Editor’s Note: In addition to offering professional services, Kroll Ontrack also sells e-discovery and archiving solutions for IBM Lotus Domino and Notes, Microsoft Exchange Server software, Microsoft Office SharePoint software, and instant message conversations.
by Tom McCaffrey of Kroll Ontrack
Already one of the most popular collaboration platforms on the market, SharePoint adoption is set to accelerate in the months ahead. Even Microsoft acknowledges that it is their fastest growing enterprise application.
A solution like SharePoint provides a number of benefits for organizations, including real-time collaboration, decreased costs and improved operational efficiency. However, as more companies turn to this platform for business critical collaboration and document retention, they face profound new challenges related to e-discovery demands.
This is a significant concern since research shows it is not a question of “if” they will ever have to engage in e-discovery, but when. Nevertheless, there are a series of policies and simple practices organizations can implement to ensure the e-discovery process is seamless and efficient. Equally important, using these same practices, companies can preserve, analyze, review and produce electronic data in accordance with applicable obligations when requested to help avoid fines or sanctions.
One of the most important steps for an organization to take in preparation for an e-discovery request is the creation and implementation of a policy to effectively organize and manage existing information thereby making it easier to search. It is important to build these guidelines around the content because SharePoint enables users and organizations to save an unnecessary amount of data.
For example, if an organization is coordinating with an archive or other information governance solution, it can decide what types of electronically stored information (ESI) can be kept and for how long. Ultimately, though, not all of the content stored on the SharePoint server will be relevant for e-discovery. In that sense, SharePoint is similar to e-mail — there are only certain items which are truly relevant.
Implementation of the corporate retention policies in SharePoint both help an organization achieve regulatory compliance and is the next step in preparing for e-discovery. Assuming your organization has document retention policies in place, a company should require SharePoint site administrators to define the applicable retention categories in accordance with the policies for each site and folder. Further, a company should set up the folder structure so that only one retention category applies to each folder and its future contents.
These sites and folders and their corresponding retention categories should be documented both within the SharePoint site and included in the organization’s data map. The top level of the site should also define criteria that people can use to determine the appropriate folder for content they are adding to the site. For any office document or loose file, the creator can be sure their name is listed in the file properties instead of using a copy of someone else’s file or the corporate template.