Remove the IT Department from the e-Discovery Process

More businesses are becoming subject to regulatory compliance. This could be either very formal stringent regulations such as the Sarbanes-Oxley Act or less strict regulations, such as the  Federal Rules on Civil Procedure (FRCP).   Exchange Server administrators should be educated on what levels of regulations their businesses are mandated to follow.  Email administrators should also be aware of what their responsibilities and deliverables might be if asked to provide current or historical information during an investigation. Organizations may direct that the human resources (HR) department, legal or the regulatory representatives lead this investigation.

The main purpose of implementing an archiving solution is to have the ability to secure email for search and discovery purposes. Archiving and store reduction is an additional bonus.  So how should an email administrator and information technology (IT) department proactively prepare for search and e-discovery requests?

Although it appears to be a natural process for IT departments to maintain control over the email archiving application, this should be avoided. Providing the appropriate administrative and investigative teams with individual access to the system will take significant pressure off overworked IT departments.  Each department should develop their own data protection guidelines to guard against random and frivolous searches - for obvious reasons. This ensures that searches are fully audited to prevent accusations of erroneous probing being directed at the IT department and therefore archive rolerelated training should be provided to those conducting searches. Also, the search interface must be reasonably easy to use for non-technology professionals.

To maintain objectivity, an important consideration is management assigning someone outside the IT department to conduct e-discovery tasks. So it should not be the Exchange Server administrator. The email administrator should not be involved in preparing data to be searched and should not be sifting through email for relevant messages resulting from specific search criteria. The retrieval component of the archive application should allow designated departments, such as human resources or legal to have access to performing email searches. The email administrator can recover the raw data for the requesting departments. The business should  provide the administrator with data criteria, but once that information is available, the departments manage the details of searches they choose.

Written by Carl E. Reid

Carl E. Reid

Leave A Reply