Sign up for more with a complimentary subscription to Today’s General Counsel magazine.
Quick Wins for Legal and IT Collaboration
July 18, 2022
Have you ever forgotten to create a legal hold only to get a multi-million-dollar sanction ordered against your company?
Even if you’ve never lived your worst nightmare, the events that became your most significant compliance issues probably didn’t start big — or concern many people. However, while each legal event may not necessarily involve terabytes of data, they collectively consume considerable personnel time and resources. From internal investigations to responding to subpoenas to privacy compliance and more, this steady stream of small legal events combined with leadership’s calls for corporate digital transformation requires frequent and extensive collaboration between the office of the general counsel (OGC) and the company’s IT department. As a result, the little legal events add up.
As elusive as they may seem, opportunities do exist for legal and IT teams to collaborate more effectively — not just to get a handle on the growing pile of little legal events in less time but to reduce their risks and costs to the business. Let’s take a look at a few ways the OGC and IT teams can work together to achieve these efficiency and compliance gains.
Start small by targeting high-volume, low-risk legal events.
No legal team wishes to spend their whole week creating a legal hold, yet it’s a common occurrence. The disproportionate spend and personnel resources required to respond to small legal events like holds make a strong case for enterprise investment in software tools whose use can save money, time and resources, while at the same time managing risks and compliance defensibility. Although there are always areas where the OGC and IT teams can work towards something better, faster and cheaper, starting small with low-risk, high-success tools is a tried and true strategy for building consensus and confidence among these stakeholders and their teams.
Legal hold compliance is one such high-volume, low-risk legal event that consumes an inordinate amount of OGC and IT time and resources, particularly for companies that manage these repetitive workflows manually. For companies with distributed teams working across time zones and multiple source data repositories subject to legal hold, the inefficiencies of these manual workflows only compound, and the OGC and IT teams will often struggle to coordinate sending notices and preserving data across enterprise repositories. As a result, it can take weeks or even months for preservation to come into full legal hold compliance.
Enable self-service legal hold with integrations.
Starting from scratch every time your company has to issue a legal hold is a sure sign that implementing self-service software could return efficiency gains right away. These tools enable the business user to execute all steps of a target workflow from end to end. For legal hold, the OGC user should be able to manage the processes of sending preservation letters and tracking custodian acknowledgment entirely, while at the same time preserving data for identified custodians. In each aspect, integration of your legal hold software tool with enterprise applications is fundamental to success.
Pro tip: Managing the termination process in the context of legal hold requires a tool that can send automatic reports to IT and legal stakeholders, and integrate with your HRIS (human resource information system, e.g.,Workday) and computer asset management applications to minimize risks of unwitting spoliation.
Draft and send preservation letters faster with custodian directory integration.
OGC teams can centralize their legal hold playbook with a self-service legal hold platform. These tools’ integrations with corporate directories such as Google Directory and Active Directory automate custodian identification. Next, streamlining the drafting and sending of preservation letters and tracking of custodian acknowledgments provides measurable productivity ROI for both the OGC and IT departments. Adding new custodians or updating preservation letters is seamless. Comprehensive activity logs underpinning the entire process bolster defensibility and act as a knowledge management and transfer tool.
Pro tip: Automatic, built-in acknowledgment reminders are a must-have for any legal hold tool.
Execute in-place preservation (IPP) quickly via API integrations.
If you fear (or shudder to remember) opposing counsel alleging spoliation because you forgot to put Google, Office365 and Slack on hold, self-service legal hold platforms can help you reliably prevent any repeats. Equipped with application programming interface (API) integrations with data source repositories that best-in-class self-service legal hold tools feature, you can minimize the risk of compliance leakage by issuing a new legal hold notice while automatically preserving data.
Say the OGC user creates a new hold and sends the preservation letter to identified custodians. With fully automated integrations, the data for each identified custodian could be preserved in place instantly via API integrations that automatically create holds for them in Google Vault, Office 365, Box Governance, Code42, Slack, Box and Dropbox.
Pro tip: With IPP, there is no need to make unnecessary copies of your data in third-party archives when you can instead reduce monthly storage fees and minimize the risks of data access and copies living in multiple repositories – a quick win for both the OGC and IT in the eyes of the CFO and CISO.
Select the right self-service legal hold tool.
Resolving key challenges can provide a framework for selecting a self-service legal hold software platform for your business — and earning serious kudos for bringing in the right one. Here are some considerations to take into account when choosing legal hold software:
• What are its security protocols?
• Can it automate a legal hold playbook?
• How does it help reduce risks?
• How does it help lower costs?
• Does it integrate with our organization’s enterprise applications and data sources?
• Is it easy to use, including for legal stakeholders?
• How scalable is it?
• Does it support single sign-on?
• What reporting capabilities does it come with?
• What activity logs does it come with?
• How does it support knowledge management and transfer among team members and employees?
• How responsive are customer support and training?
When procuring a legal hold management application requires measurable ROI on productivity and compliance, opting for a self-service platform that integrates with enterprise applications is critical to achieving that ROI. Workflow automation complemented by API integrations streamlines compliance both with sending preservation letters and preserving electronically stored information. In addition, centralized tooling brings teams and playbooks together into a single system of record with a complete audit trail of legal hold compliance.
By bridging the gap between legal and IT, you can achieve quick wins in confidence, productivity, morale and collaboration.
By John Sanchez
John Sanchez is Senior Director, Product Strategy, DISCO. He leads teams that build and implement legal technology solutions that optimize operations of global legal departments. He is a recognized authority on legal outsourcing and compliance automation. Prior to DISCO, he was head of legal technology at Congruity360. firstname.lastname@example.org
Article originally appeared in Today's General Counsel's digital magazine:
Share this post: