Electronic discovery (e-discovery) is a significant burden for many organizations, regardless of industry or size. Over 90 percent of the data in the world today has been created within the past two years, and the number and variety of data sources that an organization must manage continues to grow. The cost of collecting and reviewing data in response to litigation and/or regulatory requests increases commensurately, inflating legal budgets and often requiring scores of attorneys to review an increasing number of documents. In response, organizations turn to technology, where a variety of buzzword-laden marketing materials promise to analyze haystacks so that needles are readily (and almost magically) brought to the surface.
That said, not all of these promises are fantastic. The capabilities of these tools have indeed increased in recent years, and there is a dedicated group of attorneys, judges, and technologists that works tirelessly to broaden acceptance within the e-discovery community. However, the vast majority of this advocacy is reactive in its orientation (i.e., it proceeds from the premise that an external triggering event puts things in motion).
Perhaps a change in perspective is needed to break from the tradition of reactively searching for needles in ever-expanding digital haystacks. A proactive alternative to the challenges of data proliferation requires an approach that gives stakeholders control of data before a lawsuit lands or a compliance obligation triggers the need for an involved response.
Information governance represents just such an approach. Properly designed, information governance addresses how information assets are created, preserved, classified, secured, retrieved, and (ultimately) deleted. While large corporations often have dedicated functions focusing on records management, information governance supersedes this practice to proactively manage data through a full life cycle. Perhaps the key insight provided by information governance is demonstrating to organizations why they create, use, and retain categories of data. Ideally, organizations keep only that data with a demonstrable tie to business value, legal requirements, or institutional history. In practice, research conducted by the Compliance, Governance and Oversight Council (CGOC) shows that 60 percent of data retained by organizations globally meets none of these criteria.