eDiscovery Daily Blog

The Sedona Conference Has Updated its Commentary on Information Governance: eDiscovery Best Practices

It’s been a busy year for The Sedona Conference® (TSC).  Already this year, TSC has published the Public Comment Version of its Principles and Commentary on Defensible Disposition, the Public Comment Version of their Primer on Social Media, Second Edition (which we discussed in our panel at Relativity Fest earlier this week), the Public Comment version of its Commentary on BYOD: Principles and Guidance for Developing Policies and Meeting Discovery Obligations and the final version of its new Data Privacy Primer.  Now, TSC is releasing an update to its 2014 commentary on Information Governance.

On Wednesday, TSC and its Working Group 1 on Electronic Document Retention & Production (WG1) announced the publication of the Public Comment Version of The Sedona Conference Commentary on Information Governance, Second Edition.  In 2014, The Sedona Conference published its first edition of the Commentary on Information Governance which recommended a top-down, overarching framework guided by the requirements and goals of all stakeholders that enables an organization to make decisions about information for the good of the overall organization and consistent with senior management’s strategic directions.

This Second Edition of the Commentary accounts for the changes and advances in technology and law over the past four years; underscores the role of IG as part of and complimentary to the business, rather than something separate that adds overhead; and emphasizes the costs of eDiscovery which should drive organizations to focus on IG on the front end, resulting in eDiscovery that is more efficient, less painful, and which allows the organization to reap additional benefits from a business perspective. Additionally, this Second Edition also incorporates the knowledge and guidance embodied in the new and updated Sedona commentaries since 2014 such as The Sedona Principles, Third Edition and the above referenced Principles and Commentary on Defensible Disposition, which was spawned by the work on this commentary.

The structure is largely similar to the 2014 Commentary, with updated information in key places.  The eleven principles are virtually identical to the ones from 2014 (only principles 3 and 7 have slight word changes), so the foundation remains the same.  The eleven principles are:

  1. Organizations should consider implementing an Information Governance program to make coordinated, proactive decisions about information for the benefit of the overall organization that address information-related requirements and manage risks while optimizing value.
  2. An Information Governance program should maintain sufficient independence from any particular department or division to ensure that decisions are made for the benefit of the overall organization.
  3. All stakeholders’ views/needs should be represented in an organization’s Information Governance program.
  4. The strategic objectives of an organization’s Information Governance program should be based upon a comprehensive assessment of information-related practices, requirements, risks, and opportunities.
  5. An Information Governance program should be established with the structure, direction, resources, and accountability to provide reasonable assurance that the program’s objectives will be achieved.
  6. The effective, timely, and consistent disposal of physical and electronic information that no longer needs to be retained should be a core component of any Information Governance program.
  7. When Information Governance decisions require an organization to reconcile conflicting laws or obligations, the organization should act in good faith and give due respect to considerations such as data privacy, data protection, data security, records and information management (RIM), risk management, and sound business practices.
  8. If an organization has acted in good faith in its attempt to reconcile conflicting laws and obligations, a court or other authority reviewing the organization’s actions should do so under a standard of reasonableness according to the circumstances at the time such actions were taken.
  9. An organization should consider reasonable measures to maintain the integrity and availability of long-term information assets throughout their intended useful life.
  10. An organization should consider leveraging the power of new technologies in its Information Governance program.
  11. An organization should periodically review and update its Information Governance program to ensure that it continues to meet the organization’s needs as they evolve.

This Commentary is contained within a 53 page PDF file, so it’s certainly a reasonable read (less than one court case we recently covered).

The Sedona Conference Commentary on Information Governance, Second Edition is open for public comment through December 5, 2018. As always, questions and comments regarding the Commentary may be sent to comments@sedonaconference.org and the drafting team will carefully consider all comments received and determine what edits are appropriate for the final version.  You know the drill.

Also, I’m sad to pass along the news that Nigel Murray passed away a couple of nights after his two-year battle with brain cancer.  I did not know Nigel well, but, in the couple of times I encountered him (including this thought leader interview a few years ago), I found him delightful and very engaging. Craig Ball has written a wonderful tribute to Nigel on his Ball in Your Court blog here.  My condolences to his family and to all in the profession who had the good fortune to work with him or get to know him personally or professionally.

So, what do you think?  Does your organization have a formal Information Governance program?  As Tom O’Connor and I discussed in a recent webcast, many organizations don’t.  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.