Employee Departures and Data Loss

In Re Actos (Pioglitazone), No. 11-md-2299 (W.D. La. Jan. 27, 2014), was a product liability matter involved an anti-diabetic drug, Actos, which was alleged to have caused the plaintiffs' bladder cancers. The defendant, a pharmaceutical company with employees in Japan, the United States and the European Union, was the subject of a motion for spoliation sanctions by the plaintiffs. A central point of contention was the loss or destruction of custodial files of some 46 employees, including those of company presidents and key officers. The defendant argued that all or nearly all of these employees left before litigation become reasonably anticipated, and their files were not subject to the hold. The plaintiffs cited an existing hold that began in 2002 as part of a different matter related to Actos that included these employees within its broad scope. The court agreed with the plaintiffs and allowed all evidence of the defendant's mishandling of the files to be presented to the jury

In re Pradaxa (Dabigatran Etexilate)

In re Pradaxa (Dabigatran Etexilate), MDL No. 2385, 3:12-md-02385-DRH-SCW, 2013 WL 6486921 (S.D.Ill. Dec. 9, 2013), was a product liability matter over a blood-thinning drug that allegedly caused internal bleeding in the plaintiffs. The defendant, a multinational pharmaceutical company, had been previously fined $30,000 for violations during the course of discovery, and received an injunction compelling communication of a legal hold to all known witnesses and “custodians of every known or potential source of discoverable material.” During the pendency of the matter, a key scientist in Pradaxa's development who had not been identified as a custodian left the company and his custodial file was destroyed. As a result, the court imposed a $931,000 fine and threatened “remedies yet to be addressed” for further misconduct.

Day v. LSI Corp.

Day v. LSI Corp., No. CIV 11-186-TUC-CKJ, 2012 U.S. Dist. LEXIS 180319 (D. Ariz. Dec. 20, 2012), was a wrongful termination matter with allegations of racial discrimination, breach of contract and other matters. A key custodian, the plaintiff's supervisor, left LSI during the pendency of the lawsuit. Neither his files nor his instant messages were preserved. LSI made some attempts to recover from backups, but they were not effective. The plaintiff moved for sanctions and received them, including a default judgment, adverse inference injunction and monetary sanctions.

Employee ESI

According the Society of Human Resources Management (SHRM), approximately 13%-15% of an organization's employees separate annually. Typically, no one person tracks employee separations or changes on behalf of the legal department. Therein lies the problem: There are numerous ways to lose or fail to identify employee ESI that could reasonably be relevant to litigation or a subpoena, and it seems that new sources appear regularly. In addition, many organizations allow the use of employee-owned mobile devices and cloud storage without considering the implications of those data sources on e-discovery, only to discover the hard way, after ESI have been lost, through sanctions.

Data Preservation Challenges

Preserving ESI from custodians who leave the company or transfer to other divisions is significantly complicated by the fact that such changes implicate three disparate departments: legal, IT and HR. Each of these has established processes for addressing employee departures and status changes, and these processes often reflect conflicting priorities. When an employee departs the organization, HR and IT teams are primarily focused on administrative concerns and systems management, which almost always includes purging former employee information and data from shared databases and servers, and wiping unused computing devices (e.g., laptops, desktops, company-issued mobile devices, etc.) before reassigning them to new employees. Depending on an organization's policies, these actions can take place quickly after an employee departs, leaving legal with a narrow time window to intervene and ensure that legally responsive ESI is adequately preserved.

Some organizations have no defined process for communicating employee status changes, instead relying on legal team members to proactively seek out such information on their own. Other organizations rely on periodic reports delivered over e-mail from HR detailing employee roster changes. In some cases, HR databases can be configured to transmit automated e-mail notifications when changes occur within the system. All of these approaches have significant shortcomings.

For legal teams that rely on spreadsheets and other static forms of documentation to manage legal holds, the process of identifying which employees belong to which holds, and cross-referencing those names against HR reports, can amount to hours of highly tedious work. Errors and oversights are inevitable. Automated notifications can provide legal with critical information more quickly and eliminate “information overload.” However, legal teams are rarely in a position to respond immediately to each notification, which leads to tasks slipping through the cracks or being ignored altogether.

Even when actionable employee status changes are identified, the process by which legal communicates that information to IT is typically fraught with inefficiency and opportunities for mistakes, especially when IT tasks are being executed by different members of the department. For example, one member of the IT team might preserve a departed custodian's hard drive based on a request from legal while another, unaware of the request, deletes the custodian's ESI from the e-mail server.

Education

The easiest countermeasure to data spoliation associated with departing employees is awareness and education. It is critical that legal teams inform their counterparts in HR and IT that preservation obligations persist regardless of whether a custodian is actively employed. In some work environments, it works well to have a single member of each team participate in regular, in-person meetings, which help promote a more active, engaged dialogue around the key issues. Ultimately, the goal is to come up with a plan that strikes a balance between the organization's legal obligations and its desire to minimize operational expenses.

Custodians should also be made aware of spoliation risks that result from their leaving the company. Legal teams should not assume that custodians are going to be thinking about their legal hold obligations as they prepare to depart the organization. Consequently, it is useful to include language in the legal hold notice itself, and to issue subsequent reminders, all of which instruct custodians to notify legal if they know they will soon be leaving the company, going on extended leave or changing departments. It can be as simple as a checkbox embedded in the legal hold notice, minimizing effort required for custodians to comply. Even if some custodians ignore the request and relevant ESI is later lost, the mere inclusion of such language in a legal hold conveys to a court that steps were taken, albeit poorly enforced, to mitigate spoliation risks. This may lessen or even prevent sanctions.

Systems Integration

For large companies with thousands of geographically dispersed employees, the sheer amount of information that must be exchanged between departments when an employee departs can be overwhelming. It goes well beyond the departing employee's name. Legal will often need to know the employee's location, department, supervisor and other details of his or her employment to identify what holds may be implicated by the change. Likewise, IT teams will be interested in similar information so they can track down where the person's ESI is stored. They also need a full list of company-issued devices belonging to the employee, such as laptops and mobile phones.

Organizations can eliminate the burdens associated with acquiring this information manually by integrating corporate systems so that relevant information is automatically exchanged without human intervention. Legal professionals might balk at the perceived complexity involved in integrating their technology with other corporate systems. In fact, there are many newer e-discovery technologies that are specifically designed to work with other systems, and integration can be seamless and non-disruptive.

For example, when an organization integrates its HR and legal hold management systems, the aforementioned tedious and error-prone cross-referencing can be done automatically, with legal teams only being alerted to those employee status changes that overlap with custodian lists and require actions. Another significant advantage of leveraging technology integration is the speed at which actionable changes can be detected. Relying on manual approaches, it's not uncommon for legal teams to be unaware of a custodial status change until several days, if not weeks, after it occurs. When systems are integrated, changes to the HR systems can be reflected in the legal hold application in near real-time, giving legal teams, and IT teams should they have access to the same system, much quicker access to critical information.

Conclusion

The risk of ESI spoliation stemming from employee departures is significant with a 13%-15% annual separation rate. The impact of these changes is growing with the widespread use of mobile devices and cloud-based services. In order to meet this threat, organizations need to develop an “early warning system” that detects changes than can lead to data loss and take corrective action. This detect-and-response system is rooted in educating HR and IT team members about the importance of preservation obligations and integrating departmental information systems. Legal leading this effort in partnership with IT will go a long way toward demonstrating to a court the extent of its good-faith efforts to preserve ESI should a failure occur.

Scott Giordano is corporate technology counsel for Exterro. He serves as Exterro's subject matter expert on the intersection of law and technology as it applies to e-discovery, information governance, compliance and risk management issues.

Here is a scenario that should make in-house counsel pause: An employee who is (or should be) on legal hold leaves the organization and her PC is “recycled” by the IT department. All electronically stored information (ESI) is destroyed, the employee's mobile device also goes out the door and the employee's cloud-based repositories disappear into the ether. Soon thereafter, an opposing litigant discovers that potentially responsive ESI from the employee has not been preserved. A motion for sanctions quickly follows. Even if the organization is not sanctioned, other e-discovery failures that occur, even if unrelated, will accumulate and test the court's patience.

Several court cases illustrate this potential and its consequences.

In Re Actos (Pioglitazone)

In Re Actos (Pioglitazone), No. 11-md-2299 (W.D. La. Jan. 27, 2014), was a product liability matter involved an anti-diabetic drug, Actos, which was alleged to have caused the plaintiffs' bladder cancers. The defendant, a pharmaceutical company with employees in Japan, the United States and the European Union, was the subject of a motion for spoliation sanctions by the plaintiffs. A central point of contention was the loss or destruction of custodial files of some 46 employees, including those of company presidents and key officers. The defendant argued that all or nearly all of these employees left before litigation become reasonably anticipated, and their files were not subject to the hold. The plaintiffs cited an existing hold that began in 2002 as part of a different matter related to Actos that included these employees within its broad scope. The court agreed with the plaintiffs and allowed all evidence of the defendant's mishandling of the files to be presented to the jury

In re Pradaxa (Dabigatran Etexilate)

In re Pradaxa (Dabigatran Etexilate), MDL No. 2385, 3:12-md-02385-DRH-SCW, 2013 WL 6486921 (S.D.Ill. Dec. 9, 2013), was a product liability matter over a blood-thinning drug that allegedly caused internal bleeding in the plaintiffs. The defendant, a multinational pharmaceutical company, had been previously fined $30,000 for violations during the course of discovery, and received an injunction compelling communication of a legal hold to all known witnesses and “custodians of every known or potential source of discoverable material.” During the pendency of the matter, a key scientist in Pradaxa's development who had not been identified as a custodian left the company and his custodial file was destroyed. As a result, the court imposed a $931,000 fine and threatened “remedies yet to be addressed” for further misconduct.

Day v. LSI Corp.

Day v. LSI Corp., No. CIV 11-186-TUC-CKJ, 2012 U.S. Dist. LEXIS 180319 (D. Ariz. Dec. 20, 2012), was a wrongful termination matter with allegations of racial discrimination, breach of contract and other matters. A key custodian, the plaintiff's supervisor, left LSI during the pendency of the lawsuit. Neither his files nor his instant messages were preserved. LSI made some attempts to recover from backups, but they were not effective. The plaintiff moved for sanctions and received them, including a default judgment, adverse inference injunction and monetary sanctions.

Employee ESI

According the Society of Human Resources Management (SHRM), approximately 13%-15% of an organization's employees separate annually. Typically, no one person tracks employee separations or changes on behalf of the legal department. Therein lies the problem: There are numerous ways to lose or fail to identify employee ESI that could reasonably be relevant to litigation or a subpoena, and it seems that new sources appear regularly. In addition, many organizations allow the use of employee-owned mobile devices and cloud storage without considering the implications of those data sources on e-discovery, only to discover the hard way, after ESI have been lost, through sanctions.

Data Preservation Challenges

Preserving ESI from custodians who leave the company or transfer to other divisions is significantly complicated by the fact that such changes implicate three disparate departments: legal, IT and HR. Each of these has established processes for addressing employee departures and status changes, and these processes often reflect conflicting priorities. When an employee departs the organization, HR and IT teams are primarily focused on administrative concerns and systems management, which almost always includes purging former employee information and data from shared databases and servers, and wiping unused computing devices (e.g., laptops, desktops, company-issued mobile devices, etc.) before reassigning them to new employees. Depending on an organization's policies, these actions can take place quickly after an employee departs, leaving legal with a narrow time window to intervene and ensure that legally responsive ESI is adequately preserved.

Some organizations have no defined process for communicating employee status changes, instead relying on legal team members to proactively seek out such information on their own. Other organizations rely on periodic reports delivered over e-mail from HR detailing employee roster changes. In some cases, HR databases can be configured to transmit automated e-mail notifications when changes occur within the system. All of these approaches have significant shortcomings.

For legal teams that rely on spreadsheets and other static forms of documentation to manage legal holds, the process of identifying which employees belong to which holds, and cross-referencing those names against HR reports, can amount to hours of highly tedious work. Errors and oversights are inevitable. Automated notifications can provide legal with critical information more quickly and eliminate “information overload.” However, legal teams are rarely in a position to respond immediately to each notification, which leads to tasks slipping through the cracks or being ignored altogether.

Even when actionable employee status changes are identified, the process by which legal communicates that information to IT is typically fraught with inefficiency and opportunities for mistakes, especially when IT tasks are being executed by different members of the department. For example, one member of the IT team might preserve a departed custodian's hard drive based on a request from legal while another, unaware of the request, deletes the custodian's ESI from the e-mail server.

Education

The easiest countermeasure to data spoliation associated with departing employees is awareness and education. It is critical that legal teams inform their counterparts in HR and IT that preservation obligations persist regardless of whether a custodian is actively employed. In some work environments, it works well to have a single member of each team participate in regular, in-person meetings, which help promote a more active, engaged dialogue around the key issues. Ultimately, the goal is to come up with a plan that strikes a balance between the organization's legal obligations and its desire to minimize operational expenses.

Custodians should also be made aware of spoliation risks that result from their leaving the company. Legal teams should not assume that custodians are going to be thinking about their legal hold obligations as they prepare to depart the organization. Consequently, it is useful to include language in the legal hold notice itself, and to issue subsequent reminders, all of which instruct custodians to notify legal if they know they will soon be leaving the company, going on extended leave or changing departments. It can be as simple as a checkbox embedded in the legal hold notice, minimizing effort required for custodians to comply. Even if some custodians ignore the request and relevant ESI is later lost, the mere inclusion of such language in a legal hold conveys to a court that steps were taken, albeit poorly enforced, to mitigate spoliation risks. This may lessen or even prevent sanctions.

Systems Integration

For large companies with thousands of geographically dispersed employees, the sheer amount of information that must be exchanged between departments when an employee departs can be overwhelming. It goes well beyond the departing employee's name. Legal will often need to know the employee's location, department, supervisor and other details of his or her employment to identify what holds may be implicated by the change. Likewise, IT teams will be interested in similar information so they can track down where the person's ESI is stored. They also need a full list of company-issued devices belonging to the employee, such as laptops and mobile phones.

Organizations can eliminate the burdens associated with acquiring this information manually by integrating corporate systems so that relevant information is automatically exchanged without human intervention. Legal professionals might balk at the perceived complexity involved in integrating their technology with other corporate systems. In fact, there are many newer e-discovery technologies that are specifically designed to work with other systems, and integration can be seamless and non-disruptive.

For example, when an organization integrates its HR and legal hold management systems, the aforementioned tedious and error-prone cross-referencing can be done automatically, with legal teams only being alerted to those employee status changes that overlap with custodian lists and require actions. Another significant advantage of leveraging technology integration is the speed at which actionable changes can be detected. Relying on manual approaches, it's not uncommon for legal teams to be unaware of a custodial status change until several days, if not weeks, after it occurs. When systems are integrated, changes to the HR systems can be reflected in the legal hold application in near real-time, giving legal teams, and IT teams should they have access to the same system, much quicker access to critical information.

Conclusion

The risk of ESI spoliation stemming from employee departures is significant with a 13%-15% annual separation rate. The impact of these changes is growing with the widespread use of mobile devices and cloud-based services. In order to meet this threat, organizations need to develop an “early warning system” that detects changes than can lead to data loss and take corrective action. This detect-and-response system is rooted in educating HR and IT team members about the importance of preservation obligations and integrating departmental information systems. Legal leading this effort in partnership with IT will go a long way toward demonstrating to a court the extent of its good-faith efforts to preserve ESI should a failure occur.

Scott Giordano is corporate technology counsel for Exterro. He serves as Exterro's subject matter expert on the intersection of law and technology as it applies to e-discovery, information governance, compliance and risk management issues.