Re: E-Discovery

I will also suggest you talk to your lawyers first and figure out what
you need to do.
Here are some suggestions after you talk to your lawyers.
1. write/update policies to include electronic data and how long it
will be kept for.
2. write/update policies for data retention.
3. work with the IT team for hardware, software and space required and
possible issues.
4. write/update process for data recovery.
5. review your plan with the lawyers.

On 5/15/07, Ken Kousky <kkousky@xxxxxxxxxx> wrote:
E Discovery are the rules that apply for litigation so you need to be involved in a tort - a legal dispute to be using e discovery. We mostly think about it defensively, in case we are someday involved in a suit.

The courts have become more aggressive at forcing companies to produce documents in such a dispute or else ordering that "adverse inferences" be drawn, which means that the missing data should be assume to be the most damaging possible - otherwise the party would not have lost the data in the first place. Morgan Stanley can attest to the millions of dollars of damages that can be awarded under such circumstances.

Hope that might get you started but if you're already actively engaged in an ediscovery situation, talk to your lawyers first, last at all points in-between.

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Elizabeth Tolson
Sent: Tuesday, May 15, 2007 12:50 AM
To: Craig Wright; Simmons,James; david.a.harley@xxxxxxxxx
Cc: security-basics@xxxxxxxxxxxxxxxxx
Subject: E-Discovery

Is there anyone on this list who uses or does E-Discovery.

This is something that interests me and I would love to chat with someone who does, in fact, use or conducts E-Discovery.



If you think technology can solve your security problems, then you
don't understand the problems and you don't understand the technology.
Bruce Schneier