Managing Privacy Risks in eDiscovery
Privacy compliance is a primary concern for corporate counsel and risk managers. Most institutions are investing more resource in the operation and management of regulatory compliance. Electronic discovery (eDiscovery) is proving to be a particularly challenging area of privacy compliance due to the number of parties involved and varied regulatory governance across multiple regions.
Protecting personally identifiable information (PII) is central to all data privacy regulations. Typically PII includes any individual pieces of information that identify an individual, for example a person’s name and ID or credit card number. For organisations that do business internationally, privacy compliance may be complex within their own country (as in the US), and also have to extend across borders. The numerous laws surrounding data privacy make it critical for counsel to know what data is being collected, what information is contained in the stored data, and where it is geographically located. There is no single best method to limit privacy risk exposure, but rather a number of components that effectively manage compliance.
Cenza has created a hosted coding solution to ensure that the images and database are retained in the UK at all times while coding is performed from our secure offshore location, combining domestic data protection with offshore scalability and cost advantages. Our solution is a process driven management system that controls the distribution of coding “batches” throughout the production process; including logical unitisation, coding, quality control (QC) and data validation. The system allows for tracking and reporting of the batches during each process, and rigorous monitoring of productivity and quality.
To maintain the highest level of quality, our ISO 9001:2008 compliant quality processes integrate into our entire workflow. By enforcing rigorous quality standards on all work executed, we ensure accurate and timely data delivery.
Quality Analysts assigned to each project ensure internal consistency. They remain closely involved through the life of each project to assure we deliver results that conform to customer requirements. They also serve as a single point of client communication on all project-related issues.
Data mining techniques and PII identification software are steadily improving, but data privacy's rapidly changing rules and regulations don’t always align with the demands of litigation or investigations. Understanding the complexities of compliance, proper planning and efficient implementation by qualified experts help avoid data privacy issues in the regular course of business and litigation.