AIIM, which is currently having its annual conference in New Orleans, has also released its annual report, “Information Governance — records, risks and retention in the litigation age,” where it surveyed a number of professionals in the industry about their attitudes toward issues such as E-discovery.
The report, which is freely downloadable, surveyed 512 information professionals.
Legal holds and E-discovery were the fourth most likely element to be included in an information governance policy, with almost 50% saying it was included (plus almost 20% who included it in an “all of the below” choice).
“Only 18% have a sufficiently comprehensive policy that covers all of these areas,” AIIM warns. “Taking these into account, over 80% in total have included information retention and access restrictions in their policy. While 75% include data protection of personally identifiable information, this is likely to be a legal requirement for almost any organization that keeps personnel records of employees. Only 57% are dealing with “information in motion” i.e. laptops, USB sticks, etc. Only 49% have a policy on mobile access and only 27% are covering cloud-based file shares.”
In terms of email storage, about 55% of respondents said that employees were expected to manually declare or save important email messages as records, while more than 30% said they expected there were multiple copies of messages on various systems,
That said, while the content may be electronic, E-discovery mechanisms are still manual, the survey found, with 53% of respondents saying they are still reliant on manual processes for E-discovery searches across file shares, email and physical records. However, only about 5% either automatically classified important email messages as records or used outsourcing or the cloud for email archiving.
That’s even more so for social media interactions. Almost 35% said they believed there are social interactions that could be important but that they were not currently recording them; about 22% said they didn’t do social; and about 18% said they weren’t looking at the issue. 34% reported that they have used their social business records for purposes such as staff disciplinary action, staff dismissal, or resolving a customer/citizen dispute or complaint.
For E-discovery, more than 60% of respondents said they needed to deal with re-trial request by attorneys (eg, US –style), about 25% for judge-directed disclosure (eg, UK-style), about 15% for no defined disclosure (civil law, eg, France, Germany), about 30% for competition/anti-trust, fraud, or trading investigation, and more than 20% said “All of the above.”
“We asked if respondents feel that their organization has a consistent and effective E-discovery mechanism across all of their physical and electronic records,” AIIM writes. “Overall, only 9% have achieved this, but a further 29% are optimistic that they are getting there. Another 24% have plans, but 20% consider the task to be simply ‘too difficult.’”
However, in what may be some incentive, the survey also asked respondents about the consequences of their lack of an E-discovery system. In the last three years, 14% of organizations have suffered from embarrassing data loss, 21% have disciplined or dismissed employees for non-compliance with governance policies, 31% have had issues with their regulators, and 18% have been questioned in court about their records, AIIM finds. “As might be expected, larger organizations score nearly double in many of these areas with, for example, 28% suffering from embarrassing data loss — an arguably bigger disaster for a large organization or well-known brand than a small one — and nearly half having issues with auditors or regulators,” AIIM writes.