Expert reveals the key steps to protecting your organisation during an investigation
In a time where it seems like everyone is working remotely to some degree, it is more challenging to navigate internal investigations. When the pandemic struck, many organisations did not have time to create a comprehensive work from home plan, which put sensitive business data at risk for compromise or accidental deletion. Now it is clear that increased remote work will ensue, as many industries have realised the cost-saving and productivity benefits of virtual or semi-virtual business models. As such, it is crucial to implement strong data policies, security protocols, and supervision around remote working to improve data management and better prepare organisations for internal investigations.
Internal investigations come in all shapes and sizes. Many are small and confidential, like a harassment claim, but there can be cases that threaten the future of an organisation and turn into a full-blown litigation, like an inquiry from a regulatory body. No matter the scope of an internal investigation, it differs greatly from standard discovery efforts, which are largely focused on finding answers to questions or try to identify every possible relevant document or message. Internal investigations also typically have smaller budgets and shorter timelines than standard discovery efforts. While this can vary, internal investigations should be quick, thorough, and ideally inexpensive.
Due to the nature of these investigation, they generally result in a frenzy of actions like issuing legal holds, conducting interviews, and a deep dive into where potentially relevant data that needs to be collected and reviewed resides.
When dealing with a triggering event, it is of the utmost importance to preserve all relevant data. Preserving relevant data provides better insight into case strategy during the initial investigation, prevents eDiscovery roadblocks, and limits the risk of relevant information getting deleted. This information is important to prove or disprove a claim, find out if someone is violating the law, or simply finding the truth. Strong information governance practices and oversight streamline the internal investigation process. Below are some helpful suggestions:
- Consider all the data sources: Key information may not reside on the company network. For example, harassment may occur via text on a personal device. Trade secrets could be sent from personal email accounts or work could be saved on a personal computer. Illegal activity is not generally done on company computers, so obtaining all the data is not always simple, but understanding the gaps is critical.
- Know where data resides: Knowing where documents are located, who is generating business data, and on which devices, is crucial for operational purposes, but also make an organisation better equipped to handle internal investigations. Data mapping is a key tool. Data mapping is the process of identifying, understanding, and plotting what information an organisation has, how the data flows through the organisation, who has access to the data, and where the information is stored. Data maps help quickly determine sources and potential custodians relevant to an investigation. This also enables the investigation team to be more efficient about data collection and review, which is advantageous as remote working expands.
- Increase oversight to monitor internal compliance: When an organisation goes remote, it should implement new policies and protocols accounting for appropriate device and app usage, data retention, security safeguards like VPNs or company-monitored remote desktops, regulatory restrictions, and more. An important thing to address with all remote employees is whether there is a ban or restriction on using personal devices to conduct business, and if it this is allowed what security measures need to be enacted. Can the employee only do work when connected to a company server? What communication methods are allowed and when is it appropriate to use ephemeral messaging applications? When privileged information is involved, what extra security measures should they deploy? These are just a few questions to ponder when creating remote policies. Remember that information governance plans will differ for each organisation.
After establishing expectations, focus on enforcement. Do this by conducting employee meetings, reviewing file sharing and communication workflows, restricting access to certain servers where necessary, and updating policies when technology changes occur. Management should carry out the appropriate disciplinary action when violations are identified. Focusing on oversight and enforcement promotes better data management and storage, which makes it easier to identify relevant data sources and documents in the event of an internal investigation.
- Clearly define internal investigation protocols: It is a good idea to establish an internal investigation framework and factor in how remote work affects the process. Some considerations include:
- Deciphering who makes up the investigatory team (which may differ from the legal team).
- Proper documentation of things like data collection or custodian interviews to ensure defensible methods.
- When to utilise the services of an eDiscovery vendor.
- Whether offsite devices can be accessed virtually or need to be physically shipped.
- How to obtain hard copy documents located remotely.
- Secure ways to conduct virtual interviews.
- If the investigation is to be handled in-house, having the right tools available with well documented processes and procedures can save valuable time. If outsourcing, having pre-negotiated contracts with providers and a playbook in place can also be crucial to getting to the crux of a matter expeditiously.
During litigation and investigations, corporate legal teams face massive amounts of data to collect, process, review, and produce. These tasks are often subject to incredibly strict deadlines. From routine to complex matters, legal teams need a powerful eDiscovery platform to rely on from the collection phase through production. Given today’s legal climate, departments seek tools that optimise legal spend, improve efficiency, and enable them to tackle all legal and compliance challenges head-on with confidence. For eDiscovery, the focus should be on finding the right-sized tool for the job while maintaining dependability and flexibility.
Here are six features to look for in an eDiscovery platform:
1. User-friendly: Find an intuitive cloud-based platform with self-service capabilities. Users must be able to understand how to perform their job using the software with minimal training so that they can quickly complete tasks and meet relevant deadlines.
2. Cost-savings: Dig deep into your cost analysis to discover untapped saving potential. For example, using modern technologies helps avoid hefty costs for database servers, OS, and physical storage, as well as third-party API fees. Using a modern platform that does not charge a per user fee can also be a big cost saver. These savings, in addition to traditional cost-saving opportunities stemming from automation capabilities is what makes a platform stand out in comparison to others.
3. Process automation: Look for a platform with built-in automation that streamlines your processes. Make sure users can collect data, process data, filter data, promote documents for review, image documents, and produce documents within a minimal number of clicks. By reducing operating overhead and time spent on eDiscovery tasks, the legal team can focus on strategy, risk analysis, and settlement evaluation.
4. Updated software: Choose a cloud-based platform where the servers are off premise, so that the supplier takes care of the maintenance. This appealing feature frees your legal department from the burden of tracking and rolling out regular software and security updates. The cloud supplier purchases equipment and licenses required for upgrades. As a benefit that many forget to consider, this feature allows departments to focus on the things that matter – like case strategy and growing the business.
5. Increased collaboration: Now more than ever before, corporate legal departments should look for tools that foster collaboration between internal teams and external partners. This enables collaboration between general counsel, outside counsel, and eDiscovery providers. An eDiscovery platform that bridges communication gaps between these parties and promotes information sharing is compelling. Key features include receiving updates in real time and full visibility into the status of ongoing matters.
6. Flexibility: Because every case or investigation is unique, a platform designed with flexibility and scalability is crucial. Users should be able to jumpstart a matter with data ingestion, filtering, and simple review features. Consider a flexible interface that enables data promotion to a more complex platform when needed, as a small percentage of matters may need to be ported.
Choosing an end-to-end SaaS platform, such as Epiq Discovery, with the above capabilities helps keep things simple. It makes training and onboarding new individuals easier, eliminates maintenance costs, and instils predictability throughout the eDiscovery process.
- Enlisting help from technology vendors and consultants may be beneficial when dealing with complex matters that are data heavy, require quick turnarounds, or involve specialised expertise. An organisation’s eDiscovery provider is the first place to start, as there is already an established relationship with cost predictability and trusted workflows. Just make sure that the chosen vendors are equipped to handle the unique demands of remote working when virtual collection is involved. Some other ways to leverage technology for an internal investigation includes remote assisted collection kits, secure communication platforms for custodian interviews, and consultants familiar with collecting unstructured data. Tapping into resources like these can help simplify investigations and promote efficiency.
When it comes down to it, adequate preparation and auditing are the two vital components of successful internal investigation workflows. When investigations hit an organisation utilising remote working, the response should mirror what would happen if everyone were in the office. While there will need to be tweaks to the process, following the suggestions listed above can help accomplish this goal and allow for swift resolutions with minimised risk. Investigatory teams should also monitor how any new internal investigation protocols perform so they can make any needed changes.
William Hutcheson is a Solutions Architect at Epiq with over 9 years’ experience consulting with corporate, law firm, and government stakeholders to scope out technology and workflow requirements for regulatory, litigation, and investigation mattes, ranging from small transactional projects to large-scale, long-term managed services engagements.