiscovery workflows, which require numerous steps involving data duplication at every turn. For instance, data collection is often accomplished through misapplied forensic tools that operate by a broadly collecting copies through over collection. As the court said in In re Ford Motor Company, 345 F.3d 1315 (11th Cir. 2003): “[E]xamination of a hard drive inevitably results in the production of massive amounts of irrelevant, and perhaps privileged, information…” Even worse, the collected data is then re-duplicated one or often two more times by the examiner for archival purposes. And then the data is sent downstream for processing, which results in even more data duplication. Load files are created for further transfers, which are also duplicated.

Chad Jones of D4 explains on a recent webinar and in his follow-on blog post about how such manual and inefficient handoffs throughout the discovery process greatly increase risk as well as cost. Like antiquated factories spewing tons of pollution, outdated eDiscovery processes spin out a lot of superfluous data duplication. Much of that data likely contains non-compliant information, thus “polluting” your organization, including through your eDiscovery services vendors, with increased GDPR and other regulatory risk.

In light of the above, when evaluating your compliance and eDiscovery software, organizations should keep in mind these five key requirements to keep in line with GDPR and good overall information governance:

  1. Search data in place. Data on laptops and file servers need to be in searched in place. Tools that require copy and migration to central locations to search and manage are part of the problem, not the solution.
  1. Delete Data in Place. GDPR requires that non-compliance data be deleted on demand. Purging data on managed archives does not suffice if other copies are on laptops, unmanaged servers and other unstructured sources. Your search in place solution should also delete in place.
  1. Data Minimization. GDPR requires that organizations minimize data as opposed to exploding data through mass duplication.
  1. Targeted and Efficient Data Collection: Only potentially relevant data should be collected for eDiscovery and data audits. Over-collection leads to much greater cost and risk.
  1. Seamless integration with attorney review platforms, to bypass the processing steps which requires manual handoffs and load files.

X1 Data Audit & Compliance is a ground-breaking platform that meets these criterion while enabling system-wide data discovery supporting GDPR and many other information governance requirements.   Please visit here to learn more.

Leave a comment

Filed under Best Practices, compliance, eDiscovery, eDiscovery & Compliance, Enterprise eDiscovery, GDPR, Information Governance, Information Management, Uncategorized

Tagged as , ,

February 22, 2017 · 9:01 AM

Declining Law Firm Productivity Tied to Information Governance Challenges

A new legal industry study finds a substantial decline in attorney productivity in recent years, significantly reducing law firm profitability. In its 2017 Report on the State of the Legal Market, Thomson Reuters notes that “over the past 10 years, the average billable hours worked by all lawyers across the market declined from 134 billable hours per month in 2007 to 122 through the late part of 2016.” This equals a reduction of 144 billable hours per year per lawyer. The report, by multiplying that total by the average worked rate ($463) for all lawyers in 2016, determined the productivity decline is costing law firms about $66,672 per lawyer per year.

One of the main causes for diminished lawyer productivity is the exponential proliferation of their stored emails and documents and the associated inability to recall important work product and previous e-mail communications. Another industry study assessing the productivity of lawyers and other high-end information knowledge workers found that such professionals on average spend 11.2 hours a week dealing with challenges related to document creation and management. As the table below from the IDC report demonstrates, lawyers and paralegals lose as much as 2.3 hours a week searching, but not finding, the right documents and emails and another 2 hours recreating documents they failed to locate.

Time Spent on Document Management Challenges

productivity-for-law-firms-table2Source: IDC’s Information Worker Survey, June 2012

Applying the same lawyer cost calculations used by Thomson Reuters in their 2017 report (4.3 hours per week X $463 average hourly rate X 49 annual worked weeks) reveals that an effective search capability can dramatically improve law firm productivity by as much as $97,500 annually per lawyer. Even normalizing this analysis for recovered billable time (assuming every hour of gained productivity results in less than a full hour of actual billable time) a law firm of a 1000 attorneys would realize tens of millions per year in recovered billable hours, in addition to important intangible benefits including enhanced work product, improved client satisfaction and attorney morale.

Many law firm attorneys tell us that without the right search solution, they can spend hours looking for a past proposal, a key client communication from several months prior, or many other forms of work product and client communications that are stored in emails, local drives or cloud file shares. If lawyers and paralegals cannot quickly find such information assets, then that represents a serious information governance failure. Time wasted rummaging around for past emails and documents is not billable time and directly cuts into a firms’ profit margin. To be sure, a law firm’s two most important assets are its professionals and their body of work product and other key information. As such, a top priority for law firm management should be to ensure their attorneys have the right productivity search solution to quickly find and retrieve the firms’ information assets.

However, the recurring theme we hear is that outside of the data managed by X1, enterprise search is a source of major frustration for law firms and other organizations. This is confirmed by survey after survey where the vast majority of respondents report dissatisfaction with their current enterprise search platform. Simply put, the traditional approach to enterprise search has not worked. This is largely because most search solutions deployed in recent years focused on IT requirements — which see search as either a technical project or a commodity — rather than an intimate end-user driven requirement that is core to their professional productivity.

And for lawyers especially, “good enough” is not good enough when it comes to their search. It does not make sense to invest in an enterprise search solution for business productivity search, unless there is a significant improvement in the end-users search experience for emails, files and SharePoint data.

At X1, however, many of our customers report dramatic improvements with their productivity search, with firm-wide X1 rollouts being major wins at their organization. We believe that X1’s unique focus on the end-user is the key. You won’t find many other business productivity search solutions where the end users drive demand, instead of the tool being imposed on the end-users by IT or systems integrators. We continually hear countless testimonials from business professionals, at law firms and companies large and small, who swear by their X1 and cannot imagine working without it. In speaking with industry analysts and other experts in the enterprise search field, this is an almost unheard of phenomenon, where end-user satisfaction with the companies’ enterprise search platform is usually around 10-15 percent, verses the 80-85 percent satisfaction ratio we see with X1.

Importantly, X1 is a platform. Users need a single-pane-of-glass view to all of their information – email, files, SharePoint, archives like Veritas Enterprise Vault, OneDrive, Box and other network and cloud sources.  X1 Search provides a user-friendly interface to all information that lets attorneys find what they are looking for in an instant.  But the thousands of X1 end users know all this. The key takeaway for CIOs and other IT executives is that search is an inherently personal user experience, and the number one requirement, by far, for a successful search initiative is enthusiastic end-user adoption. If the lawyers and other business professionals in your organization are not passionately embracing the search solution, then nothing else matters.

Leave a comment

Filed under law firm, productivity, Uncategorized

Tagged as , , , , , , , , , ,

February 18, 2014 · 6:24 AM

Barry Murphy Joins the X1 Team

Last week, I said goodbye to my time at the eDJ Group, a company in good hands that will continue to provide top notch eDiscovery and information governance consulting at a level of depth very few can match.   This week begins my new adventure as Senior Vice President of Product Marketing and Strategy at X1, and I am very excited about the opportunity.

Many have asked why I chose to join X1 and I want to take this space today to explain the reasons.  As an analyst for the past four years, I have had the chance to see – up close and personal – the challenges that enterprise IT and business people are trying to address.  One that comes up consistently is the ability to quickly find information in a world where the volume of it is increasing so rapidly.  While search might seem relatively simple, I can tell you that many clients pull their hairs out due to frustration with enterprise search deployments.

Thus, the first thing that hit me about X1 was the number of X1 customers whose top point to make about that product is that “it just works.”  Business people like the ease of use and clean, single-pane-of glass view of their information, Legal teams like how X1 Rapid Discovery makes eDiscovery more efficient and less costly, and IT teams like that the product can be deployed in increasingly virtualized environments.

Part of the attraction to X1, for me, is the fact that the company can address such a range of solutions via a powerful search engine.  It is not just about eDiscovery, though there is a product for that.  Rather, X1 will power many solutions by providing easy access to information – and the company does it in a way that just works.  It makes me think back to those old BASF commercials – the ones where BASF says, “we don’t make the products you buy, we make the products you buy better.”  I get a feeling that same message can apply at X1; something along the lines of “we don’t make the cloud infrastructure, we make the cloud infrastructure better and more valuable.”

Stay tuned for more details on how X1 will make other solutions better and continue to provide great search products in 2014.  I’m looking forward to this adventure.

Leave a comment

Filed under eDiscovery & Compliance, Enterprise eDiscovery, Information Access, Information Governance, Information Management

Tagged as , , , , , ,