Defensible Disposition Program: Article One—Let’s get down to Basics

For as long as there has been communication and work, there has been a means of documenting and tracking it. Sales receipts, pay stubs, tax documents, letters, memoranda, and beyond all have value at one time or another. Sometimes, those records need to be revisited or referenced later down the road in connection with, for example, taxes, audits, or other reviews. Not knowing whether something will be needed in the future has led to a cultural mantra of “better to save something you don’t need rather than destroy something you do”. Businesses, including law firms, can be guiltier of this than any one person—mountains of boxes in offsite storage facilities around the country more than prove this.  This “keep everything forever” mentality has led to an informational environment with severe financial and risk-related implications, and wading through volumes of data—often unclassified—can be a real hindrance to efficiency. The cost of storage has exponentially increased, and it is becoming more and more difficult to properly index the massive amounts of information. Failure to manage information can lead to over-retention of personal information or other sensitive materials that could cause serious financial or reputational damage in the event of a breach.  It could also result in a violation of the ever-growing number of privacy regulations emerging around the globe.

Further, there’s the implicit cost of finding a particular piece of information and how that cost increases when the information you are looking for is held amongst a tremendous volume of data—think: trying to find a needle in a haystack when the person searching for the needle could otherwise be billing at $995 an hour. The McKinsey Global Institute reports that the average employee spends nearly 20 percent of their workweek looking for internal information. Using these estimates, we can infer that a law firm could experience almost $3,000,000 a week in lost time1Maloney, Andrew. 2022. “Associate Billing Rates Are Growing Faster Than Partner Rates.” law.com. February 3. https://www.law.com/americanlawyer/2022/02/03/associates-billing-rates-are-growing-faster-than-partner-rates/.. An effective information governance program will leverage disposition initiatives to reduce redundant, obsolete, or otherwise trivial information and result in a more efficient and profitable overall informational environment.

So, what does defensible disposition actually mean? Disposition can include several actions, including destroying documents with no legal hold requirements or business value, moving data to less expensive storage (also known as archiving), or transferring custody of the information to another party (such as returning the data to the client to whom it belongs or transferring it to a third party such as another firm). Performing these actions in a defensible manner means attempting to comply with regulatory requirements and internal policies, or, at the very least, considering the client’s best interests throughout the disposition process; and perhaps most importantly, performing disposition activities in a consistent and reasonable way. You should be able to demonstrate to the client or to a judge, if it came to it, that you took all reasonable efforts to get the required input regarding the disposition of a client’s data. Also, depending on any agreed-upon terms in outside counsel guidelines or other documented agreements with the client about file disposition, you may need to get input from partners, clients, general counsel, or other internal people/groups.  

It is easy to get stuck in “analysis paralysis” when attempting to start and maintain a disposition program. To avoid this, it helps to approach your efforts with a two-pronged approach. These two prongs are: legacy and go-forward retention and disposition. Legacy disposition refers to the actions taken on data that precede any formal retention policy implemented by the firm. All organizations have pockets of data that may not have been well organized or governed. Typically, legacy information has little to no business value because of its age. However, because there isn’t a distinct policy covering it—and, more importantly, telling you what to do with it—destroying legacy information isn’t as simple as just throwing it away. In order to mitigate the risk of the data being related to an existing legal hold or being needed down the line, analyze the information, and consult the owners and other involved parties (e.g., attorneys, outside counsel, etc.). This can be especially challenging to navigate when those with relevant institutional knowledge are no longer available to provide guidance and advice. 

Developing an effective legacy disposition program is not a one-size-fits-all practice. It will require information gathering and strategic planning to best understand your areas of opportunity (think low-hanging fruit) vs. potential areas of risk. You will likely find buckets of information that can be addressed quickly and most certainly those that require in-depth analysis, either by people, software, or a combination of both. Partnering with your IT department can be a good start at understanding where your data landfills exist and help to identify pockets of opportunity to prioritize your disposition efforts.

On the other hand, while still having its complexities, a go-forward retention and disposition policy is a bit more straightforward from a defensible disposition standpoint. This policy will explicitly detail the length of time a company will retain certain data and what happens to the data at the conclusion of the retention period. That said, it is important to invest in training and awareness along with monitoring and auditing lest the piles of unstructured and unclassified information continue to proliferate. 

An ounce of prevention is worth a pound of cure; implementing a go-forward program is also the ideal time to ensure you’ve addressed proactive measures such as explicitly stating the firm’s position on retention and disposition in the client engagement letter and capturing any requirements outlined in outside counsel guidelines. Account up-front for the identification and capture of precedents and know-how so that your go-forward program is designed so well that your legacy disposition issues aren’t repeated. The value of collaboration with other departments (such as Knowledge, eDiscovery, Litigation Support, etc.) cannot be overstated. It is through working with these groups that you can glean important knowledge and insights not only into your data landscape but the way in which people use and consume information.

All right, you’re convinced, you need an effective disposition program at your firm—now what? If you’ve been involved with information governance for longer than a minute, you no doubt have heard about the next steps, including identifying a program sponsor and working with key stakeholders to bolster support for the project to increase acceptance and adoption throughout the firm. While these points have been discussed to death by most disposition advocates, they are nonetheless important and need to be considered before starting a disposition program. Your program sponsor should be someone who not only understands the goals of the project and the reason behind it but who is also senior enough to be able to initiate and propagate company-wide change (typically a C-Level executive or General Counsel). Equally as important, your program sponsor can help define items that will not be considered for disposition—items of historical relevance or that continue to serve a business purpose. Of perhaps equal importance, your stakeholders will help navigate the politics of change management—either by helping to influence or in some instances mandating—policy compliance for those that remain steadfast in their current practices. Key stakeholders will differ from firm to firm (depending upon size, culture, internal political dynamics, etc.), but are often director-level employees who can take the project and pass along instruction to the departments to increase adoption.

True information governance requires participation by all firm lawyers and staff. Everyone plays a role—some big, some small—and it is important not only for you to understand those responsibilities but that those performing them do as well. As mentioned, a successful information governance program is more effective with an interdepartmental effort. For example, IT may need to develop a workspace to track project developments and reports to help isolate key data or assist with data analysis. Paralegals and other timekeepers may need to help identify legal holds preventing the disposition of client files. Office assistants and secretarial staff can be instrumental in identifying client contacts and coaxing support out of otherwise busy and (probably) disinterested attorneys. The list could go on and this is just for the execution of the legacy program you will design! This doesn’t even begin to describe the effort going into the deliberate focus given to ensure people know the “who, when, where, why, and how” when retaining information in the first place. 

As the previous paragraph illustrates, there is a lot that goes into a successful disposition program. It could be tempting to rush through many of these steps and start with an aggressive disposition program; however, the benefits of proactive planning and working closely with as many departments within the firm as possible—and even closer with the responsible attorneys—should not be overlooked. Historically, cost savings has been the primary driver motivating the implementation of disposition programs; however, the script has flipped. Disposition initiatives —and really, information governance as a whole—are supporting endeavors aimed at allowing the firm to provide more accurate, reliable, and economical service to its clients. No amount of reduced offsite storage costs will make up for the loss of a client because they came looking for their records that may have been destroyed without proper due diligence, notifications, or other checks and balances. No reduction in the amount of time it takes an attorney to find and retrieve a record they need will rebuild the trust lost if you destroy a client’s record without consulting them first. Conversely, you don’t want your firm to be over-retaining information that you have no requirement to keep or that the client does not wish to have retained. Many clients have their own defensible disposition programs and it is not uncommon for them to want their law firms to be compliant with it. It’s strongly recommended to check (and if warranted, recheck) with responsible attorneys and clients to make sure disposition of client data is appropriate and ensure compliance with any pre-established client agreements. In doing so, you’ll ensure your efforts are not only effective and supportive of business objectives but also defensible.

In the next article of the series, we will begin to sketch out what the program looks like in more granular detail. This will include what to look for in a program sponsor, how to identify and capture key metrics, determining the scope of the program, and what a cooperative effort with your IT department can do for you. So, in short, tune in next time for even more disposition fun!


1Maloney, Andrew. 2022. “Associate Billing Rates Are Growing Faster Than Partner Rates.” law.com. February 3. https://www.law.com/americanlawyer/2022/02/03/associates-billing-rates-are-growing-faster-than-partner-rates/.

Authors

  • Andrew Corridore

    Andrew serves as the Manager of Information Governance Compliance for Akin Gump Strauss Hauer & Feld LLP and operates out of their New York City office. Despite a relatively brief career within Information Governance, Andrew has successfully deployed and managed projects focusing on key IG initiatives at two different firms with vastly different risk appetites and commitment to Information & Data Governance. He is a self-proclaimed IG enthusiast, with emphasis on physical & electronic data disposition, legal hold process management and improvement, lateral transfers, risk mitigation, and Outside Counsel Guidelines. Andrew is particularly interested in the intersection of technology and information governance. Andrew is currently involved in the Information Governance community in a variety of ways, from serving on ILTA’s security and compliance content creation team to volunteering with the local ARMA Metro chapter. He also is heavily involved with the Law Firm Information Governance Symposium (LFIGS) and the recently developed Legal IG Roundtable.

  • Leigh Isaacs

    Leigh serves as the Director of Information Governance for DLA Piper LLP is based within their Washington DC office. She has spent her entire 30+ year career working in law firm environments where her expertise encompasses strategic development and implementation of enterprise records and information governance programs, process improvements, matter lifecycle management, risk mitigation, vendor management, evaluation, design and implementation of legal technology solutions. She particularly enjoys building teams and programs to meet the ever-changing needs of law firms and their clients. Leigh currently serves on the Board of Governors for the CIGO Association and is an active member of the International Legal Technology Association (ILTA) and ARMA, serving in various volunteer and leadership roles for both organizations. She is also a founding Steering Committee Member for the Law Firm Information Governance Symposium and serves on the Advisory board for the Information Governance Initiative. Leigh is a published author, a well-known speaker and an instructor on a wide array of trending issues relating to information governance.

(Visited 3,599 times, 1 visits today)

Andrew Corridore

Andrew serves as the Manager of Information Governance Compliance for Akin Gump Strauss Hauer & Feld LLP and operates out of their New York City office. Despite a relatively brief career within Information Governance, Andrew has successfully deployed and managed projects focusing on key IG initiatives at two different firms with vastly different risk appetites and commitment to Information & Data Governance. He is a self-proclaimed IG enthusiast, with emphasis on physical & electronic data disposition, legal hold process management and improvement, lateral transfers, risk mitigation, and Outside Counsel Guidelines. Andrew is particularly interested in the intersection of technology and information governance. Andrew is currently involved in the Information Governance community in a variety of ways, from serving on ILTA’s security and compliance content creation team to volunteering with the local ARMA Metro chapter. He also is heavily involved with the Law Firm Information Governance Symposium (LFIGS) and the recently developed Legal IG Roundtable.