Have you ever forgotten to create a legal hold only to get a multi-million-dollar sanction ordered against your company? Even if you’ve never lived your worst nightmare, the events that became your most significant compliance issues probably didn’t start big – or concern many people. However, while each legal event may not necessarily involve terabytes of data, they collectively consume considerable personnel time and resources. From internal investigations to responding to subpoenas to privacy compliance and more, this steady stream of small legal events combined with leadership’s calls for corporate digital transformation requires frequent and extensive collaboration between the Office of the General Counsel (OGC) and the company’s IT department. As a result, the little legal events can add up.
As elusive as they may seem, opportunities do exist for legal and IT teams to collaborate more effectively — not just to get a handle on the growing pile of little legal events in less time, but to reduce their risks and costs to the business.
Let’s take a look at a few ways the OGC and IT teams can work together to achieve these efficiency and compliance gains:
Start small by targeting high-volume, low-risk legal events
No legal team wishes to spend their whole week creating a legal hold, yet it’s a common occurrence. The disproportionate spend and personnel resources required to respond to small legal events like holds make a strong case for enterprise investment in software tools whose use can save money, time, and resources – while at the same time managing risks and compliance defensibility. While there are always areas where the OGC and IT teams can work towards something better, faster, and cheaper, starting small with low-risk, high-success tools is a tried and true strategy for building consensus – and confidence – among these stakeholders and their teams.
Legal hold compliance is one such high-volume, low-risk legal event that consumes an inordinate amount of OGC and IT time and resources, particularly for companies that manage these repetitive workflows manually. For companies with distributed teams working across time zones and multiple source data repositories subject to legal hold, the inefficiencies of these manual workflows only compound, and the OGC and IT team will often struggle to coordinate sending notices and preserving data across enterprise repositories. As a result, it can take weeks or even months for preservation to come into full legal hold compliance.
Enable self-service legal hold with integrations
Starting from scratch every time your company has to issue a legal hold is a sure sign that implementing self-service software could return efficiency gains right away. Fortunately, these tools enable the business user to execute all steps of a target workflow from end to end. For legal hold, the OGC user should be able to manage the processes of sending preservation letters and tracking custodian acknowledgment entirely while at the same time preserving data for identified custodians. In each aspect, integration of your legal hold software tool with enterprise applications is fundamental to success.
Pro tip: Managing the termination process in the context of legal hold requires a tool that can send automatic reports to IT and legal stakeholders and integrate with your HRIS (e.g., Workday) and computer asset management applications to minimize risks of unwitting spoliation.
Draft and send preservation letters faster with custodian directory integration
OGC teams can centralize their legal hold playbook with a self-service legal hold platform. These tools’ integrations with corporate directories such as Google Directory and Active Directory automate custodian identification. Next, streamlining the drafting and sending of preservation letters and tracking of custodian acknowledgments provides measurable productivity ROI for both the OGC and IT departments. Adding new custodians or updating preservation letters is seamless, and comprehensive activity logs underpinning the entire process bolster defensibility and act as a knowledge management and transfer tool.
Pro tip: Automatic, built-in acknowledgment reminders are a must-have for any legal hold tool.
Execute in-place preservation (IPP) quickly via API integrations
If you fear (or shudder to remember) opposing counsel alleging spoliation because you forgot to put Google, Office365, and Slack on hold, self-service legal hold platforms can help you reliably prevent any repeats. Equipped with the API integrations with data source repositories that best-in-class self-service legal hold tools feature, you can minimize the risk of compliance leakage by issuing a new legal hold notice while automatically preserving data.
Say the OGC user creates a new hold and sends the preservation letter to identified custodians. With fully automated integrations, the data for each identified custodian could be preserved in place instantly via API integrations that automatically create holds for them in Google Vault, Office 365, Box Governance, Code42, Slack, Box, and Dropbox.
Pro tip: With IPP there is no need to make unnecessary copies of your data into third-party archives when you can instead reduce monthly storage fees and minimize the risks of data access and copies living in multiple repositories – a quick win for both the OGC and IT in the eyes of the CFO and CISO.
Select the right self-service legal hold tool
Resolving key challenges can provide a framework for selecting a self-service legal hold software platform for your business – and earning serious kudos for bringing in the right one. Here are some considerations to take into account when choosing legal hold software:
- What are its security protocols?
- Can it automate a legal hold playbook?
- How does it help us reduce risks?
- How does it help us lower costs?
- Does it integrate with our organization’s enterprise applications and data sources?
- Is it easy to use, including for our legal stakeholders?
- How scalable is it?
- Does it support single sign-on?
- What reporting capabilities does it come with?
- What activity logs does it come with?
- How does it support knowledge management and transfer among team members and employees?
- How responsive are customer support and training?
When procuring a legal hold management application requires measurable ROI on productivity and compliance, opting for a self-service platform that integrates with enterprise applications is critical to achieving that ROI. Workflow automation complemented by API integrations streamlines compliance both with sending preservation letters and preserving ESI. In addition, centralized tooling brings teams and playbooks together into a single system of record with a complete audit trail of legal hold compliance. By bridging the gap between legal and IT, you can achieve quick wins in confidence, productivity, morale, and collaboration.