Posts Tagged ‘lawsuit’

What Does A CIO Need To Do When The Company Gets Sued?

Wednesday, April 14th, 2010
Image Credit
E-Discovery Is Something That CIOs Need To Prepare For In Advance

E-Discovery Is Something That CIOs Need To Prepare For In Advance

Lawyers Cost A Lot Of Money

When you become the CIO, you’re probably hoping that you’ll be spending your time setting the strategic direction for your company’s technology future, striking deals with vendors, and generally moving the company forward. However, perhaps you’ve forgotten about the lawyers. Specifically the lawyers who work for the people who will undoubtedly someday sue your company. They are going to be well within their legal rights to ask for a lot of company information, are you going to be ready to find it and provide it to them?

Andrew Conry-Murray was looking into this and he discovered that the Office of Federal Housing was sued they had to search their systems for emails related to the case. They forgot about a disaster-recovery backup that they stored off-site and this mistake ended up costing them an additional $6M in additional expenses to search even more data. Clearly this is something that a CIO has to worry about!

It’s All About The Team

The fancy name for what has to be done in the 21st Century when a company has to produce documents as part of a lawsuit is called “e-discovery” . This is where at the request of the suing party, a company has to dig through all of their electronic documents (emails, reports, etc.) and provide them to the suing party as a part of preparing to go to trial.

Considering how many separate email systems, databases, and siloed data storage systems a typical company has, when you become CIO finding and delivering this information could be a huge undertaking. A clever CIO realizes that this is the type of problem that can’t be solved just by the IT department: it’s going to take a team.

The ability to see into the future is not something that we are born with. However, CIOs need to anticipate that their company will need to have an e-discovery team in place BEFORE you get sued. It makes sense to put together a team before it is needed. The team should have representation from both the Legal and the IT departments on it.

It will do you no good to just have identified who is on the team – they actually have to do some work. Specifically, they should be responsible for setting the company’s policies on data retention, making sure that people are following the policies, and actually doing the e-discovery work when it is required.

The Electronic Discovery Reference Model

If this all seems just a bit overwhelming to you (“I’m not a lawyer”), don’t despair. Smart minds have created something called the Electronic Discovery Reference Model which lays out just what an IT department needs to do in order to conduct a successful e-discovery program.

There is a lot of work that needs to be done as a part of an e-discovery program and not all of it is IT work. In the EDRM, the job of an IT department comes primarily in the first 4 steps. These steps are:

  1. Information Management
  2. Identification
  3. Preservation
  4. Collection

Too Much Data Is Too Much

A CIO’s role in an e-discovery project starts long before the first call from the lawyers comes in. Lawyers are not bad people (necessarily), but at the same time they aren’t IT savvy. This means that they often don’t know how to ask the right questions during an e-discovery project.

Lawyers might ask for any email that contains the word “contract”. Clearly this could quickly create a mountain of results. The IT department can help make sure that only relevant results are returned by working with the legal team to better frame what is being searched for. A search for emails based on “contracts with xyz corporation sent during the summer” will produce much more manageable results.

What All Of This Means For You

In a perfect world, there would be no lawyers or lawsuits. However, since we don’t live in a perfect world, when you become CIO you are going to have to be ready for the lawsuits when they come your way.

The key thing for a CIO to realize is that an e-discovery project is not something that can be handled just by the IT department. Instead, before the first lawsuit shows up, you are going to need to pull together a team that consists of folks from both the Legal and the IT departments.

Even though you can’t stop lawsuits from happening, as CIO you can make sure that your company is ready for them when they come. A bit of planning can end up saving your company a lot of money and you a lot of hassle…

Question for you: what do you think a CIO is going to have to do in order to get the IT and Legal departments to work together smoothly?

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

What We’ll Be Talking About Next Time

Does anyone besides me remember the movie “Risky Business” from the ‘80s? You know, it’s the one that launched Tom Cruise’s career – he plays a kid who takes some big chances, has an adventure, and then ends up with the girl in the end. Well, CIOs have a opportunity to star in their own version of Risky Business – but their role has to do with selecting and implementing risk management applications that just might save the company…

Tags: , , , , , , , , ,
Posted in document discovery | No Comments »

Five Words That Scare A CIO: I’ll See You In Court!

Wednesday, January 20th, 2010
Image CreditNo CIO Wants To Have To Face Judge Judy

No CIO Wants To Have To Face Judge Judy

When you become CIO, you’ll probably have all of the technical skills that you need to stay on top of today’s cutting edge IT issues such as storage, bandwidth, cloud computing, etc. In fact, I’d guess that you’ve gotten the message and you will have developed your management talents so that you will be well positioned to align the IT department with the rest of the business. However, there is one thing that you may have forgotten to get: a law degree

Why Discovery Is A Bad Word In IT

For anyone who has not had to live though a legal discovery process, thank your lucky stars! What we’re talking about here are the steps that a company has to go through when they find themselves involved in a lawsuit. Before the case even goes to trial, there is the discovery process.

Take a typical example: someone sues the firm and says that they’ve been harassed while working there. The first step that their lawyer will take will be to serve the company with a legal notice to produce all of the messages that flowed over the company’s network that contained the person’s name or email address. This, of course, includes any nicknames that the person might have been referred to by or even any derogatory names.

Can you imagine what kind of effort that kind of search would take in most companies? Sure there might be some centralized email servers, but you also have to check all of the IM chats and all documents just in case there might be something in them. Now you should be getting a feeling for the scope of work that we’re talking about.

Four Steps A CIO Can Take To Get Ready For Discovery

In any modern company, you can expect to eventually get sued and be required to go through some sort of discovery process. As CIO, your job will be to prepare the company for this eventually before it happens. This means that you are going to have to take the following steps:

  1. Create a Data Map: Sorry about this — it’s a manual process in which you take the time to locate the critical data that your company uses and then dive even deeper and understand how it is used. This will help you to understand where your most important documents are and just exactly what applications were used to create those documents.
  2. Create Clear Data-Retention Policies: you don’t have to discover what you don’t have; however, you had better have a good story for why you don’t have it. This policy has to be all encompassing: it must cover both paper and electronic. It also has to lay out the processes for storing, organizing, and destroying it.
  3. It’s All About The Workflow: …and you need to understand it. In any company, work gets done at a variety of different levels including at the department level as well as at the enterprise level. How work gets done will play a key role in how you can uncover the documents that you are looking for during a discovery.
  4. Electronic Documents Are Not All The Same: we’re not talking about a bunch of PDF files here. Lots of electronic documents that need to be searched and perhaps included in the discovery package may be in specialized forms: CAD drawings, Microsoft Project files, etc. Just finding the data is not enough, you need to print out a document with the right information that can be included in the discovery.

What All Of This Means For You

As CIO you will need to be simultaneously moving the company forward as well as protecting your backside. A single lawsuit against your company can require countless hours of work in order to locate the required documents not to mention the costs involved.

The only way to prevent this from becoming a black mark on your CIO resume will be to prepare for it before it happens. By no means will this be an easy task to do, but it can be well worth the effort.

Nobody ever said that being the CIO was going to be easy, preparing your firm to deal with a legal discovery is one way you can at least make the job look easy!

Do you think that the CIO should be responsible for producing legal discovery documents or is this someone else’s job?

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

What We’ll Be Talking About Next Time

So you want to be a CIO someday. Great. However, there may be a bit of a problem with your goal — the position of CIO may be going away. Maybe we should talk with some current CIOs to find out just what’s going on here…

Tags: , , , , , , ,
Posted in discovery | No Comments »

CIOs Need Smart Storage, Not More Storage

Monday, September 21st, 2009
Where To Put Everything Is A CIO Sort Of Problem <p> (c) -2007) </p>

Where To Put Everything Is A CIO Sort Of Problem (c) -2007)

With a little luck we can all agree that storage is a boring topic to talk about – I mean when you store something, it’s just sitting there not doing anything. CIOs prefer to talk about data in motion – reporting new sales or opening new markets. However, it turns out that storing data is the foundation that the company is built on and CIOs need to do this the right way…

Times They Are A Changing

The days of blindly adding more cheap storage are over – storage has long term costs. CIOs need to revist this issue and create a solution that works for both today and tomorrow.

Steve Delahunty, who works for Booz Allen Hamilton, has been looking into the storage challenges that today’s CIOs are facing and he agrees that we’ve got some challenges facing us.

The old approach to storage was to simply add more cheap storage as needed. This doesn’t work any more for a number of reasons. Just adding more cheap storage is a big waste of money, power, and floor space in data centers.

The new approach to adding more storage that CIOs need to quickly adopt is to realize that when it comes to adding more storage they need to consider the full storage environment: data security, disaster recovery, environmental concerns, etc.

Why The Old Way Of Adding Storage Doesn’t Work Anymore

In the brave new world in which we live, most companies are experiencing double digit storage growth. Sure, we are collecting more information about our customers, managing our supply chains from start to finish, and creating new web portal with which to interact with our customers nearly every day.

However, our dirty little secret is that often the data that we are storing is no longer needed. This may represent a huge liability if our company is ever sued – can you image the cost and effort that it would take to search through all of that (useless) stored data?

If that wasn’t enough to convince you that the the old way of just adding more cheap storage was the wrong way to run an IT shop, then consider this: Delahunty’s research shows that the amount of power that data centers use has doubled in the past 5 years. On top of this, the national average for the cost of electricity has shot up by 44% since 2004.

The Right Way To Store Things

So what’s a CIO to do? First, you’ve got to change the way that you’re doing business when it comes to adding storage. Instead of just meeting requests for more storage, CIOs need to start to make sure that they understand the business requests behind storage needs.

What this means is that the IT department needs to get more involved in understanding just what they are being asked to store. As the requests come in, they need to take the time to classify the value to the business of the data that is being proposed to be stored. When data doesn’t met the “I must always have access to it” criteria, then that data either needs to stored on inexpensive off-line storage or simply discarded.

You may have already realized this – this type of data analysis cannot be automated, it’s a people job. IT staff need to be involved in the data classification process in order to ensure that good decisions are made.

Final Thoughts

Once upon a time, adding additional storage was something that CIOs didn’t have to spend a lot of time thinking about. Storage was cheap and getting cheaper every day and so it seemed like you could keep growing your storage farms forever.

Reality has caught up with us and environmental costs coupled with possible legal issues have turned the world of storage upside down. Now CIOs need a new strategy to deal with their company’s growing storage needs.

Classifying the data that you are going to be storing is the correct first step. Weeding out what doesn’t need to be stored and then using the classification system to move non-critical data to low cost storage solutions can solve multiple problems all at once.

CIOs who can add more storage the right way will have found a way to apply IT to enable the rest of the company to grow quicker, move faster, and do more.

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

What We’ll Be Talking About Next Time

I’ve got a quick question for you: what is the next step in your career? What do you want to get promoted to? In fact, as long as we are talking about that, what comes after THAT promotion? If you want to become a CIO, then career ladder generally goes: IT worker, manager, director, executive director, CIO. Got a plan on how you are going to get to that next step?

Tags: , , , , , , , , ,
Posted in storage | No Comments »

A New CIO Job: Panning For Legal Gold

Monday, August 25th, 2008

A CIO who prepares for legal lawsuits before they happen is valuable indeed
One of the worst things that can happen to a modern company is to for it to get sued. Here in the 21st Century more often than not, lawsuits require that the firm being sued produce electronic documents early on in the whole messy legal process. Good examples of how tricky this can get are the White house’s attempt to retrieve firing emails, Intel’s fight with AMD, and Morgan Stanley’s issues with the SEC. As the Morgan Stanley case shows, if a firm can’t produce the email and electronic records that are asked for it can end up costing the company a lot ($10M in the case of Morgan Stanley). What does all of this legal stuff have to do with a CIO?

Michael Lunch is the CEO of Autonomy Corp. and he does a good job of describing how the search for electronic documents is currently done:

“The old-fashioned way of doing this was having a lot of lawyers doing a lot of simple things, you would literally have lawyers reading though things saying ‘there was chicken for lunch.’ You don’t need lawyers to know that it’s a lunch menu.”

Ouch – what kind of hourly rate does a firm have to pay to have lawyers read old email? This is exactly the type of situation that begs for the IT department to step in and lend a hand. Recognizing that this is an issue, the good folks at HP, Xerox, and IBM are getting ready to jump in and offer products and services.

This new reality of living in an electronic document lawsuit-happy world opens a unique door of opportunity for forward thinking CIOs. When a firm gets sued, everything has to shut down as it relates to documents while the requested material is searched for. If an enterprising CIO had already set up a system to track and categorize the firm’s electronic records, email included, then a lawsuit’s requests could be easily handled. Being able to produce the requested material the next day instead of weeks or months later and being able to do it for much less than a roomful of lawyers would cost would enhance the CIO’s standing among the company’s senior management.

Careful – there’s a right way and a wrong way to go about doing this. The wrong way is the classic IT way: I don’t need anyone else, I (and my department) can do this all by ourselves. Discovery of records as a part of a legal proceeding is really the domain of the company’s legal department. This is clearly a case where the IT team needs to work WITH the legal department. Since any sort of automated search process will be taking cash out of the pockets of outside law firms who traditionally supply the human resources to do information searches, the CIO is going to need to have the full support of his in-house legal team. The moment the lawsuit is filed, the outside firms will be whispering into the CEO’s ear that he/she really needs their pricey assistance. Without the support of the in-house legal team any IT created solution will be discarded in favor of going with a “sure thing”.

Having a solution in place before it is needed is the key to ensuring that the IT team looks good. If a CIO is running around after the event trying to find a solution, then expensive mistakes are going to be made. Finally we have found one area where a CIO can once and for all show the company the true value of the IT department.

Have you ever worked at a company that got hit with a lawsuit that required electronic documents to be produced? How did it go – was it quickly and easily handled or was it an ongoing nightmare? Did this event have any lasting impact on how the firm handled and tracked its electronic documents? Leave a comment and let me know what you think…

Tags: , , , , , ,

Tags: , , , , , ,
Posted in CIO, business, business alignment, ceo, document discovery, it strategy, lawsuit | 4 Comments »