Migrated from eDJGroupInc.com. Author: Amber Scorah. Published: 2012-04-12 05:00:15Format, images and links may no longer function correctly. PART TWO OF INTERVIEW WITH JONATHAN WILAN
Partner at Hunton & Williams LLP
With the exploding rate of data growth, data remediation is a serious exercise that all companies must consider.
In part one of this series, I spoke with Jonathan Wilan, Partner at Hunton & Williams LLP, about the risks of not having a data remediation policy. In this part two, we discuss what departments should be involved in data remediation efforts, what the return on investment is, and how to measure this.
Amber Scorah: What are the relevant departments that must be involved in data remediation efforts?
Jonathan Wilan: To succeed, a remediation project will require involvement of a number of departments. Obvious stakeholders will include IT and Records Management. It is absolutely essential (for the legal preservation obligation reasons I discussed previously) that the Legal Department be involved in such a project from the beginning. Beyond that, the business owners of various systems will need to be consulted to confirm that there is no active or anticipated business use for the data to be remediated. Finance will need to understand the return on investment to justify the short-term investments of the project. Corporate Security can provide assistance in understanding the cyber-risk associated with legacy data and assist in ensuring that adequate safeguards are put in place surrounding the destruction process itself.
Given the challenges, a significant remediation project will require support from senior management within these organizations. Finally, for any significant project, outside assistance from eDiscovery attorneys who understand the legal risks associated with a remediation project and are familiar with best practices for mitigating those risks should be consulted, and depending on the size of the project, outside technical consultants should be involved to lend additional expertise, resources, and independence to the project.
Amber Scorah: What is the return on investment, and how do you measure it?
Jonathan Wilan: ROI for such a project can be both easy and hard to measure. Legacy data costs can include server costs (internal or in the cloud), costs associated with off-site storage vendors, costs of maintaining licensing agreements for software and tools that no longer are useful to the organization, and costs of employees to manage systems that are no longer needed.
More difficult to monetize are the eDiscovery costs associated with accumulated data that may be in scope for future legal matters as well as the legal and cyber-risks from such data. These costs are real, but can be difficult to quantify.
Using experienced outside attorneys and consultants to help explain the compelling case for remediation can assist the Records, IT, and Legal organizations in successfully moving forward on such a project and overcoming internal obstacles.
For more information visit www.ediscoveryoilandgas.com, or email amber.scorah@iqpc.com.
eDiscoveryJournal Contributor: Amber Scorah, Legal IQ