legal hold data migrations: how to make the move White Paper Buying, implementing, and managing a modern legal hold software tool is a significant initiative for any organization. However, making the move to a new legal hold system to replace an existing system can involve significant changes from data migrations to amendments to the processes that accompanied the preceding software or systems. A variety of circumstances could trigger the move. Organizations can outgrow their existing legal hold processes and systems, experience problems with the incumbent vendor, or simply be seeking efficiencies in electronic discovery. Whatever the case, organizations looking at new options need to consider how their prior preservation obligations will move into the new legal hold system. Whether it s an organization with 100 active legal holds or 1,000, the legal hold migration process can appear daunting and risky. At its core, the goal is to achieve defensibility with minimal impact on both the custodians subject to legacy holds and the attorneys responsible for monitoring legal hold compliance. Some of the initial questions legal and technology teams should ask at the outset of a legal hold data migration project include: How much information should be migrated, and at what level of detail? Is anything impractical to migrate, and if so, should it be kept in a separate reporting structure? What techniques/best practices must be applied to ensure that no data is lost or modified during the legal hold migration? While the specifics of each migration project may differ, many commonalities exist and lend themselves to a defined methodology. In this paper, we recommend a four-step legal hold data migration plan derived from proven best practices. The result: a new legal hold system that can be certified to reflect past and present efforts, thus meeting court-mandated preservation requirements. Four-Step Legal Hold Data Migration Process 1. ASSESS the current environment 2. PLAN the migration project 3. DELIVER the migration with the necessary support and documentation 4. RUN ongoing support
What is Legal Hold Data Migration? Legal hold data migration involves capturing prior preservation efforts for existing or closed matters (whether in older, proprietary, or home-grown systems 1 ) and moving that evidence as faithfully as possible to a new legal hold system that will become the organization s new system of record. Migration projects when done correctly, to the right systems and surrounded by the right processes can result in improved interoperability, reliability, manageability, and cost savings. While the motivation for the change may be a desire for upgraded features and cost savings, corporate legal teams are ultimately concerned about losing or altering historic legal hold data when migrating systems. Outstanding litigation and compliance obligations require that pertinent content and metadata 2 be retained unchanged. Detailed documentation must be created to ensure that these legal requirements and risk mitigation goals are met. In order to bring objectivity and expertise when replacing an existing legal hold process, it is often advisable to seek out experienced third-party assistance to act as a trusted advisor for reducing the risk of unintentionally falling short on the required details. For example, during the assessment phase, stakeholders must assess the function and use of legacy hold processes within the organization. Once the application is examined in this detail, it is easier to determine how legacy legal hold processes, communications and system data can be accurately mapped to a new environment. During this assessment the stakeholders will identify process changes necessary to accomplish the same ends or to perform them in a simpler, more streamlined manner. In addition, changes to infrastructure may also be required to improve agility, availability, and reliability; such changes may include decision points regarding a hosted or behind-the-firewall implementation for the successor system. To defensibly implement and execute migration tasks, a well-defined plan should follow the four steps outlined earlier: Four-Step Legal Hold Data Migration Process Step #1: Assess Assess the current environment and available data The core assessment will consider: What data surrounds the scoping, issuance and acknowledgement of legal holds, as well as all related legal hold activities Where that data is located, and how it got there In some instances, migrating legal hold information from a legacy environment to a new system may appear to be straightforward, but is in actuality insufficient to achieve an organization s future-state goals. Be sure to assess what roadblocks may exist whether related to software, resources or internal processes to prevent adequate documentation around preservation and collection activities and fill gaps where needed. 1 A proprietary system may include a module in a matter management, collection, workflow system, or a stand-alone SaaS or installed legal hold notification system. Home-grown systems may include spreadsheets, custom applications, or other nonstandard approaches to managing preservation obligations. 2 Metadata may relate to both the legal hold subject matter as well as hold-specific communications.
Re-assessing current processes may also uncover fresh opportunities to improve the defensibility and efficiency of the legal hold program. Tackling this issue at the beginning of the migration effort can prevent locking in old approaches when moving to a new platform. The assessment should also consider what changes may be required in the organization s communication plan, end-user training, and overall support for the new platform and accompanying processes. More specifically, the assessment phase in a legal hold migration project should, at a minimum, address the following: Assessment of the environment and integration points: Ensure that requirements and dependencies for the architecture are accurately captured. Evaluation of current ediscovery processes: Take a close look at current approaches and suggest improvements that will improve reliability, defensibility, and efficiency. Creation of acceptance criteria: Understand and plan for the needs of all internal stakeholders, including the team issuing and managing legal holds and the organizational population receiving hold notices. Remember to account for mobility, privacy and bring your own device concerns. Report on the findings: Share findings and recommendations from the current and future states with key stakeholders to ensure that the successor application will meet expectations, and to begin building organizational buy-in. Step #2: Plan Plan the migration project Once an overall assessment is completed, leverage those findings to define concrete goals and success criteria for the legal hold data migration. Organizations should identify the necessary resources to complete the migration, prioritize tasks accordingly, and identify ways to mitigate risk throughout the process. In some cases, based on the complexity of the source or target data, organizations may consider the use of specialized resources, such as ETL tools 3 or consulting resources to defensibly migrate legal hold data. The planning phase should address the following: Resource and project planning: Understand what staff involvement is necessary to execute a timely, defensible, and integrated migration. Typically, the migration is owned by the Law Department, but staffed cross-functionally between Law, IT and Records Management resources. Create detailed deliverables for project team members, building in enough slack time to manage unplanned contingencies. Develop communication plan: The importance of keeping employees and project team members informed before, during, and after the data migration cannot be understated. Key communication points include the targeted date for cut-over to the new system, examples of the look and feel of the new approach, and how to get assistance should the recipient have questions. 3 Refers to a class of tools to extract, transform, and load data between data sources.
Develop training approach/curriculum: Before the data migration is launched, create a training program for both system users and legal hold notice recipients. Ensure that the training, like the messaging in the communication plan, is succinct, timely, and audience appropriate. The end goal is to deliver training that allows users to competently interact with the new legal hold system. Define and validate migration goals and technical specifications: Create detailed documentation recording the decisions that inform your migration approach. Determine what and how you will move existing data and documentation from the source application or system to the target system or application. Be sure to validate the migration plan with counsel before you develop the quality assurance/control plan to ensure the fidelity of the migration, and then document both the quality assurance (QA) and quality control (QC) plans and eventual results. Effective QA plans rely on test migration procedures that will help ensure the migration goals are satisfied. QC plans include unit and use-case testing along with integration testing to validate the information transfer. Because there are so many legacy approaches to managing legal holds, there is no one-size-fits-all approach to managing the transition from one system to another, other than to ensure that the defensibility narrative does not suffer as a result. Step #3: Deliver on the plan Deliver the migration with necessary support and documentation Once a migration plan is defensibly defined, deploy the project team and any required tools to execute on the plan and to address any unexpected issues during the data migration. Professional project management and regular reporting throughout the data migration support successful transitions. The delivery phase of a legal hold migration project includes: Migration of data to the new environment: Extract the data from the source legal hold system or application, and prepare it for ingestion to the target or new legal hold system. During this process perform any necessary data transformations to format legacy data for use in the new legal hold system. Test the migrated data: Execute the QA/QC plans as prescribed; adjust for any extraction, transformation, or load errors and cycle to acceptable defect levels. Communicate with and train impacted constituents: Deliver timely and audience-appropriate updates and training as the migration proceeds and as the go-live date approaches. Certify results: Consolidate migration planning materials, test results, and related legacy and new system documentation to create a defensibility binder for the migrated holds. Be sure to demonstrate that reasonable, good faith, and diligent efforts were made to ensure high fidelity information transfer and continued successful preservation efforts. Step #4: Run Ongoing support Managing and supporting a post-migration environment is an important part of a successful migration. Ensuring that sufficient support resources, both technical and legal, are available to respond to user inquiries is essential for the confident adoption of the successor system. If your support organization does not already do so, consider formalizing a process whereby user feedback is analyzed, reviewed, and acted upon either by technical or training teams to avoid repeat issues.
Conclusion Migrating data from one system to another is often a cause for anxiety in organizations, not without good reason. Data migrations can be complex and technically challenging at their simplest, with unknown or unexpected dependencies or internal processes throwing wrenches into timely completion. Add stringent legal and regulatory obligations into the mix, and organizational apprehension can be amplified. But with the appropriate expertise present and proper planning applied, organizations can greatly mitigate risk of losing continuity or steam when moving to new technology or updating processes. Always allowing for enough time, internal and external resources, and following stringent guidelines for communication, documentation and quality control will go a long way toward ensuring success. David D. Rohde, JD, LLM, IGP Senior Director, Consulting Services Epiq Systems James Fitzgerald Senior Director Exterro epiqsystems.com 800 314 5550