Five Steps to Creating a Company Data Map

These days, it is imperative that companies of all sizes have quick and full access to their electronic data to meet compliance regulations. In the event of civil litigation, lawyers will examine company information that is in electronic formats such as text messages, emails, voicemails, etc. Technological advances in email archiving solutions and eDiscovery processes have placed a premium on the speed at which companies must respond to litigation requests. The challenges of responding have shifted from the actual discovery of information, which is expected, to the speed of response.

Under changes to the Federal Rules of Civil Procedure, there are several preemptive steps companies must take to improve their overall response to litigation, including creating an eDiscovery data map. An eDiscovery data map is a comprehensive representation of the company’s electronic data, including data types, locations, rentention policies, and retrievability.

Charting a data map can be a challenge for some companies considering much of their data is scattered about due to the explosion of electronically stored information in recent years. Nevertheless, like anything else pertaining to email retention and eDiscovery processes, it must be addressed in an efficient manner.

Below are five steps for companies to follow when creating a data map of their electronically stored information (ESI (News - Alert)):

1) Schedule a meeting. Since it is important to first identify the needs behind the creation of a data map, companies should start by having a meeting with IT, legal and members of executive management. Here, the record retention needs of the company as well as the roles and tasks for each department will be defined.

2) Develop a formal policy. Discuss what is required of the company under the Federal Rules of Civil Procedure and if applicable, any industry regulations. The email retention policy should then be reviewed so that everyone is clear on the retention requirements and policies for the company. If the company does not yet have an email retention policy, now is a good time to create one.

3) Create an inventory. IT will now start gathering information about the company's ESI. Questions that must be answered: What type of ESI is stored where and for which period? How easily can this data be accessed? Who is the responsible person for these data stores? The end result is the company’s data map that will detail exactly what information is stored in which repository and the methods for accessing each. The data map can be in spreadsheet format (view sample spreadsheet ediscovery data map) or in the form of a flow chart.

4) Verify the data map. Once the location and accessibility of data repositories is charted, it is important to verify the data map to ensure it is complete and accurate. IT should pick out certain types of ESI from specific periods and see if they are found in the location listed in the data map. Then an attempt should be made to retrieve actual records in order to highlight any kinks in the process, such as greater than expected data retrieval efforts.

5) Update your data map regularly. Finally, as technology changes fast, it is important for companies to check and update data maps regularly. This is not a “build-it and forget-it” project.

Above all, companies must be knowledgeable about what information is stored where on their systems. Having a comprehensive data map and documented knowledge of your data stores could prove invaluable for your company and help to mitigate legal risk.

About Deborah Galea: Deborah Galea is the co-founder and chief operating officer of Red Earth Software, a leading email management software company based in Boulder, Colo. Galea is an expert in the growing field of corporate email management solutions involving eDiscovery as well as the compliance issues impacting almost every vertical industry, including financial services, legal, healthcare, retail and government. She has extensive knowledge of the legal issues relating to corporate email usage and has worked in the Netherlands, the U.K., the United States and Cyprus. Follow us on Twitter (News - Alert) @redearthsoft,"like" us on Facebook and check out our website: www.policypatrol.com