Migrated from eDJGroupInc.com. Author: Greg Buckles. Published: 2017-03-21 20:00:00Format, images and links may no longer function correctly.
While conducting interviews for my upcoming ILTA webinar on coping with eDiscovery provider acquisitions, a sharp litigation support manager posed a hypothetical scenario based on the ransom hack of Hollywood Presbyterian Medical Center. We were discussing contingency plans, liability and concern over loss of data when a provider went out of business or was acquired. Very few of my initial interview respondents were seriously concerned with data loss for a normal M&A event. But at least one raised the concern about all that email data being uploaded into Relativity. How many attachment zips and links could hold the same kind of ransomware that encrypted Hollywood Presbyterian? Most of the hosting/SaaS contracts that I have recently reviewed for RFP engagements have clauses that make the client responsible for the content of all uploads and specifically call out malicious code. Does that take the provider off the hook? Would the bench grant a production date extension or relief if 2 months of review work product was made unavailable due to criminal hacking? Who is liable to remediate any lost work or data? Who should pay the ransom if it is low enough?
Not being an attorney, I don’t have any answers to these questions. Instead, I recommend addressing the risks associated with your hosted eDiscovery the same way a CSO addresses key corporate systems. Have a disaster recovery plan before you sign a contract. Know your provider’s backup systems and understand the potential for loss and availability. Have a migration plan with a defined cost and time frame. I hope to delve into these questions in the April 12th ILTA webinar with Duane Lites from Jackson Walker. In the meantime, thank you for taking my quick M&A Impact Poll and reach out to me if you have a good war story about your tech or service provider being gobbled up.
Stay skeptical my friends!
Greg Buckles wants your feedback, questions or project inquiries at Greg@eDJGroupInc.com. Contact him directly for a free 15 minute ‘Good Karma’ call. He solves problems and creates eDiscovery solutions for enterprise and law firm clients. His active research topics include analytics, mobile device discovery, the discovery impact of the cloud, Microsoft’s Office 365/2013 eDiscovery Center and multi-matter discovery. Recent consulting engagements include managing preservation during enterprise migrations, legacy tape eliminations, retention enablement and many more.
Greg’s blog perspectives are personal opinions and should not be interpreted as a professional judgment. Greg is no longer a journalists and all perspectives are based on best public information. Blog content is neither approved nor reviewed by any providers prior to being posted. Do you want to share your own perspective? eDJ Group is looking for practical, professional informative perspectives free of marketing fluff, hidden agendas or personal/product bias. Outside blogs will clearly indicate the author, company and any relevant affiliations.