HANZO PRACTICAL GUIDE Enterprise Collaboration Essentials for eDiscovery and Compliance Enterprise Collaboration Essentials for eDiscovery and Compliance

When you’re handling an ediscovery matter or a compliance investigation, your goal is to get to the bottom of whatever happened (or, perhaps, didn’t happen). To develop a clear picture of the incident, you need more than guesswork, hunches, or general impressions of the people event—you need cold, hard facts. Those individual facts are like puzzle pieces; each one alone may not tell much of a story, but when you assemble enough of them and put them together in the right way, a compelling picture emerges.

Of course, ediscovery and compliance investigations don’t come neatly packaged in a box with a helpful picture on the front so you know how they’re going to turn out. The challenge is to find relevant facts, wherever they may be, and figure out how they fit together. For 20 years or more, organizations have looked almost exclusively to email to establish who said what to whom. After all, email has been the primary method of business communication in the digital era—until recently.

But email is falling out of favor in today’s collaborative workplaces. Now, teams communicate more through collaboration and project management applications like Slack, Microsoft Teams, Ryver, Flock, Yammer, Confluence, Asana, Basecamp, Trello, and many others. This shift has given rise to new digital “paper trails” of potentially useful facts, from project notes and comments on document drafts to expense reports and team conversations. Imagine having access to information like:

• project discussions in Jira demonstrating that a particular employee— who has since left the company to work for a competitor—was not involved in the creation of a product or concept that she now claims to own the intellectual rights to;

Practical Guide Presented by Hanzo 2 Enterprise Collaboration Essentials for eDiscovery and Compliance

The next time you’re skimming through a discussion in Slack, Jira, or Basecamp, ask yourself whether any of the comments in that conversation could serve as valuable evidence in the right kind of investigation.

• workflow assignments in Asana showing that one employee—who happened to be a person of a minority race—was consistently passed over for challenging assignments in favor of another equally situated employee—who happened to be white; or • conversations in Slack wherein a manager consistently condescended to and belittled his only female report—who has now accused him of discrimination and harassment.

Unfortunately, organizations are losing these interesting and useful facts in the plethora of business systems people use on a daily basis. They may not ever think about collaboration apps for fact-finding missions— or if they do, they don’t know how to find those helpful facts and can’t properly protect them if they do happen to stumble across them.

There’s another reason that organizations may need collaboration app data for regulatory compliance, particularly in the financial services industry: if they communicate with clients using non-email platforms like Slack, they need a way to retain records of those conversations.

So, how can you start effectively collecting and preserving the data in collaboration apps both to establish facts for ediscovery and compliance investigations and to ensure you maintain complete books and records? Let’s start by dissecting the obstacles standing in your way.

Practical Guide Presented by Hanzo 3 Enterprise Collaboration Essentials for eDiscovery and Compliance

THE PROBLEM

There are three main reasons why organizations aren’t already effectively dealing with collaboration application data in ediscovery and compliance:

• the sheer number of collaboration apps and their variability, • the dissimilarity of collaboration app data with familiar types of electronically stored information (ESI), and • the reality that collaboration apps haven’t been designed for ediscovery and compliance.

1. THERE ARE HUNDREDS OF COLLABORATION APPS, AND THEY’RE ALL DIFFERENT

The sheer variety of collaboration apps—and the variety of their uses— poses a problem. Collaboration apps include anything that teams can use to communicate about their work, such as:

• chat programs that allow teams to discuss their work without using email, most of which allow other file types to be embedded or referred in the conversation and integrate their data with information from other apps; • document management systems that allow users to comment on changes or otherwise discuss the progress of their documents; • project management programs that show how workflows, projects, and individual tasks are proceeding and that allow users to give feedback, ask questions, and brainstorm about assignments; • calendar applications that allow users to ask questions and add details about meetings and upcoming events; • expense management programs that provide space for back-and-forth discussion of individual expenditures and receipts; and more.

Practical Guide Presented by Hanzo 4 Enterprise Collaboration Essentials for eDiscovery and Compliance

Three additional subproblems spring from this variety of apps. First, these different types of apps will obviously all produce somewhat different types of data, meaning that there can’t be a one-size-fits-all solution for managing collaboration apps (though web-based capture comes close; we’ll get to that in a moment!). Even the answers to basic questions like “Who owns this data?,” “Where does the data reside?,” and “How long will this data be available?” are variable, depending on the individual application.

Second, there’s a tremendous amount of overlap between different types of collaboration programs, which means that one type of data or information might exist in any of several different locations (or in all of them). Notes about an upcoming project meeting might, for example, be in a chat application like Slack, in a comment on the document setting forth the meeting agenda within a document management system, in the project management app under tasks related to that meeting, in the calendar or video conferencing application where the meeting is actually set up, or in the expense reports about that meeting, if expenses were incurred in the process of setting up or running the meeting.

  Don’t panic: this abundance of options can be somewhat overwhelming, but it also represents an abundance of facts—the very facts you need to establish in an ediscovery or compliance investigation.

Practical Guide Presented by Hanzo 5 Enterprise Collaboration Essentials for eDiscovery and Compliance

Third, due to the variety of possible collaboration apps and the variety of structures and formats they assume, organizations frequently aren’t aware of all the apps they’re using or all the ways that collaboration and communication are happening within their workforce. Many of these applications can be run from a web browser window without any local installation, meaning that employees can easily do an end-run around IT, either intentionally or inadvertently. Collaboration apps can also generally be launched from smartphones, so organizations that have a BYOD policy may not be aware of what their employees are using to complete business tasks on their personal phones.

Make sure you have a way to stay informed about what apps are in use in your organization. This means having a current list of apps as well as a broader appreciation for where people are collaborating and what they’re communicating about across your organization. TIP Periodically survey at least a segment of your employees to determine what apps they’re using for business and which ones they would like to be using. You might use a truncated version of your ediscovery custodian questionnaire to gather information about app use. Consider limiting this survey to those employees who self-identify as “early adopters” of new technology, as they’re more likely to seek out new technologies.

While you should develop a policy about app use that outlines the permissions employees must obtain to begin using a new collaboration app, you probably shouldn’t try to “policy” your way out of using collaboration apps altogether. After all, these apps are popular because they’re useful. Instead, establish notification hierarchies so that employees know who to talk to about new apps they’d like to adopt.

But if all of these different collaboration tools basically generated the types of ESI that ediscovery and compliance professionals were already familiar with, none of these challenges would be so difficult. The second problem, of course, is that they don’t.

Practical Guide Presented by Hanzo 6 Enterprise Collaboration Essentials for eDiscovery and Compliance

2. COLLABORATION APP DATA ISN’T LIKE MORE FAMILIAR FORMS OF ESI

The data that ediscovery and compliance professionals are accustomed to is what we call “structured” data from a relational database: data whose elements are addressable for effective analysis. Email, however, is semi-structured data that contains semantic tags and the mail boxes which are organized in a database such as Microsoft Exchange or other database, are associated with specific people or custodians.

That structure makes it easy to establish a legal hold for specific custodians’ emails: anyone who sent or received an email is a custodian. It also means that the scope of an inquiry can easily be delineated by applying those custodian names along with date ranges and keywords.

Collaboration apps aren’t organized in the same way. While they’re all unique, they generally operate as unstructured “bulletin boards” for information rather than mailboxes. They unfold chronologically, not necessarily topically, and anyone in a community may have read—or not read—their content. This makes it difficult to understand who the “custodians” are for messages in, say, Slack. Anyone who belongs to a channel where a message appears could be a recipient of that message, meaning that organizations trying to implement legal holds may need to place entire channels on hold.

Moreover, the chronological presentation of collaboration apps poses another problem, in that conversations unfold slowly, over the course of many messages, often interrupted by irrelevant or unrelated messages. Instead of self-contained emails that present a single conversation in a somewhat-organized fashion, unstructured conversations in collaboration apps usually need to be read in their full context—often spanning multiple screens—to be truly understood. That means you can’t just preserve or produce the individual messages that contain keywords; you need to also capture everything around them so that they make sense.

Practical Guide Presented by Hanzo 7 Enterprise Collaboration Essentials for eDiscovery and Compliance

These differences mean that collaboration app data can’t be preserved, collected, or archived using traditional ediscovery tools. And while there’s arguably value in collaboration data regardless of the format it’s captured in—at a minimum, it can serve to guide your investigation or provide fodder for cross-examination during depositions—its value is radically enhanced if the data is captured in its original format. After all, it’s more compelling to read through a conversation the way it actually unfolded in Slack or Jira than it is to try to reconstruct that conversation using a series of screenshots. And if the matter ends in litigation, wouldn’t you prefer to have admissible evidence to establish facts in the deciding tribunal? Sure you would.

Therefore, organizations must learn how to work with data from collaboration applications in a format that is functional, accessible, and admissible as evidence. That means capturing it, storing it, and reviewing it without losing any of its context—including embedded GIFs, reactions, and other dynamic or interactive content. Ediscovery and compliance professionals also need any data they preserve or archive to meet the standards of defensibility within their industry. For litigation, that means it needs to be readily authenticated and admissible in court; for financial industry compliance, records need to be available for supervisory review and maintained in a non-rewritable format.

Financial industry records must be kept in a particular way to satisfy the requirements of the Securities Exchange Commission (SEC). Its Rule 17a-4(f) states that any “records required to be maintained and preserved” can be stored electronically—but only if they’re preserved “exclusively in a non- rewrit[]able, non-erasable format.” In the industry, that’s known as “write once, read many,” or WORM, storage.

Practical Guide Presented by Hanzo 8 Enterprise Collaboration Essentials for eDiscovery and Compliance

The bottom line is that data from collaboration apps should be addressed like every other type of evidence—but because it’s not like any other evidence, it requires new tools and techniques.

One final point: most organizations simply haven’t caught on to the important data lurking in collaboration apps yet. That means that those organizations that have are necessarily serving as trailblazers—and that can be a difficult, sometimes lonely road to walk. It’s made worse by the third problem, which is that collaboration app developers aren’t in the business of ediscovery or regulatory compliance.

3. COLLABORATION APPS AREN’T DESIGNED FOR EDISCOVERY OR COMPLIANCE

We’re not saying that collaboration apps are designed to frustrate ediscovery or compliance—simply that they aren’t built to focus on those goals. Questions about data archives, legal holds, and defensible deletion aren’t top of mind for the teams building these apps; open communication, clear workflows, and straightforward integrations are.

For example, Slack has added an option for organizations to set a message retention period, after which messages are automatically deleted. While this can protect discoverable information and prevent spoliation by preserving entire channels so that messages in those channels aren’t deleted, it’s not a legal hold solution and lacks the granular controls legal departments need.(Note that if you’re using the free version of Slack, you’ve only got access to the most recent 10,000 messages anyway—so anything older than that is no longer available to you with each new message you type.) Sounds good enough, right?

Practical Guide Presented by Hanzo 9 Enterprise Collaboration Essentials for eDiscovery and Compliance

Not really. Slack’s retention capability is entirely binary, either on or off, with no ability to specify particular dates or custodians (which, again, is already a fraught concept). If you’re in a typical organization, where you issue legal holds, it is likely that you’ll have overlapping legal holds for different custodians. You’ll quickly discover that you require the control to be able to release a hold without losing information that might be discoverable under other legal holds. This is why dealing with collaboration systems that were not designed for preservation is so tricky. You need the discrete control so that you only preserve what you need for the time these data are actually subject to a legal hold. Additionally, this control records an audit trail that demonstrates your process for defensibility, should there ever be any question of spoliation.

Another common problem for ediscovery review and compliance supervision is the lack of export ability from many collaboration tools. Slack at least has an export function, but it’s not as functional as ediscovery and compliance professionals would like. Rather, it creates JSON files that are unwieldy and difficult to manage. Each day of activity in each separate channel creates a separate JSON file, so if you’re tracking a conversation that spans multiple days, you’ll have to toggle between numerous files to review it or make any sense of it.

The fact that collaboration apps don’t make ediscovery or compliance easier can seem like it’s the end of the world, especially if you’re in the trenches trying to manage it all. Don’t despair, it’s worth keeping in mind when you find yourself struggling to complete ediscovery and compliance tasks that there are solutions that support ediscovery and compliance workflows when dealing with data from enterprise collaboration applications.

Practical Guide Presented by Hanzo 10 Enterprise Collaboration Essentials for eDiscovery and Compliance

Organizations in the financial services industry should pay particular attention: any online communications that they have with customers— wherever they occur—may be books and records that they’re obligated to retain under the rules and regulations of the Financial Industry Regulatory Authority (FINRA) and the SEC.

Let’s circle back to the bottom line: what you need, in an ediscovery or compliance investigation, are facts that will help you assemble a clear image of what happened in a dispute. Much of the information in collaboration apps can be used to establish those facts. They may be small or seemingly trivial on their own, but don’t be discouraged by the significance of individual facts; you’re looking for cumulative impact—the assembly of numerous small facts, like puzzle pieces, into a logical picture of an entire event.

That means that in fact-driven matters such as workplace, personal injury, intellectual property, and insurance claims, ediscovery and compliance professionals alike should actively consider what facts they might be able to establish using collaboration apps.

Practical Guide Presented by Hanzo 11 Enterprise Collaboration Essentials for eDiscovery and Compliance

EDISCOVERY RULES

Under Federal Rule of Civil Procedure 26(b)(1), the scope of discovery includes “any nonprivileged matter that is relevant to any party’s claim or defense and proportional to the needs of the case.” Rule 34(a)(1)(A) requires the production of “any designated documents or electronically stored information—including writings, … photographs, sound recordings, images, and other data or data compilations—stored in any medium from which information can be obtained either directly or, if necessary, after translation by the responding party into a reasonably usable form.”

See what’s not there? There’s no exception for data from collaboration apps—and once courts and litigants pick up on the rich data source these apps represent, they’re likely to be expressly added to discovery orders.

Practical Guide Presented by Hanzo 12 Enterprise Collaboration Essentials for eDiscovery and Compliance

A FUTURE DIRECTION? EDISCOVERY CASE LAW

To be clear, the case of Paisley Park Enterprises, Inc. v. Boxill, No. 17- cv-1212 (WMW/TNL) (D. Minn. Mar. 4, 2019), concerns text messages rather than evidence from collaboration apps—but it invites a broader consideration of novel sources of ESI. The court explicitly extended its logic to social media, and its arguments speak equally clearly to the data in collaboration apps. It noted that the rules of discovery “do[] not require that the requesting party issue a document preservation letter identifying all types of ESI that it might seek in the future.” Instead, “in the contemporary world of communications,” there exists both “the potential and reality of finding the modern-day litigation equivalent of a ‘smoking gun’ in text messages, emails, and possibly other social media”—not to mention in collaboration apps. In light of that potential information, litigants “do not get to select what evidence they want to produce, or from what sources. They must produce all responsive documents or seek relief from the court.” In other words, if data from collaboration apps is relevant and discoverable, parties must be producing it or, at the very least, asking the court about it.

Convinced about the value of collaboration app data for ediscovery and compliance? Great—now it’s time to actually get into using it. But given that it’s not like traditional forms of ESI, how can organizations identify useful collaboration app data and then preserve, collect, or archive it?

Practical Guide Presented by Hanzo 13 Enterprise Collaboration Essentials for eDiscovery and Compliance

THE SOLUTION: Native-Format Capture of Collaboration App Data

These five steps can help you identify—and capture—potentially relevant data in your collaboration apps for your next ediscovery or compliance matter.

1. MAP THE APPS IN USE ACROSS YOUR ORGANIZATION AND THE DATA IN EACH.

What collaboration apps does your organization use? How confident are you that no one is communicating with customers or their team on an app that you don’t know about? Survey your employees regarding every type of collaboration app that they use for business, whether they access those apps from their work or personal computer or smartphone and whether they use an installed app or a browser-based version.

When you’ve made a complete list of the collaboration apps in use at your organization, determine what sorts of conversations occur in each and create a data map with that information. You may find, for example, that expense reports in Expensify contain detailed notes about who participated in an event that generated a receipt or that Slack conversations tend to be about office administration matters, while Confluence contains the bulk of your employees’ project discussions.

When faced with a specific ediscovery or compliance investigation, interrogate each data source to determine what potentially relevant facts it might contain. This is a fact-driven and fact-specific inquiry that you’ll need to repeat for each new matter, but it will go faster as you grow accustomed to the collaboration apps in your organization—especially if you keep your data map up to date as you use it.

Practical Guide Presented by Hanzo 14 Enterprise Collaboration Essentials for eDiscovery and Compliance

Establishing Ownership of Intellectual Property on Confluence

Has a competitor claimed that your brilliant new product design was actually created by their engineer after she worked for you? Now is the time to break out the product plans from Confluence, showing that your product was already halfway complete before that engineer joined the team.

2. IDENTIFY POTENTIALLY RELEVANT DATA USING CUSTODIAN OR SUBJECT NAMES, DATES, AND KEYWORDS.

Once you’ve got an idea of what you’re looking for—and what you might expect to find—start searching across your collaboration apps for potentially relevant data. Narrow the field of that information by only considering messages or comments that your custodian or data subject was a party to, but remember that custodians are more broadly defined for collaboration apps than they are for communications like email. Anyone on a Slack channel, anyone with access rights to a given document, or anyone associated with a project might have been able to see communications within that data source, regardless of whether they actively participated in the conversation.

Watch Video

Practical Guide Presented by Hanzo 15 Enterprise Collaboration Essentials for eDiscovery and Compliance

When using dates and keywords to search for data, remember that it will usually take more than a single message to capture the context of a conversation within a collaboration app. While emails can be readily threaded into a conversation view to maintain their context, the unstructured data in collaboration apps isn’t neatly bound together in the same way. Be sure you’re looking far enough both before and after keywords to identify all of the related conversations.

Showing Your Response to Consumer Complaints

Is the Federal Communications Commission (FCC) concerned about how your organization is handling a particular type of customer complaint? If you’re tracking your complaint tickets—along with your representatives’ responses and corrective actions—if you can provide that information to the FCC to demonstrate your compliance.

3. CAPTURE DATA AND STORE IT EXTERNALLY.

There are two main ways to capture data from collaboration apps: using a web crawler or using an application programming interface, or API.

Web-based collaboration apps can be archived using WARC, or Web ARChive, files. This process begins with a web crawl, in which software “crawls” through every link and component on the collaboration app’s webpage, capturing the full source code and downloading content with its full native structure. Each component on a webpage is captured in its own WARC file, which specifies not only what the content should include but also what it should look like and how it should respond to user interactions.

Practical Guide Presented by Hanzo 16 Enterprise Collaboration Essentials for eDiscovery and Compliance

The magical part is what happens next: WARC files can be reassembled to create a replica website that looks and operates exactly like the original site did. That allows users to explore the collaboration app’s data exactly as it existed at the time of capture, including navigation through expandable projects and comment histories. These WARC files create a rich, interactive archive experience that has nothing in common with “flat” capture methods like screenshots.

With some types of collaboration apps—particularly Slack—it’s possible to use APIs to access and extract data for ediscovery preservation and compliance archiving. APIs provide essentially a “back door” into the application’s data, allowing users to export it into secure storage or an ediscovery review tool (more on that in a moment).

What’s Wrong With Using Screenshots?

Why go to all this trouble to create specific capture files for collaboration app data? Can’t you just snap screenshots and call it good? Not exactly. Screenshots have three significant flaws. First, they’re time-consuming to obtain, especially when you’re trying to capture every element in a collaboration app’s operation. Second, they’re easy to manipulate, which contributes to courts rejecting them as a reliable and admissible source of evidence. Third, and most importantly, they’re simply not all that compelling. Would you rather flip through a bunch of flat pages to try to reconstruct a conversation—or navigate through that conversation in real time as the original team did?

Practical Guide Presented by Hanzo 17 Enterprise Collaboration Essentials for eDiscovery and Compliance

4. ESTABLISH AND FOLLOW A RECORDS RETENTION SCHEDULE FOR THE REST OF YOUR DATA.

While keeping all of your data forever mitigates the risk of inadvertent spoliation, the truth is that unnecessary, outdated, and useless data can be every bit as risky. Imagine if you had accumulated three years of Slack data by the time you were served with a hostile workplace claim. Practically every message in your extensive archives could, theoretically, be relevant to such a case. Do you really want to have to collect, process, review, and produce years of data and millions of messages, all with sufficient context for it to be understood? Risks like these are why data that is no longer useful for the business has no business hanging around.

So, once you’ve identified and captured the data you need for an ediscovery or compliance matter and stored it in an external system, get rid of everything else. Decide on a reasonable length of time to maintain data—likely no more than 90 days—and implement a records retention schedule whereby you delete data that isn’t subject to a legal or regulatory obligation or that doesn’t serve a legitimate business purpose at the end of that period.

Proving Knowledge of Security Flaws With Jira

Trying to prove that a corporation was aware of vulnerabilities in its app that subjected your client’s data to a harmful security breach? You’d certainly want to read any conversations the engineers had in their Jira issue-tracking tickets about the app’s security.

Practical Guide Presented by Hanzo 18 Enterprise Collaboration Essentials for eDiscovery and Compliance

5. REVIEW AND USE YOUR CAPTURED DATA.

The point of this whole process is to be able to use the facts you find in your collaboration apps during ediscovery and compliance investigations and, if it comes down to it, in any ensuing litigation. That means you need to be able to submit evidence—including facts from collaboration apps—for attorney review. You may also need to eventually present that evidence to a judge or jury. Native-format capture of collaboration app data allows for what we call “natural review,” where data is available for playback as it appeared when it was live, as accessed through the app or its web browser. This allows a reviewing attorney to search using keywords and metadata, export records to standard review platforms like Relativity, and navigate through the source material as it originally appeared.

In compliance, your archives should be accessible for supervisory review to ensure that any customer communications occurring within collaboration apps comport with your policies and rules as well as with any applicable laws and regulations. With WARC files, your supervisors can browse through a replica website that’s indistinguishable from the original—so they can spot noncompliance and correct it promptly.

Make sure there’s a human running QA checks on your captures. Don’t just assume that you can “set it and forget it” when it comes to recordkeeping compliance. Make sure there’s someone confirming your data captures—or you may find that you’ve archived six months of a login TIP screen and nothing more.

Practical Guide Presented by Hanzo 19 Enterprise Collaboration Essentials for eDiscovery and Compliance

BEST PRACTICES FOR EDISCOVERY

Preserve relevant and discoverable data from your 1. collaboration apps but don’t rely on their internal ediscovery tools to do it.

If your organization uses collaboration apps, you need to incorporate them into your data identification and preservation playbooks—even if your opponents aren’t asking about them yet. As the court said in Paisley Park, the rules of discovery don’t require the requesting party to explain in its preservation letter exactly what types of information it may ask for in the future. It’s on litigants to identify and preserve any evidence that is likely to be discoverable. In this, remember the principles of relevance and proportionality; the goal is reasonableness, not perfection.

Also, remember that collaboration apps aren’t designed by—or, really, for—ediscovery and compliance professionals, so any internal tools they offer are bound to be incomplete solutions. Instead of using the internal legal hold function offered by Slack or any other collaboration app, preserve information subject to a legal hold by collecting it into an external system. Once that data is protected, set a records retention period and begin defensibly deleting any data that isn’t encompassed by the hold. Be sure to document these processes, in case you’re later accused of spoliation of evidence.

Practical Guide Presented by Hanzo 20 Enterprise Collaboration Essentials for eDiscovery and Compliance

BEST PRACTICES FOR EDISCOVERY

Request discoverable collaboration app data from 2. your opponent.

What evidence might your opponent have in collaboration apps that could be useful to your case? Go back and think through the elements underlying your claim or defense. What facts would be helpful? Remember that individual facts may not be impressive or dispositive on their own, but they may add up to a compelling mosaic. Don’t be dissuaded because you don’t know what apps your opponent uses; use broad categories to refer to the types of apps that they might have used to discuss issues related to the case.

Consider the admissibility and defensibility of 3. online evidence at every stage.

Collaboration app evidence is subject to the same requirements of admissibility as any other evidence. Yes, Federal Rule of Evidence 902(13) allows for self-authentication of “certified records generated by an electronic process or system” so long as that system “produces an accurate result, as shown by a certification of a qualified person,” but be prepared to show your work. That means capturing metadata and working with a neutral third party who can testify as an expert about your collection methods.

Practical Guide Presented by Hanzo 21 Enterprise Collaboration Essentials for eDiscovery and Compliance

BEST PRACTICES FOR COMPLIANCE WITH FINANCIAL INDUSTRY RECORDKEEPING REQUIREMENTS

Routinely assess the collaboration apps your 1. organization uses for customer communications.

You need to keep records of all your customer communications, regardless of the medium where they occur. If anyone at your organization is using a collaboration app like Slack to communicate with clients, those communications should be included in your archives. Unfortunately, many organizations find themselves in trouble because they aren’t aware of all the modes of discourse their brokers use.

To avoid missing out on archives, periodically survey brokers to find out where they’re conducting business. Ask specifically about collaboration and messaging applications, including both general categories of apps and the names of common individual apps to shake loose as much information as possible. Have everyone sign a form agreeing that they’ve advised the organization about all of their methods for customer communication.

Practical Guide Presented by Hanzo 22 Enterprise Collaboration Essentials for eDiscovery and Compliance

BEST PRACTICES FOR COMPLIANCE WITH FINANCIAL INDUSTRY RECORDKEEPING REQUIREMENTS

 Make sure your archives will last until 2. you need them. You may not need your archives for five or even 10 years—but when the day comes that you do need them, they have to still work. Fortunately, the WARC files used for native-format web capture are both future- proof and platform-agnostic: they can be accessed from any operating system, so they won’t stop working as computing technology evolves. How do we know? Because the structure and function of WARC files are memorialized in ISO standard 28500:2017 and maintained by professional archivists. WARC is the archival format used by institutions that are in the business of maintaining records over the truly long term, like the Library of Congress.

Also, remember SEC Rule 17a-4(f): ensure that your archives are always maintained in non-rewritable WORM storage to guarantee their integrity.

 Ensure that your archives allow for supervisory 3. review. It’s not enough to create archives; you need to be able to use them too. When you’re backing up your communications from collaboration apps, consider how supervisors will be able to access them. Can they readily review that content in its original, natural format? Are your archives accessible, navigable, and easy to understand?

Also, look for technology using artificial intelligence that can scan archives as they’re created to identify and flag potential violations, sending alert notifications to supervisors to hasten corrective action.

Practical Guide Presented by Hanzo 23 Enterprise Collaboration Essentials for eDiscovery and Compliance

We get it: much of the data in collaboration apps seems trivial on its own. It’s hard for ediscovery and compliance professionals—not to mention data custodians—to wrap their brains around. Useful information can be hard to find and harder to capture—especially if you want it in a robustly admissible form for litigation or a regulatory inquiry. There’s no doubt that it would be easier to just let all that data swirl down the metaphorical drain as your record retention periods come and go.

But as more and more business communications move away from email and into collaboration apps, organizations are getting serious about these apps as data sources.

Hanzo can help. Our tools were designed to help ediscovery and compliance professionals identify relevant information—wherever it may be—and to capture it in a form that’s accessible for supervisory review or available for export into ediscovery review platforms like Relativity. Hanzo Dynamic Capture collects and archives native-format data from online sources, including web-based collaboration apps. And Hanzo Hold solves the problem of specific collaboration apps like Slack, enabling retention of data that’s subject to a regulatory compliance obligation or an ediscovery hold, while allowing the remainder of your collaboration data to be defensibly deleted in accordance with a standard records retention schedule.

You can’t complete a puzzle—at least not very satisfactorily—without first finding all the individual puzzle pieces; even a piece that’s nondescript in isolation might turn out to be the one that pulls the whole picture together. In ediscovery and compliance investigations, those pieces are the facts of the underlying events, and many of them are hiding in collaboration apps. How many can you find?

Practical Guide Presented by Hanzo 24 Enterprise Collaboration Essentials for eDiscovery and Compliance PRESERVE EXACTLY THE SLACK DATA YOU NEED. NOT MORE.

Best Practice eDiscovery and Compliance for Enterprise Collaboration

Hanzo Hold empowers corporations to apply a legal hold—including silent holds—to enterprise Slack communication data, adhere to information governance policies, and meet the duty to preserve data for litigation and compliance.

REQUEST A DEMO

Practical Guide Presented by Hanzo 25 Find out more: hanzo.co Enterprise Collaboration Essentials for eDiscovery and Compliance

ABOUT THE AUTHOR

BRAD HARRIS VP of Product, Hanzo

Brad Harris is the VP of Product at Hanzo, a pioneer in the contextual capture, and preservation of dynamic web and collaboration content for corporate legal and compliance departments. He leads product vision and innovation for the company. Brad has more than 30 years’ experience in the high technology and enterprise software sectors, including assisting Fortune 1000 companies enhance their e-discovery preparedness through technology and process improvement. Brad is a frequent author and speaker on data preservation and e-discovery issues and is a member of The Sedona Conference WG1.

Practical Guide Presented by Hanzo 26