Note: This 5-minute guide to preparing for the legal hold process is a part of our larger Legal Hold Playbook. You can download the full guide here.
Before the legal hold: The triggering event
The need to initiate a legal hold arises when possible legal or regulatory action is anticipated – or a demand or letter complaint has been received.
Depending on your company’s industry, region and type of business, triggering events can vary. These may include:
Anticipated litigation
- External events triggering shareholder suits
- External events triggering class action lawsuits
- External events triggering individual civil or criminal suits
Regulatory action
- Internal events
- Employee termination
- Investigations
Once a triggering event has taken place, you’ll likely receive a request from counsel to issue a legal hold and preserve data.
Developing, documenting, and following a plan for preservation compliance will ensure that you mitigate the risk of spoliation.
Preparing for a legal hold
Legal holds are extremely important, as the failure to properly initiate legal holds can result in negative inferences and hefty sanctions.
Before you begin blocking and tackling a legal hold, it’s critical you understand:
- Who your stakeholders are in each department
- What data you have
- Where that data lives (i.e., in which applications)
- The roles and responsibilities for each legal team member.
This guide will walk you through each of these items so you’re set up for success.
1. Identifying legal hold stakeholders by department
Your stakeholders are the individuals who either:
- play an active role in the legal hold workflow, or
- need to be notified at every step.
These individuals tend to be gatekeepers of information, IT assets, and/or data that will be needed to ensure compliance with legal hold. Additional stakeholders may be involved for specific matters depending on scope of litigation/investigation.
Some examples of common stakeholders include:
- General Counsel/Legal
- Head of IT
- Chief Information Security Officer (CISO)
- Chief Data Security Officer (CDO)
- Human Resources
- Chief Sales Officer
- CRO
- CFO
Read next: Legal Hold Guide: How to Manage Custodians
2. Identifying data sources
One of the requirements of legal hold is preserving data. In today’s working world, the sheer number of data sources that can be subject to legal hold only continues to proliferate. Access and ability to automate preservation in these sources greatly varies depending on the functionality of the application and the licensing level your organization has procured.
Related: Check out our free ebook on mastering new and complex data types for ediscovery: Ediscovery Expanded. 📚
Here are some questions to consider:
- What data sources do you have?
- Where does your data sit?
- Who is the gatekeeper of that information? (Meaning, if you needed to ask a question about the data or talk to someone regarding its preservation and collection, who would you need to speak to?)
💡Pro tip: When evaluating your potential data sources, be as broad as possible. You’ll want to brainstorm with your IT department to ensure that your playbook encompasses all possible data locations. Again, some data sources may only be relevant to a specific matter. Allow for this in your playbook.
Here are some higher-level examples of common data sources to preserve. (Note: Any data a particular employee touches could potentially be required to be held.)
Email applications
- Outlook
- Gmail
Cloud storage applications
- Dropbox
- Box
- OneDrive
- Google Drive
- SharePoint
Productivity applications
- Microsoft 365
- Google Workspace
- Asana
- Trello
Collaboration applications
- Microsoft Teams
- Google Chat
- Slack
- Discord
- Mattermost
💡 Related reading: How to handle collaborative data in ediscovery.
Meeting software
- Skype
- Zoom
- Fuze
- Google Meet
- Microsoft Teams
💡 Related reading: How to handle virtual conferencing data in ediscovery.
Network drives
- Private drives
- Shared drives
Cloud backup & storage solutions
- Code42
- Isilon
- NetApp
Additionally, you must consider physical infrastructure, including:
- Company-issued computers
- Company-issued cellphones
- Shared file systems and drives
Your organization may also employ enterprise technology management applications to oversee physical infrastructure and hardware as well, such as:
- Oomnitza
- Teqtivity
3. Identifying legal hold team members
Legal hold can be a complicated process. Make sure you know all the members of your legal hold team and what their core responsibilities are. This will help you to determine an internal chain of command, starting with the owner of the legal hold process.
💡Pro tip: Develop a protocol for keeping your stakeholder, data, and legal team information up to date. Ideally, these should be re-examined at least quarterly, but determine what cadence works best for your company, and stick with it.
Bonus: Use our free downloadable worksheet to organize relevant information sources at your company that may be subject to legal hold.
Make legal holds easy with DISCO
Tired of manually updating spreadsheets of legal hold stakeholders and information sources? DISCO’s got you covered.
DISCO Hold is an easy-to-use enterprise legal hold platform that automates the manual work necessary to comply with preservation requirements – empowering legal teams to preserve data, notify custodians, track holds with a defensible audit trail, and collect data, all from a single interface.
Check out our full Legal Hold Playbook – or request a demo to see how DISCO can make your hold process fast and simple.