So, you’ve started working on defining your policy and have a handle on what data to keep, now the next big questions is:
Where do I keep the information?
Knowing where data is stored and who has access to it is one of the biggest concerns when going through the ediscovery process. Your mail archiving software should allow for freedom of configuation when setting up where email data will be stored.
- How is the data stored? – Single Store vs. Personal Stores, does it matter? It all depends on how the data will be used. If your organization is archiving for space and users will need easy access, then a personal archive may be best. If the need to archive email is for ediscovery and compliance concerns, then a single data store may be better. Additionally, How will legal need to access the data? Will Legal need all the data or only specific data per user or year?
- Format – When archiving the data, what format will it need to be converted to? Does the email data stay with the application you are using in your organization (e.g. Lotus Notes/Domino, Microsoft Exchange, etc.), or does the data get placed into a proprietary store? If preserving email data storage is a primary factor, this may not be a concern, but if legal issues are the driving force, then this choice will need to be weighed considerably. Also consider if the data is being changed to another format, could the integrity of the document be called into question? These are questions only your legal department can answer.
- Access – Who will have access to the data and what are they allowed to do with it once they open the archive? If archiving for storage, then most likely the users will have free range over what they do. If archiving for Compliance or Legal reasons, then access to the data must be carefully controlled. Make sure you have documented who has rights, what they can or can not do and who ‘Owns’ the data if organizational policies are ever called into question.
- Organization – How is the email data going to be organized? Organizing data does not refer using a single store or personal store, but rather is referrring to whether data should be lumped into one big database regardless of age or litigation case. Archived data should be organized to make it easy for your ediscovery solutions to find that data when needed. From a storage perspective, data should be organized by year or some other logical means so when the time comes, removing old data is fairly simple. If your retention period calls for 5 years of archived data, having the data already organized by year allows you to easily remove the data that is older than 5 years. If you pick the right solution, it shouldn’t matter where the data is stored. Users won’t know the difference (a topic for an upcoming article). If you are looking at organizing data in terms of Compliance or Legal issues, then organization may look a little different. If data needs to be archived for compliance and ediscovery purposes, then organizing data by year may also work. However, if you’re handling data for pending litigation, then organizing by keyword or the driving factor behind the litigation is most likely best bet. Regardless, organizing data up front will help streamline the ediscovery process and provide all parties involved answers much quicker.