Litigation Holds: Don’t Live in Fear of Spoliation Jason CISO – University of Connecticut October 30, 2014 Information Security Office.

Slides:

Advertisements

Similar presentations

The Federal Civil Rules & Electronic Discovery: What's It to Me? 2007 Legal Breakfast Briefing Presented to Employers Resource Association by Robert Reid,

Advertisements

The Evolving Law of E-Discovery Joseph J. Ortego, Esq. Nixon Peabody LLP New York, NY Jericho, NY.

Saving Your Documents Can Save You Anne D. Harman, Esq. Bethany B. Swaton, Esq. Dinsmore & Shohl LLP 2100 Market Street, Wheeling (304)

United States District Court for the Southern District of New York, 2004 District Justice Scheindlin Zubulake v. UBS Warburg LLC Zubulake V.

Effective Document Retention: Lean, Mean, But Not Spoiling You or Your Lawsuit Effective Document Retention: Lean, Mean, But Not Spoiling You or Your Lawsuit.

and Electronic Records Retention: IT Requirements Paul Dworak Office of Compliance

Considerations for Records and Information Management Programs in Light of the Pension Committee and Rimkus Consulting 2010 Decisions.

Identification and Disposition of Official University Records University of Texas at Arlington Records Management.

248 F.R.D. 372 (D. Conn. 2007) Doe v. Norwalk Community College.

Information & Compliance UL University of Limerick & UL employees obliged to comply with certain legislation, including: Freedom of Information.

BUS VIDEO RECORDINGS COLLECTION – PROCESSING - REDACTION - SHARING WHAT IS RIGHT FOR YOUR DISTRICT?

© The McCoy Law Firm 2012 James McCoy The McCoy Law Firm Coit Rd., Ste. 560 Dallas, Texas (214)

E-Discovery New Rules of Civil Procedure Presented by Lucy Isaki January 23, 2007.

INFORMATION WITHOUT BORDERS CONFERENCE February 7, 2013 e-DISCOVERY AND INFORMATION MANAGEMENT.

Ronald J. Shaffer, Esq. Beth L. Weisser, Esq. Lorraine K. Koc, Esq., Vice President and General Counsel, Deb Shops, Inc. © 2010 Fox Rothschild DELVACCA.

Cache La Poudre Feeds, LLC v. Land O’Lakes, Inc.  Motion Hearing before a Magistrate Judge in Federal Court  District of Colorado  Decided in 2007.

Ethical Issues in Data Security Breach Cases Presented by Robert J. Scott Scott & Scott, LLP

Ethical Issues in the Electronic Age Ethical Issues in the Electronic Age Frost Brown Todd LLC Seminar May 24, 2007 Frost Brown.

A PROACTIVE APPROACH TO E-DISCOVERY March 4, 2009 Presented to the Corporate Counsel Section of the Tarrant County Bar Association Carl C. Butzer Jackson.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

E-Discovery LIMITS ON E-DISCOVERY. No New Preservation Rule When does duty to preserve attach? Reasonably anticipated litigation. Audio sanctions.

Records Management What to Keep and What to Toss.

Litigation Hold Overview Tom O’Connor Gulf Coast Legal Technology Center

Office of Research Oversight. Working Group Report Slide 2.

MINNESOTA GOVERNMENT DATA PRACTICES ACT How the law affects University employees and recordkeeping Susan McKinney Records & Information Management.

Is Records Management Still Relevant? Sean Regan E-Discovery Product Marketing Manager Symantec Enterprise Vault.

Developing a Records & Information Retention & Disposition Program:

1 E-Discovery Changes to Federal Rules of Civil Procedure Concerning Discovery of Electronically Stored Information (ESI) Effective Date: 12/01/2006 October,

Grant S. Cowan Information Management & eDiscovery Practice Group.

Investigating & Preserving Evidence in Data Security Incidents Robert J. Scott Scott & Scott, LLP

Electronic Communications State Owned System Mandates Presented by: Eileen Goldgeier.

Copyright© 2010 WeComply, Inc. All rights reserved. 9/19/2015 Record Management.

The Sedona Principles 1-7

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

Discussion Peggy Beeley, MD 2/11/14 Mitigating Medical Malpractice Risks Through Documentation.

Records & Information Management (RIM) Risk: Is Your Company Exposed? March 19, 2013.

2009 CHANGES IN CALIFORNIA DISCOVERY RULES The California Electronic Discovery Act Batya Swenson E-discovery Task Force

DOE V. NORWALK COMMUNITY COLLEGE, 248 F.R.D. 372 (D. CONN. 2007) Decided July 16, 2002.

Advanced Civil Litigation Class 11Slide 1 Production of Documents Scope Scope Includes documents of all types, including pictures, graphs, drawings, videos.

Against: The Liberal Definition and use of Litigation Holds Team 9.

P RINCIPLES 1-7 FOR E LECTRONIC D OCUMENT P RODUCTION Maryanne Post.

The Challenge of Rule 26(f) Magistrate Judge Craig B. Shaffer July 15, 2011.

Rambus v. Infineon Technologies AG 22 F.R.D. 280 (E.D. Va. 2004)

EDiscovery Preservation, Spoliation, Litigation Holds, Adverse Inferences. September 15, 2008.

CORPORATE RECORDS RETENTION POLICY TRAINING By: Diana C. Toman, Corporate Counsel & Assistant Secretary.

MD5 Summary and Computer Examination Process Introduction to Computer Forensics.

Information and Records Management INFM 718X/LBSC 708X Seminar on E-Discovery.

Digital Government Summit

Archiving for E-Discovery and Retention Management Theodore S. Barassi, Esq. Group Product Manager E-Discovery and Information Risk.

All Employee Basic Records Management Training. Training Overview 1.Training Objectives 2.Clark County RIM Program 3.Key Concepts 4.Employee Responsibilities.

Yes. You’re in the right room.. Hi! I’m David (Hi David!)

Legal Holds Department of State Division of Records Management Kevin Callaghan, Director.

E-Discovery And why it matters to a SSA. What is E-Discovery? E-Discovery is the process during litigation of discovering information relevant to litigation.

Managing Electronic Mail ( ) Audrey Terry KDLA.

Zubulake IV [Trigger Date]

U.S. District Court Southern District of New York 229 F.R.D. 422 (S.D.N.Y. 2004)

Record Retention to Manage Risk F. Jay Meyer Vice President & Senior Attorney TD Banknorth, N.A. Portland, Maine.

EDiscovery Also known as “ESI” Discovery of “Electronically Stored Information” Same discovery, new form of storage.

Heartland Surgical Specialty Hospital, LLC v. Midwest Division, Inc 2007 WL (D. Kan. Apr. 9, 2007)

Investigations: Strategies and Recommendations (Hints and Tips) Leah Lane, CFE Director, Global Investigations, Texas Instruments, Inc.

CITY OF PHOENIX RECORDS MANAGEMENT AND E-PRIVACY Margie Pleggenkuhle City Clerk Department March 18, 2004.

RECORDS MANAGEMENT TRAINING City of Oregon City. INTRODUCTION TO RECORDS MANAGEMENT

RECORDS MANAGEMENT TRAINING City of Oregon City. INTRODUCTION TO RECORDS MANAGEMENT.

Records Management Reality

Litigation Holds: Don’t Live in Fear of Spoliation

Move this to online module slides 11-56

Litigation Holds: Don’t Live in Fear of Spoliation

Good Spirit School Division

Government Data Practices & Open Meeting Law Overview

Presentation transcript:

Litigation Holds: Don’t Live in Fear of Spoliation Jason CISO – University of Connecticut October 30, 2014 Information Security Office

Presentation Materials Information Security Office

The intentional or negligent withholding, hiding, altering, or destroying of evidence relevant to a legal proceeding Spoliation of evidence Information Security Office

Court decisions and rules place substantial obligations on public and private organizations to: (1) preserve all electronic materials that could be relevant to pending or anticipated lawsuits (2) retrieve and produce such materials in litigation Information Security Office

Example and Catalyst UConn’s Process Prior to 2011 : Process for hard drive collection maintained for only one year Doe v. Norwalk Community College, 2007 Plaintiff sued a community college for injuries suffered as a result of a sexual assault by an employee. The court found that the college failed to preserve ESI on the computers of key witnesses. The court held that a duty to preserve arose before the action was filed, when the college received a demand letter announcing plaintiff’s intention to sue. The court held that the Rule 37(f) good faith exception was not available because it found that the defendant made no effort to put relevant information on “litigation hold.” The court also said that the good faith exception was not available because the college had no routine system or consistent policy in place regarding the destruction of ESI. Information Security Office

To help meet its obligations, the University created an Electronic Discovery Committee, made up of representatives from: Information Security Office The Office of the Attorney General Privacy Office Records Management Human Resources General Counsel Committee serves as a resource to assure approach is: Consistent Compliant with applicable laws and University policies Electronic Discovery Committee Information Security Office

ISO Administrative Assistant (ISO Admin) ISO Rep Mail and File Admin IT Technician (IT Tech) User Services/Accounts Desk IT Staff Information Security Office Additional parties involved in the process:

Cease destruction of relevant documents Preservation of relevant documents Ensure data are available for discovery “Reasonableness” Guiding Principles Information Security Office When a case enters discovery, we can produce the expected documents consistently and within reason.

Severity of litigation Operation efficiencies Individual privacy Risk of data loss Factors to Consider in Records Retention Information Security Office

University workstation employee’s home computer mobile device online Information Security Office Files must be maintained in their original form Data to be Considered Business-related electronic information Location Content word processing spreadsheets calendars voice/text messages wiki sites Videos Photographs any other type of digital information

Litigation Hold Tracking o Legal Files o General Counsel's Application o Report Tracker (RT) Manages all of UConn’s incoming requests UConn maintains a separate file from the AG’s office. Looking to go to Legal Files as a single clearinghouse for data. Secure Storage Location o Physical – Safe/Locked space o Electronic - Protected Information Security Office Other Requirements

Process Components: Initial Litigation Hold Notice Process Drive Imaging Process Hard Drive Re-Image Process Departmental IT/3 rd Party Vendor Collection Process Voluntary/Involuntary Termination Process Litigation Hold Release Process Information Security Office

INITIAL LITIGATION HOLD NOTICE Information Security Office

Every notice originates from the General Counsel’s Office Pre-litigation step captures Notification is sent to custodian It is the custodian's responsibility to ensure all relevant data is maintained regardless of location Initial scope discussion between IT staff and legal staff administrative IT data Collection always errs on side of “reasonable” Highlights/Considerations Information Security Office

DRIVE IMAGING PROCESS Information Security Office

Activation is determined by employee separation, computer repair or case severity Flow identifies who is imaging: internal staff or 3 rd party Complexity of case Skill set of staff Contracts Encryption keys collected and stored Is the original drive retained or recycled? i.e.: removable hard drives vs. SSD Highlights/Considerations Information Security Office

DEPARTMENTAL IT/3 RD PARTY COLLECTION PROCESS Information Security Office

Activation is determined by case complexity Flow identifies who is collecting: Departmental IT or 3 rd party Collection is done based off of completed survey Highlights/Considerations Information Security Office

VOLUNTARY/INVOLUNTARY TERMINATION PROCESS Information Security Office

Validates that at separation, relevant data are retained Highlights/Considerations Information Security Office

LITIGATION HOLD RELEASE PROCESS Information Security Office

ISO receives notification from the General Counsel's Office that the case is settled Dispersal of electronic records Highlights/Considerations Information Security Office

Critical Points Relationship with General Counsel Process must satisfy both General Counsel and IT staff Define reasonable processes Adhere to those processes Information Security Office

Attachments Information Security Office

Thank You JASON PUFAHL CISO Information Security Office