The subjects of e-discovery and cloud computing remain hot topics within risk management strategic planning meetings. Unfortunately, evidence is beginning to show that too many executive management teams are driven to cloud computing for primarily cost reduction purposes. And to make things more difficult, there is a vast range of information provided on these topics from private sector cloud computing providers, which drives many organizations to strive for more visibility,clarity and understanding regarding the regulations and requirements and ultimately the consequences that might accompany a decision to move data to a cloud computing environment.
If you are a chief privacy officer, information security specialist or simply a risk manager trying to assess either e-discovery or cloud computing within the scope of a business impact analysis input to your organization’s business continuity planning process, our staff recommends listening to a recent Federal News Radio (WFED) radio broadcast interviewing Allison Stanton, the U.S. Department of Justice’s director of E-Discovery.
Additionally, many private sector preparedness (PS-Prep) strategies could benefit from observing and watching closely how the General Services Administration, the Agriculture Department and other governmental agencies move their email and collaboration services to private sector cloud computing providers.
In this interview we can watch how e-discovery considerations play a role in moving to the cloud involve and at the same time try to address the following questions:
- How would a litigation hold be implemented on their data out in the cloud somewhere?
- What is the process of searching and collecting information from that data in the cloud?
- How does the jurisdiction of wherever that data is stored in the cloud affect this process?
As also given in this interview — e.g. the estimate that one terabyte of data costs about $1 million in litigation costs to do discovery — one clearly sees the value of doing this right the first time!
This website has had many postings dealing with this potential risk and threat to all organizations and remains concerned that the potential economic penalties that could be imposed by regulatory agencies for violations of e-discovery rules and regulations could be an economic and organizational penalty which few companies could survive.
Thus, this website takes the position that both e-discovery and cloud computing should remain considerations in every organization’s business impact analysis process.
If applicable, click here to read and hear (be sure to download the audio version of the interview) more about these topics.
Photo courtesy of blog.softheme.com