2 days ago via HootSuite
3 days ago via HootSuite
Cleaning Up at Closing Time: Data Destruction When a Matter's Done
- Details
- Category: Blog
- Published on Tuesday, 23 June 2009 11:22
- Written by Jason Briody
- Hits: 361
When a restaurant closes and the last customer walks out the door, the employees don't just call it quits and follow them out. There's a flurry of activity. Dishwashers are running, the "daily special" board is wiped clean, floors are mopped and tables are reset. But when some attorneys close a matter, they're just concerned with calculating their tips and clocking out. Here's why making sure you've cleaned up after yourself, at least as far as your collected ESI is concerned, is worthwhile.
It could be costing you money.
Many computer forensic and EDD consultancies charge a monthly fee to store your data after a period of time stated in your initial engagement contract. Those hard drives full of data are taking up hardware and space in these consultancies' secure rooms and safes. These recurring fees can add up, especially when you have a large amount of data sitting around that is no longer needed.
Your client will thank you for it.
Your client wants to know that their information is being handled with care. Once a matter is closed and the relevant data no longer needed, they want to know that their company information, employee records, and employee communications are destroyed and once again exclusively within their control. Custodians involved also sleep easier once they've been notified by their employers that the forensic duplications of their laptops have been disposed of securely.
It might come back to haunt you.
Are those forensic duplications and other data still hanging around? There are many cases in which an organization's lack of a document retention and data destruction policy (or the company's disregard for these policies) has resulted in a major negative impact for the company (see Murphy Oil USA Inc. v. Fluor Daniel Inc., or this article about Boeing's document retention mishap). In both these cases, the companies made the same mistake: they retained emails and backups for far longer than their document retention policies ordered. The files that they hung on to became discoverable, and they (or their cases) suffered for it. Is it possible your client's data will become discoverable for another matter if it's known that these forensic "backups" exist?
Of course, you need to look at the legality of destroying your forensic duplications at a matter's close ("close" being the operative and ambiguous word), but barring any legal restrictions that compel you to hang on to the data from one of your matters, destroying it is more than just good housekeeping. It could be keeping that data from being used against you.
So how do I ensure the data's been destroyed?
Once your matter is closed and you no longer need the forensic duplications and data collected, ask your consultancy to securely destroy it. Ensure that you receive a "Certificate of Destruction" form that explains what data was destroyed, how, when, and by whom. Heck, you don't even have to get your hands dirty.
The guy who runs the restaurant dishwasher only wishes he could say that.
