Enterprise Collaboration Essentials for eDiscovery ... - HubSpot

Enterprise Collaboration Essentials for eDiscovery and Compliance

HANZO PRACTICAL GUIDE


Practical Guide Presented by Hanzo 2

When you’re handling an ediscovery matter or a compliance

investigation, your goal is to get to the bottom of whatever

happened (or, perhaps, didn’t happen). To develop a clear

picture of the incident, you need more than guesswork,

hunches, or general impressions of the people event—you

need cold, hard facts. Those individual facts are like puzzle

pieces; each one alone may not tell much of a story, but when

you assemble enough of them and put them together in the

right way, a compelling picture emerges.

Of course, ediscovery and compliance investigations don’t come neatly

packaged in a box with a helpful picture on the front so you know how

they’re going to turn out. The challenge is to find relevant facts, wherever

they may be, and figure out how they fit together. For 20 years or more,

organizations have looked almost exclusively to email to establish who

said what to whom. After all, email has been the primary method of

business communication in the digital era—until recently.

But email is falling out of favor in today’s collaborative workplaces.

Now, teams communicate more through collaboration and project

management applications like Slack, Microsoft Teams, Ryver, Flock,

Yammer, Confluence, Asana, Basecamp, Trello, and many others. This shift

has given rise to new digital “paper trails” of potentially useful facts, from

project notes and comments on document drafts to expense reports and

team conversations. Imagine having access to information like:

• project discussions in Jira demonstrating that a particular employee—

who has since left the company to work for a competitor—was not

involved in the creation of a product or concept that she now claims to

own the intellectual rights to;



• workflow assignments in Asana showing that one employee—who

happened to be a person of a minority race—was consistently passed

over for challenging assignments in favor of another equally situated

employee—who happened to be white; or

• conversations in Slack wherein a manager consistently condescended

to and belittled his only female report—who has now accused him of

discrimination and harassment.

Unfortunately, organizations are losing these interesting and useful facts

in the plethora of business systems people use on a daily basis. They

may not ever think about collaboration apps for fact-finding missions—

or if they do, they don’t know how to find those helpful facts and can’t

properly protect them if they do happen to stumble across them.

There’s another reason that organizations may need collaboration app

data for regulatory compliance, particularly in the financial services

industry: if they communicate with clients using non-email platforms like

Slack, they need a way to retain records of those conversations.

So, how can you start effectively collecting and preserving the data in

collaboration apps both to establish facts for ediscovery and compliance

investigations and to ensure you maintain complete books and records?

Let’s start by dissecting the obstacles standing in your way.

The next time you’re skimming through a discussion in Slack, Jira, or Basecamp, ask yourself whether any of the comments in that conversation could serve as valuable evidence in the right kind of investigation.



There are three main reasons why organizations aren’t already

effectively dealing with collaboration application data in ediscovery

and compliance:

• the sheer number of collaboration apps and their variability,

• the dissimilarity of collaboration app data with familiar types of

electronically stored information (ESI), and

• the reality that collaboration apps haven’t been designed for

ediscovery and compliance.

1. THERE ARE HUNDREDS OF COLLABORATION APPS, AND THEY’RE ALL DIFFERENT

The sheer variety of collaboration apps—and the variety of their uses—

poses a problem. Collaboration apps include anything that teams can use

to communicate about their work, such as:

• chat programs that allow teams to discuss their work without using

email, most of which allow other file types to be embedded or referred

in the conversation and integrate their data with information from

other apps;

• document management systems that allow users to comment on

changes or otherwise discuss the progress of their documents;

• project management programs that show how workflows, projects,

and individual tasks are proceeding and that allow users to give

feedback, ask questions, and brainstorm about assignments;

• calendar applications that allow users to ask questions and add details

about meetings and upcoming events;

• expense management programs that provide space for back-and-forth

discussion of individual expenditures and receipts; and more.

THE PROBLEM



Three additional subproblems spring from this variety of apps. First,

these different types of apps will obviously all produce somewhat

different types of data, meaning that there can’t be a one-size-fits-all

solution for managing collaboration apps (though web-based capture

comes close; we’ll get to that in a moment!). Even the answers to basic

questions like “Who owns this data?,” “Where does the data reside?,” and

“How long will this data be available?” are variable, depending on the

individual application.

Second, there’s a tremendous amount of overlap between different

types of collaboration programs, which means that one type of data or

information might exist in any of several different locations (or in all of

them). Notes about an upcoming project meeting might, for example, be

in a chat application like Slack, in a comment on the document setting

forth the meeting agenda within a document management system, in

the project management app under tasks related to that meeting, in the

calendar or video conferencing application where the meeting is actually

set up, or in the expense reports about that meeting, if expenses were

incurred in the process of setting up or running the meeting.

Don’t panic: this abundance of options can be somewhat overwhelming,

but it also represents an abundance of facts—the very facts you need to

establish in an ediscovery or compliance investigation.



Third, due to the variety of possible collaboration apps and the variety

of structures and formats they assume, organizations frequently aren’t

aware of all the apps they’re using or all the ways that collaboration and

communication are happening within their workforce. Many of these

applications can be run from a web browser window without any local

installation, meaning that employees can easily do an end-run around IT,

either intentionally or inadvertently. Collaboration apps can also generally

be launched from smartphones, so organizations that have a BYOD

policy may not be aware of what their employees are using to complete

business tasks on their personal phones.

Make sure you have a way to stay informed about what apps are in use

in your organization. This means having a current list of apps as well as a

broader appreciation for where people are collaborating and what they’re

communicating about across your organization.

Periodically survey at least a segment of your employees to determine

what apps they’re using for business and which ones they would like to

be using. You might use a truncated version of your ediscovery custodian

questionnaire to gather information about app use. Consider limiting this

survey to those employees who self-identify as “early adopters” of new

technology, as they’re more likely to seek out new technologies.

While you should develop a policy about app use that outlines the

permissions employees must obtain to begin using a new collaboration

app, you probably shouldn’t try to “policy” your way out of using

collaboration apps altogether. After all, these apps are popular because

they’re useful. Instead, establish notification hierarchies so that

employees know who to talk to about new apps they’d like to adopt.

But if all of these different collaboration tools basically generated the

types of ESI that ediscovery and compliance professionals were already

familiar with, none of these challenges would be so difficult. The second

problem, of course, is that they don’t.

TIP



2. COLLABORATION APP DATA ISN’T LIKE MORE FAMILIAR FORMS OF ESI

The data that ediscovery and compliance professionals are accustomed

to is what we call “structured” data from a relational database: data

whose elements are addressable for effective analysis. Email, however,

is semi-structured data that contains semantic tags and the mail boxes

which are organized in a database such as Microsoft Exchange or other

database, are associated with specific people or custodians.

That structure makes it easy to establish a legal hold for specific

custodians’ emails: anyone who sent or received an email is a custodian.

It also means that the scope of an inquiry can easily be delineated by

applying those custodian names along with date ranges and keywords.

Collaboration apps aren’t organized in the same way. While they’re all

unique, they generally operate as unstructured “bulletin boards” for

information rather than mailboxes. They unfold chronologically, not

necessarily topically, and anyone in a community may have read—or

not read—their content. This makes it difficult to understand who the

“custodians” are for messages in, say, Slack. Anyone who belongs to a

channel where a message appears could be a recipient of that message,

meaning that organizations trying to implement legal holds may need to

place entire channels on hold.

Moreover, the chronological presentation of collaboration apps poses

another problem, in that conversations unfold slowly, over the course of

many messages, often interrupted by irrelevant or unrelated messages.

Instead of self-contained emails that present a single conversation in a

somewhat-organized fashion, unstructured conversations in collaboration

apps usually need to be read in their full context—often spanning multiple

screens—to be truly understood. That means you can’t just preserve or

produce the individual messages that contain keywords; you need to also

capture everything around them so that they make sense.



These differences mean that collaboration app data can’t be preserved,

collected, or archived using traditional ediscovery tools. And while there’s

arguably value in collaboration data regardless of the format it’s captured

in—at a minimum, it can serve to guide your investigation or provide

fodder for cross-examination during depositions—its value is radically

enhanced if the data is captured in its original format. After all, it’s more

compelling to read through a conversation the way it actually unfolded in

Slack or Jira than it is to try to reconstruct that conversation using a series

of screenshots. And if the matter ends in litigation, wouldn’t you prefer to

have admissible evidence to establish facts in the deciding tribunal? Sure

you would.

Therefore, organizations must learn how to work with data from

collaboration applications in a format that is functional, accessible, and

admissible as evidence. That means capturing it, storing it, and reviewing

it without losing any of its context—including embedded GIFs, reactions,

and other dynamic or interactive content. Ediscovery and compliance

professionals also need any data they preserve or archive to meet the

standards of defensibility within their industry. For litigation, that means

it needs to be readily authenticated and admissible in court; for financial

industry compliance, records need to be available for supervisory review

and maintained in a non-rewritable format.

Financial industry records must be kept in a particular way to satisfy the

requirements of the Securities Exchange Commission (SEC). Its Rule 17a-4(f)

states that any “records required to be maintained and preserved” can be

stored electronically—but only if they’re preserved “exclusively in a non-

rewrit[]able, non-erasable format.” In the industry, that’s known as “write

once, read many,” or WORM, storage.



The bottom line is that data from collaboration apps should be addressed

like every other type of evidence—but because it’s not like any other

evidence, it requires new tools and techniques.

One final point: most organizations simply haven’t caught on to the

important data lurking in collaboration apps yet. That means that those

organizations that have are necessarily serving as trailblazers—and that

can be a difficult, sometimes lonely road to walk. It’s made worse by the

third problem, which is that collaboration app developers aren’t in the

business of ediscovery or regulatory compliance.

3. COLLABORATION APPS AREN’T DESIGNED FOR EDISCOVERY OR COMPLIANCE

We’re not saying that collaboration apps are designed to frustrate

ediscovery or compliance—simply that they aren’t built to focus on

those goals. Questions about data archives, legal holds, and defensible

deletion aren’t top of mind for the teams building these apps; open

communication, clear workflows, and straightforward integrations are.

For example, Slack has added an option for organizations to set a

message retention period, after which messages are automatically

deleted. While this can protect discoverable information and prevent

spoliation by preserving entire channels so that messages in those

channels aren’t deleted, it’s not a legal hold solution and lacks the

granular controls legal departments need.(Note that if you’re using the

free version of Slack, you’ve only got access to the most recent 10,000

messages anyway—so anything older than that is no longer available to

you with each new message you type.) Sounds good enough, right?



Not really. Slack’s retention capability is entirely binary, either on or off,

with no ability to specify particular dates or custodians (which, again,

is already a fraught concept). If you’re in a typical organization, where

you issue legal holds, it is likely that you’ll have overlapping legal holds

for different custodians. You’ll quickly discover that you require the

control to be able to release a hold without losing information that

might be discoverable under other legal holds. This is why dealing with

collaboration systems that were not designed for preservation is so

tricky. You need the discrete control so that you only preserve what

you need for the time these data are actually subject to a legal hold.

Additionally, this control records an audit trail that demonstrates your

process for defensibility, should there ever be any question of spoliation.

Another common problem for ediscovery review and compliance

supervision is the lack of export ability from many collaboration tools.

Slack at least has an export function, but it’s not as functional as

ediscovery and compliance professionals would like. Rather, it creates

JSON files that are unwieldy and difficult to manage. Each day of activity

in each separate channel creates a separate JSON file, so if you’re tracking

a conversation that spans multiple days, you’ll have to toggle between

numerous files to review it or make any sense of it.

The fact that collaboration apps don’t make ediscovery or compliance

easier can seem like it’s the end of the world, especially if you’re in the

trenches trying to manage it all. Don’t despair, it’s worth keeping in mind

when you find yourself struggling to complete ediscovery and compliance

tasks that there are solutions that support ediscovery and compliance

workflows when dealing with data from enterprise collaboration

applications.



Organizations in the financial services industry should pay particular

attention: any online communications that they have with customers—

wherever they occur—may be books and records that they’re obligated to

retain under the rules and regulations of the Financial Industry Regulatory

Authority (FINRA) and the SEC.

Let’s circle back to the bottom line: what you need, in an ediscovery

or compliance investigation, are facts that will help you assemble a

clear image of what happened in a dispute. Much of the information in

collaboration apps can be used to establish those facts. They may be

small or seemingly trivial on their own, but don’t be discouraged by the

significance of individual facts; you’re looking for cumulative impact—the

assembly of numerous small facts, like puzzle pieces, into a logical picture

of an entire event.

That means that in fact-driven matters such as workplace, personal

injury, intellectual property, and insurance claims, ediscovery and

compliance professionals alike should actively consider what facts they

might be able to establish using collaboration apps.



Under Federal Rule of Civil Procedure 26(b)(1), the scope of discovery

includes “any nonprivileged matter that is relevant to any party’s claim

or defense and proportional to the needs of the case.” Rule 34(a)(1)(A)

requires the production of “any designated documents or electronically

stored information—including writings, … photographs, sound recordings,

images, and other data or data compilations—stored in any medium from

which information can be obtained either directly or, if necessary, after

translation by the responding party into a reasonably usable form.”

See what’s not there? There’s no exception for data from collaboration

apps—and once courts and litigants pick up on the rich data source these

apps represent, they’re likely to be expressly added to discovery orders.

EDISCOVERY RULES



To be clear, the case of Paisley Park Enterprises, Inc. v. Boxill, No. 17-

cv-1212 (WMW/TNL) (D. Minn. Mar. 4, 2019), concerns text messages

rather than evidence from collaboration apps—but it invites a broader

consideration of novel sources of ESI. The court explicitly extended its

logic to social media, and its arguments speak equally clearly to the

data in collaboration apps. It noted that the rules of discovery “do[] not

require that the requesting party issue a document preservation letter

identifying all types of ESI that it might seek in the future.” Instead, “in the

contemporary world of communications,” there exists both “the potential

and reality of finding the modern-day litigation equivalent of a ‘smoking

gun’ in text messages, emails, and possibly other social media”—not

to mention in collaboration apps. In light of that potential information,

litigants “do not get to select what evidence they want to produce, or from

what sources. They must produce all responsive documents or seek relief

from the court.” In other words, if data from collaboration apps is relevant

and discoverable, parties must be producing it or, at the very least, asking

the court about it.

A FUTURE DIRECTION? EDISCOVERY CASE LAW

Convinced about the value of collaboration app data for ediscovery and compliance? Great—now it’s time to actually get into using it. But given that

it’s not like traditional forms of ESI, how can organizations identify useful

collaboration app data and then preserve, collect, or archive it?



THE SOLUTION: Native-Format Capture of Collaboration App Data

These five steps can help you identify—and capture—potentially

relevant data in your collaboration apps for your next ediscovery or

compliance matter.

1. MAP THE APPS IN USE ACROSS YOUR ORGANIZATION AND THE DATA IN EACH.

What collaboration apps does your organization use? How confident are

you that no one is communicating with customers or their team on an

app that you don’t know about? Survey your employees regarding every

type of collaboration app that they use for business, whether they access

those apps from their work or personal computer or smartphone and

whether they use an installed app or a browser-based version.

When you’ve made a complete list of the collaboration apps in use

at your organization, determine what sorts of conversations occur in

each and create a data map with that information. You may find, for

example, that expense reports in Expensify contain detailed notes

about who participated in an event that generated a receipt or that Slack

conversations tend to be about office administration matters, while

Confluence contains the bulk of your employees’ project discussions.

When faced with a specific ediscovery or compliance investigation,

interrogate each data source to determine what potentially relevant

facts it might contain. This is a fact-driven and fact-specific inquiry that

you’ll need to repeat for each new matter, but it will go faster as you grow

accustomed to the collaboration apps in your organization—especially if

you keep your data map up to date as you use it.



Establishing Ownership of Intellectual Property on Confluence

Has a competitor claimed that your brilliant new product design was

actually created by their engineer after she worked for you? Now is the time

to break out the product plans from Confluence, showing that your product

was already halfway complete before that engineer joined the team.

2. IDENTIFY POTENTIALLY RELEVANT DATA USING CUSTODIAN

OR SUBJECT NAMES, DATES, AND KEYWORDS.

Once you’ve got an idea of what you’re looking for—and what you might

expect to find—start searching across your collaboration apps for

potentially relevant data. Narrow the field of that information by only

considering messages or comments that your custodian or data subject

was a party to, but remember that custodians are more broadly defined for

collaboration apps than they are for communications like email. Anyone on

a Slack channel, anyone with access rights to a given document, or anyone

associated with a project might have been able to see communications

within that data source, regardless of whether they actively participated in

the conversation.

Watch Video

https://hanzo-archives.wistia.com/medias/sfsc3n3fqv

https://hanzo-archives.wistia.com/medias/sfsc3n3fqv



When using dates and keywords to search for data, remember that

it will usually take more than a single message to capture the context

of a conversation within a collaboration app. While emails can be

readily threaded into a conversation view to maintain their context, the

unstructured data in collaboration apps isn’t neatly bound together in

the same way. Be sure you’re looking far enough both before and after

keywords to identify all of the related conversations.

Showing Your Response to Consumer Complaints

Is the Federal Communications Commission (FCC) concerned about how

your organization is handling a particular type of customer complaint? If

you’re tracking your complaint tickets—along with your representatives’

responses and corrective actions—if you can provide that information to

the FCC to demonstrate your compliance.

3. CAPTURE DATA AND STORE IT EXTERNALLY.

There are two main ways to capture data from collaboration apps: using a

web crawler or using an application programming interface, or API.

Web-based collaboration apps can be archived using WARC, or Web

ARChive, files. This process begins with a web crawl, in which software

“crawls” through every link and component on the collaboration app’s

webpage, capturing the full source code and downloading content with its

full native structure. Each component on a webpage is captured in its own

WARC file, which specifies not only what the content should include but also

what it should look like and how it should respond to user interactions.



The magical part is what happens next: WARC files can be reassembled

to create a replica website that looks and operates exactly like the

original site did. That allows users to explore the collaboration app’s data

exactly as it existed at the time of capture, including navigation through

expandable projects and comment histories. These WARC files create a

rich, interactive archive experience that has nothing in common with “flat”

capture methods like screenshots.

With some types of collaboration apps—particularly Slack—it’s possible

to use APIs to access and extract data for ediscovery preservation and

compliance archiving. APIs provide essentially a “back door” into the

application’s data, allowing users to export it into secure storage or an

ediscovery review tool (more on that in a moment).

What’s Wrong With Using Screenshots?

Why go to all this trouble to create specific capture files for collaboration

app data? Can’t you just snap screenshots and call it good? Not exactly.

Screenshots have three significant flaws. First, they’re time-consuming

to obtain, especially when you’re trying to capture every element in a

collaboration app’s operation. Second, they’re easy to manipulate, which

contributes to courts rejecting them as a reliable and admissible source

of evidence. Third, and most importantly, they’re simply not all that

compelling. Would you rather flip through a bunch of flat pages to try to

reconstruct a conversation—or navigate through that conversation in real

time as the original team did?



4. ESTABLISH AND FOLLOW A RECORDS RETENTION SCHEDULE FOR THE REST OF YOUR DATA.

While keeping all of your data forever mitigates the risk of inadvertent

spoliation, the truth is that unnecessary, outdated, and useless data can

be every bit as risky. Imagine if you had accumulated three years of Slack

data by the time you were served with a hostile workplace claim. Practically

every message in your extensive archives could, theoretically, be relevant

to such a case. Do you really want to have to collect, process, review, and

produce years of data and millions of messages, all with sufficient context

for it to be understood? Risks like these are why data that is no longer

useful for the business has no business hanging around.

So, once you’ve identified and captured the data you need for an

ediscovery or compliance matter and stored it in an external system,

get rid of everything else. Decide on a reasonable length of time to

maintain data—likely no more than 90 days—and implement a records

retention schedule whereby you delete data that isn’t subject to a legal or

regulatory obligation or that doesn’t serve a legitimate business purpose

at the end of that period.

Proving Knowledge of Security Flaws With Jira

Trying to prove that a corporation was aware of vulnerabilities in its app

that subjected your client’s data to a harmful security breach? You’d

certainly want to read any conversations the engineers had in their Jira

issue-tracking tickets about the app’s security.



TIP

5. REVIEW AND USE YOUR CAPTURED DATA.

The point of this whole process is to be able to use the facts you find in

your collaboration apps during ediscovery and compliance investigations

and, if it comes down to it, in any ensuing litigation. That means you

need to be able to submit evidence—including facts from collaboration

apps—for attorney review. You may also need to eventually present

that evidence to a judge or jury. Native-format capture of collaboration

app data allows for what we call “natural review,” where data is available

for playback as it appeared when it was live, as accessed through the

app or its web browser. This allows a reviewing attorney to search using

keywords and metadata, export records to standard review platforms

like Relativity, and navigate through the source material as it originally

appeared.

In compliance, your archives should be accessible for supervisory

review to ensure that any customer communications occurring within

collaboration apps comport with your policies and rules as well as with

any applicable laws and regulations. With WARC files, your supervisors

can browse through a replica website that’s indistinguishable from the

original—so they can spot noncompliance and correct it promptly.

Make sure there’s a human running QA checks on your captures.

Don’t just assume that you can “set it and forget it” when it comes to

recordkeeping compliance. Make sure there’s someone confirming your

data captures—or you may find that you’ve archived six months of a login

screen and nothing more.


BEST PRACTICES FOREDISCOVERY

Preserve relevant and discoverable data from your collaboration apps but don’t rely on their internal ediscovery tools to do it.

If your organization uses collaboration apps, you need to incorporate

them into your data identification and preservation playbooks—even if

your opponents aren’t asking about them yet. As the court said in Paisley

Park, the rules of discovery don’t require the requesting party to explain

in its preservation letter exactly what types of information it may ask for

in the future. It’s on litigants to identify and preserve any evidence that is

likely to be discoverable. In this, remember the principles of relevance and

proportionality; the goal is reasonableness, not perfection.

Also, remember that collaboration apps aren’t designed by—or, really,

for—ediscovery and compliance professionals, so any internal tools

they offer are bound to be incomplete solutions. Instead of using the

internal legal hold function offered by Slack or any other collaboration

app, preserve information subject to a legal hold by collecting it into an

external system. Once that data is protected, set a records retention

period and begin defensibly deleting any data that isn’t encompassed

by the hold. Be sure to document these processes, in case you’re later

accused of spoliation of evidence.

1.



BEST PRACTICES FOR EDISCOVERY

2. Request discoverable collaboration app data from your opponent.

What evidence might your opponent have in collaboration apps that

could be useful to your case? Go back and think through the elements

underlying your claim or defense. What facts would be helpful?

Remember that individual facts may not be impressive or dispositive

on their own, but they may add up to a compelling mosaic. Don’t be

dissuaded because you don’t know what apps your opponent uses; use

broad categories to refer to the types of apps that they might have used

to discuss issues related to the case.

Consider the admissibility and defensibility of online evidence at every stage.

Collaboration app evidence is subject to the same requirements of

admissibility as any other evidence. Yes, Federal Rule of Evidence

902(13) allows for self-authentication of “certified records generated by

an electronic process or system” so long as that system “produces an

accurate result, as shown by a certification of a qualified person,” but

be prepared to show your work. That means capturing metadata and

working with a neutral third party who can testify as an expert about

your collection methods.

3.


BEST PRACTICES FOR COMPLIANCE WITH FINANCIAL INDUSTRY RECORDKEEPING REQUIREMENTS

Routinely assess the collaboration apps your organization uses for customer communications.

You need to keep records of all your customer communications,

regardless of the medium where they occur. If anyone at your

organization is using a collaboration app like Slack to communicate with

clients, those communications should be included in your archives.

Unfortunately, many organizations find themselves in trouble because

they aren’t aware of all the modes of discourse their brokers use.

To avoid missing out on archives, periodically survey brokers to find out

where they’re conducting business. Ask specifically about collaboration

and messaging applications, including both general categories of apps

and the names of common individual apps to shake loose as much

information as possible. Have everyone sign a form agreeing that

they’ve advised the organization about all of their methods for customer

communication.

1.



Make sure your archives will last until you need them.

You may not need your archives for five or even 10 years—but when the

day comes that you do need them, they have to still work. Fortunately,

the WARC files used for native-format web capture are both future-

proof and platform-agnostic: they can be accessed from any operating

system, so they won’t stop working as computing technology evolves.

How do we know? Because the structure and function of WARC files

are memorialized in ISO standard 28500:2017 and maintained by

professional archivists. WARC is the archival format used by institutions

that are in the business of maintaining records over the truly long term,

like the Library of Congress.

Also, remember SEC Rule 17a-4(f): ensure that your archives are always

maintained in non-rewritable WORM storage to guarantee their integrity.

Ensure that your archives allow for supervisory review.

It’s not enough to create archives; you need to be able to use them too.

When you’re backing up your communications from collaboration apps,

consider how supervisors will be able to access them. Can they readily

review that content in its original, natural format? Are your archives

accessible, navigable, and easy to understand?

Also, look for technology using artificial intelligence that can scan archives

as they’re created to identify and flag potential violations, sending alert

notifications to supervisors to hasten corrective action.

BEST PRACTICES FOR COMPLIANCE WITH FINANCIAL INDUSTRY RECORDKEEPING REQUIREMENTS

2.

3.





We get it: much of the data in collaboration apps seems trivial on its own.

It’s hard for ediscovery and compliance professionals—not to mention

data custodians—to wrap their brains around. Useful information can be

hard to find and harder to capture—especially if you want it in a robustly

admissible form for litigation or a regulatory inquiry. There’s no doubt

that it would be easier to just let all that data swirl down the metaphorical

drain as your record retention periods come and go.

But as more and more business communications move away from email

and into collaboration apps, organizations are getting serious about these

apps as data sources.

Hanzo can help. Our tools were designed to help ediscovery and

compliance professionals identify relevant information—wherever it may

be—and to capture it in a form that’s accessible for supervisory review or

available for export into ediscovery review platforms like Relativity. Hanzo

Dynamic Capture collects and archives native-format data from online

sources, including web-based collaboration apps. And Hanzo Hold solves

the problem of specific collaboration apps like Slack, enabling retention of

data that’s subject to a regulatory compliance obligation or an ediscovery

hold, while allowing the remainder of your collaboration data to be

defensibly deleted in accordance with a standard records retention

schedule.

You can’t complete a puzzle—at least not very satisfactorily—without first

finding all the individual puzzle pieces; even a piece that’s nondescript

in isolation might turn out to be the one that pulls the whole picture

together. In ediscovery and compliance investigations, those pieces

are the facts of the underlying events, and many of them are hiding in

collaboration apps. How many can you find?



PRESERVE EXACTLY THE SLACK DATA YOU NEED.

NOT MORE.

Best Practice eDiscovery and Compliance for Enterprise Collaboration

Hanzo Hold empowers corporations to apply a legal hold—including silent holds—to enterprise Slack communication data, adhere to information governance policies, and

meet the duty to preserve data for litigation and compliance.

REQUEST A DEMO

Find out more: hanzo.co

https://www.hanzo.co/request-a-demo

http://hanzo.co



BRAD HARRISVP of Product, Hanzo

Brad Harris is the VP of Product at Hanzo, a pioneer in the contextual

capture, and preservation of dynamic web and collaboration content

for corporate legal and compliance departments. He leads product

vision and innovation for the company. Brad has more than 30 years’

experience in the high technology and enterprise software sectors,

including assisting Fortune 1000 companies enhance their e-discovery

preparedness through technology and process improvement. Brad is a

frequent author and speaker on data preservation and e-discovery issues

and is a member of The Sedona Conference WG1.

ABOUT THE AUTHOR

Documents

Enterprise Collaboration Essentials for eDiscovery ... - HubSpot