Posted on: April 05, 2017in Blog
ESI Data Mapping Basics for eDiscovery
What is data mapping?
A data map is a comprehensive and defensible inventory of a corporation’s IT systems that store information, which may be relevant to litigation and other proceedings.
Creating your data map is only one small step you should take when defensibly preparing for litigation. Use this beginner's guide to litigation response planning to what else you should to do to proactively prepare your organization.
Data mapping also serves the purpose of identifying the potential sources of ESI (electronically stored information) and the location of those sources. Specifically, it should also include who manages those sources, and details about the scope of ESI available from each.
ESI Data Map Key Elements
There are a few key elements of an ESI data map. First, it should identify the IT systems most likely to be relevant based on the organization’s discovery portfolio. For non tech-savy individuals, the data map should also include a plain English description of the IT system’s purpose and role so that it is easily understood. Lastly, the data map should be able to provide answers to critical discovery questions about IT systems. Be sure to include any record retention policies, or policies focused on the purging, and deletion of ESI in your data map.
A data map can also help an organization understand its risk profile. Understanding your company’s risk profile will allow you to validate your understanding of the current state of data storage, and highlight if there is sensitive data in unknown areas of the network. By analyzing your risk profile, you can attempt to secure data and prevent loss, and gain visibility into risk data usage patterns while allowing your private information to stay secure.
Platforms to Include in your ESI Data Map
It’s important to know where all your information is located, and keep the log current by making regular updates. Maintaining an outline of where electronic materials and hard copy documents are stored, and who has access to them allows any information to be easily located if needed.
Consider including the following digital platforms in your data map that may hold crucial evidence at any given time:
- Emails and servers
- Text messages
- Instant messaging/Chat
- Cloud systems
- Audio recordings
- Digital Storage (i.e. iPads, CDs, DVDs, flash drives, backup drives)
- Mobile apps
- File hosting services
- Social Media (i.e. Twitter, Facebook, YouTube, Instagram)
- Online profiles
- Multimedia (i.e. photos, videos)
- Electronic logs (i.e. user log-in, user entry, Facebook “likes”)
- Security monitors
- Internet transactions
- Browser data (i.e. history, cookies, search queries)
- Digital footprints (i.e. IP location)
The dramatic growth in ESI presents a constantly changing environment that directly affects the risks, obstacles, expectations and methods you must face when it comes to eDiscovery. The inaccessibility of data can no longer be a crutch on which to rely on or petition the court regarding to expense of production. An updated data map that accurately depicts your IT systems and sources of ESI will streamline your legal hold and eDiscovery process should litigation arise.
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted June 15, 2018
What is ESI? Terms and Concepts Every Attorney Should Know
Posted June 08, 2018
Computer Forensics Investigations Unlock Key Digital Evidence
Posted June 01, 2018
Global Legal & IP ConfEx | New York, NY | London, UK
Posted June 01, 2018
7 Factors to Consider Before Creating an Email Retention Policy
Posted May 25, 2018
Record Retention Best Practices: 5 Things to Consider for Paper Documents
Posted May 18, 2018
Burdensome eDiscovery Requests: How to Manage the Cost of Review
Posted May 11, 2018
Contract Dispute Case Study: Beyond TAR 1.0
Posted May 03, 2018
7 Tips to Preserve and Review Mobile Device Data
Posted April 26, 2018
GDPR and Blockchain: My Rights vs. My Immutable Records
Posted April 25, 2018
Relfest London 2018 | Your GDPR Last-Minute Preparation Checklist