Yottabytes: Storage and Disaster Recovery

Sep 20 2011   1:30PM GMT

Information Retention Saves Legal Costs, But Many Don’t Do it

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

It’s typically a good idea to take vendor surveys with a grain of salt; they tend to be slanted and unscientific. Not so with Symantec; they have actual scientific surveys with margins of error and everything.

Not to say, of course, that they’re completely unbiased; recall in this case that Symantec purchased Clearwell earlier this year in an attempt to improve its ranking after a recent Gartner Magic Quadrant on eDiscovery vendors.

That said, its Information Retention and eDiscovery Survey has some interesting points to be made — not the least of which is actual evidence from users that implementing an information retention policy saves money.

  • Respondents using best practices reported a 64% faster response time with a 2.3 times higher success rate when responding to eDiscovery requests.
  • They were 78% less likely to be sanctioned by the courts and 47% less likely to find themselves in a compromised legal position.
  • They were also 20% less likely to have fines levied against them. In addition, they were 45% less likely to disclose too much information.
That said, many respondents indicated that they had not yet implemented an information retention plan.
  • Nearly half of respondents do not have an information retention plan in place.
  • 30% are only discussing how to do so.
  • 14% have no plan to do so.
  • When asked why they don’t have information retention programs, respondents indicated the top reasons are: lack of need (41%), too costly (38%); nobody has been chartered with that responsibility (27%); don’t have time (26%); and lack of expertise (21%).

The part about “too costly” is particularly telling in light of the results.

Respondents who said they’d been asked to respond to a legal, compliance or regulatory request for electronically stored information reported the following results:

  • Completely failed to fulfill the request 10%
  • Partially failed to fulfill the request 10%
  • Successfully fulfilled the request, but more slowly than the requestor would like 25%
  • Successfully fulfilled the request in a timeframe that is acceptable to the requestor 35%
How this correlated with whether organizations had an information retention strategy in place, Symantec didn’t say.
Finally, in situations where an organization did not successfully fulfill the request in an acceptable timeframe, respondents reported the following results:
  • Damage to Enterprise reputation or embarrassment 42%
  • Fines 41%
  • Compromised legal position 38%
  • Sanctions by courts 28%
  • Hampered our ability to make decisions in a timely fashion 26%
  • Raised our profile as a potential litigation target 25%
Again, not clear how these correlated with the different types of organizations, but useful to have some specific information about results and sanctions.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: