The Proposed Amendments to the FRCP, What's All the Fuss About?
I have read enough articles about the proposed changes to the FRCP to make me believe that there is an impending litigation discovery equivalent of a Y2K style disaster (which never happened) in the making. In many ways, the perceived uncertainty of the amendments' impact is not unlike the uncertainty that swirled in the healthcare & financial communities when HIPAA and SOX were enacted.
Given the flurry of legislation in the past few years, and the cottage industries they've generated, one can see how the hype and hysteria has led to self serving sermonizing in some quarters. To be fair though, there is a lot of uncertainty and confusion about the impact of the changes to the FRCP, which will affect different organizations in palpably different ways.
I suggest, respectfully, that much of the concern (on the law firm side) arises out of a lack of understanding of client infrastructure. This is compounded by little to no awareness of the regulatory and discretionary frameworks that govern how many entities manage their data. One way to counter the hype and fear is to have an overarching data management strategy that encompasses a deliberate and cogent risk management plan for on line, near line and "dormant data sets" (arguably the single greatest corporate data threat today) electronic document collections.
One notable distinction between the FRCP changes and HIPAA / SOX example, is that the latter 2 pieces of legislation are "vertical specific" and thus more narrowly tailored in scope, whereas the proposed changes to the FRCP are not domain specific and they touch and concern every conceivable industry, organization and individual that could possibly envision being a party to litigation. The fact that this is the case should not cause fear or irritable bowel syndrome, rather it should cause us (namely the internal legal, IT departments, outside counsel & consultative experts) to step back and take a closer look at the issues that the amendments are intended to address.
At the core of the changes is the fact that the American regulatory and legal framework, has by and large been slow to deal with the electronification of corporate data stores and the proliferation issues that come with them. During the 80's and for a significant part of the 90's, data creation & lifecycle management mechanisms were geared towards data equipment reliability, data availability & serviceability (RAS). The issues that have taken on greater proportions in recent years are data security, accessibility & accountability (ACCSEC) while maintaining RAS in the face of exponential data volume growth.
At the risk of oversimplifying the process, discovery efficacy is ultimately direct function of the organizational processes & mechanisms that result in the creation, storage, use, retrieval, retention, archival, restoration and destruction of data. The bottom line and practical reality is, the amendments don't really require you to do that which you should not already have been doing with electronic discovery data! Under the new rules (even prior), counsel should understand the implication of and follow the recomendations below:
I've studied the issues extensively and consulted with a number of organizations about various approaches. The approach I feel generates the most bang for the buck is that of client based "discovery enablement" as it relates to helping organizations assess, develop and execute cost effective Managed Information Request and Incident Response plans based on the recommendations above. The beneficiaries of this approach include everyone from the boards of directors, internal legal/IT departments and outside counsel. The benefits that accrue from a corporate and outside counsel perspective are in short, significant and quantifiable disbursement costs savings which translate into more room for attorney time. This sounds like a win-win to me.
In summary, complete, cost and time effective data collection, analysis and production done in a (forensically) defensible manner is what all this fuss is about.
Given the flurry of legislation in the past few years, and the cottage industries they've generated, one can see how the hype and hysteria has led to self serving sermonizing in some quarters. To be fair though, there is a lot of uncertainty and confusion about the impact of the changes to the FRCP, which will affect different organizations in palpably different ways.
I suggest, respectfully, that much of the concern (on the law firm side) arises out of a lack of understanding of client infrastructure. This is compounded by little to no awareness of the regulatory and discretionary frameworks that govern how many entities manage their data. One way to counter the hype and fear is to have an overarching data management strategy that encompasses a deliberate and cogent risk management plan for on line, near line and "dormant data sets" (arguably the single greatest corporate data threat today) electronic document collections.
One notable distinction between the FRCP changes and HIPAA / SOX example, is that the latter 2 pieces of legislation are "vertical specific" and thus more narrowly tailored in scope, whereas the proposed changes to the FRCP are not domain specific and they touch and concern every conceivable industry, organization and individual that could possibly envision being a party to litigation. The fact that this is the case should not cause fear or irritable bowel syndrome, rather it should cause us (namely the internal legal, IT departments, outside counsel & consultative experts) to step back and take a closer look at the issues that the amendments are intended to address.
At the core of the changes is the fact that the American regulatory and legal framework, has by and large been slow to deal with the electronification of corporate data stores and the proliferation issues that come with them. During the 80's and for a significant part of the 90's, data creation & lifecycle management mechanisms were geared towards data equipment reliability, data availability & serviceability (RAS). The issues that have taken on greater proportions in recent years are data security, accessibility & accountability (ACCSEC) while maintaining RAS in the face of exponential data volume growth.
At the risk of oversimplifying the process, discovery efficacy is ultimately direct function of the organizational processes & mechanisms that result in the creation, storage, use, retrieval, retention, archival, restoration and destruction of data. The bottom line and practical reality is, the amendments don't really require you to do that which you should not already have been doing with electronic discovery data! Under the new rules (even prior), counsel should understand the implication of and follow the recomendations below:
- Don't panic.
- Understand the client organizations non discretionary regulatory framework governing document management.
- Understand the processes and mechanisms that result in the implementation of the non discretionary document management paradigms.
- Understand your clients business model (discretionary document management) framework and the document management requirements they mandate.
- Understand the processes and mechanisms that result in the implementation of the discretionary document management paradigms.
- Put the onus on the client to be proactive in the implementation of measures that will reduce the risks (provide defensible responses) related to departures (inadvertent and otherwise) from the protocols that relate to 2 and 4.
I've studied the issues extensively and consulted with a number of organizations about various approaches. The approach I feel generates the most bang for the buck is that of client based "discovery enablement" as it relates to helping organizations assess, develop and execute cost effective Managed Information Request and Incident Response plans based on the recommendations above. The beneficiaries of this approach include everyone from the boards of directors, internal legal/IT departments and outside counsel. The benefits that accrue from a corporate and outside counsel perspective are in short, significant and quantifiable disbursement costs savings which translate into more room for attorney time. This sounds like a win-win to me.
In summary, complete, cost and time effective data collection, analysis and production done in a (forensically) defensible manner is what all this fuss is about.
posted by Richard E. Davis, JD at 3:09 PM
1 Comments:
Well reasoned and well put!
Post a Comment
Links to this post:
Create a Link
<< Home