Survey: Companies not prepared for new e-discovery rules

The blame falls primarily at the feet of general counsel

Few corporations are prepared for the new federal rules slated to take effect Dec. 1 for electronic discovery of documents in civil cases, according to a survey conducted by Computerworld.

About 42% of the 170 IT managers and staffers surveyed said they did not know the status of their company's preparation for the new rules, while 32% said their company was not at all prepared.

The new rules specify requirements for submitting electronic documents – including e-mail and perhaps even IM logs -- as evidence in civil cases.

The rules were recommended in September 2005 by the Judicial Conference of the U.S. Supreme Court's Committee on Rules of Practice and Procedure. Some states have instituted similar rules (see "New e-discovery rules go into effect in December ").

If the survey is correct, a widespread lack of preparation that could lead to large fines to companies, said John Bace, an analyst at Gartner Inc. in Stamford, Conn., who said the Computerworld survey results are in line with his research.

The new rules, described in a 300-plus-page document, require that companies that are involved in civil litigation meet within 30 days of the filing to decide how to handle electronic data. The firms must agree on what records are shared, which electronic format is used and a definition of "accessible data."

Courts have indicated in past actions that penalties for failure to comply could be harsh – and costly. Even before the rules were recommended, Morgan Stanley was fined $1.5 billion -- half of which was punitive -- in May 2005 when a judge ruled that it had failed to preserve information.

Of the Computerworld survey respondents, 15% said their company was halfway or somewhat prepared, while 5% said their company was completely prepared. Twenty-two percent said they had prepared for the new rules by reading about them, and a few said they had retained inside or outside counsel. Several respondents also said this was the first time they had heard of the new rules.

Don Green, manager of accounting and information systems at Texas Aromatics LP, a petrochemical company in Houston, said he had not even been aware of the rules changes before receiving the Computerworld survey, but he said he was going to speak to his outside legal firm to determine what the firm needed to do.

James Brady, e-mail administrator in enterprise information services for the Cedars-Sinai Health System, in Los Angeles, said during a presentation at Storage Networking World earlier this month that the ediscovery rules were a "looming new problem" and that they would force many heath care organizations that have no official retention policy to initiate one. At Cedars-Sinai, Brady said he spent six months lobbying his management to begin preparing the new rules and he is now spending $6,000 per month copying tapes – some that go back to email on a Digital Equipment Corp. VAX minicomputer from the 1990s – because he is under a lot of pressure to save every backup tape due to concern about complying with the rules, he said.

Jack McLaine, assistant vice president of MIS at Leesport Financial Corp., a Reading, Pa.-based insurance, investment and retail company, said the firm began taking steps to meet the rules a year and a half ago – before the new recommendations had even officially been made. "We knew it was coming," he said. "We couldn't say, 'We'll do it next year.' We said, 'We've got to do this now.' "

Leesport spent $60,000 to set up an e-mail archiving system, including document scanning, based on the Dynamic Information Services product from Permabit Inc. in Cambridge, Mass., he said. Since then, he has added redundancy and fail-over capabilities as well.

But most corporations aren't that well prepared, which Bace blames primarily on corporations' general counsel. The changes are to rules that haven't been modified since 1994, and many corporations' general counsel were simply not aware of them, according to his research.

This is despite the fact that several legal organizations have held numerous seminars over the past few months to inform counsels of the new rules. For example, Fios Inc. in Portland, Ore., said it had held 15 seminars serving more than 1,000 people, in addition to free webcasts.

Corporations' general counsel should have acknowledged the new rules and had a conversation with the CIO about whether the organization was prepared, Bace said. As with the Sarbanes-Oxley Act, IT has to be involved from the beginning to ensure it can produce the records the rules require, he said.

A similar survey performed in May and June by the Association for Information and Image Management in Silver Spring, Md., described its concern about electronic discovery as a key driver in implementing e-mail management, with 25% of those surveyed indicating they had had to respond at least once during the past year to an e-discovery request. And in organizations with more than 1,000 employees, more than 21% reported more than 10 instances during the past year in which e-mail was tapped during e-discovery or during an internal investigation.

The most important things organizations can do are to be prepared to tell a judge what discoverable information the organization can provide and to develop document retention policies and content management procedures to help protect the organization in case documents get lost, Bace said.

Copyright © 2006 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon