I was at the Sedona Working Group’s mid-year conference recently in St. Louis. While I sadly didn’t get to see the famous arch, I was happy to be ensconced again in the “Sedona Bubble” – an oft used term to fondly describe the relatively small cadre of lawyers, judges and academic professionals that are in rarefied air when it comes to anything eDiscovery related.
While there’s a well-known prohibition against disclosing content from the sessions (for reasonable concerns about “outing” any particular person who’s views may not coincide with their organization’s perspective), I think it’s fair to discuss a few general themes from the conference. Not surprisingly, predictive coding and the accompanying workflows, defensibility and transparency were hot topics. Similarly, the proposed amendments to the FRCP lit the fuse to a spirited dialogue (folks at Sedona don’t “debate”).
Nearest and dearest to my heart, though, was the session on information governance, where I had the privilege of sharing the dais with several other members of the drafting team to discuss our draft of guiding principles for a proposed information governance paper. During the relatively brief presentation, the audience generally confirmed many of the challenges associated with this emerging new discipline, namely obtaining consensus on the following:
- Who “owns” information governance?
- Where does it reside organizationally?
- Are there information governance best practices yet?
- Is there a universal, information governance definition?
- How do you build the business case for information governance?
- How do advanced technologies, like predictive coding, enable information governance?
The first logical step has to be gaining consensus on a definition. The one I’m proffering is a hybrid of the many permutations that exist out there (from Gartner, ARMA, AIIM, etc.). The key is that the definition must focus on the need to optimize information value while minimizing the associated risks:
“Information Governance is a cross-departmental framework consisting of the policies, procedures and technologies designed to optimize the value of information while simultaneously managing the risks and controlling the associated costs, which requires the coordination of eDiscovery, records management and privacy/security disciplines.”
Fortunately, the eDiscovery movement from the last decade has paved the way for this type of cross functional, multi-department initiative. I remember wistfully the days when it seemed like there was literally a session at every conference explaining how to get Legal and IT to speak the same language. While there will always be language barriers that exist between functional groups, there now seem to be more in common than different.
As a relatively new discipline, information governance amplifies the need for a common language and extends the necessary constituents, going beyond the initial Legal-IT grouping to add in Risk, Compliance, Infosec, Records Management, as well as stakeholders from relevant business units. While these groups might have had periodic participation in an episodic eDiscovery event, the information governance movement requires a dedicated seat at the table.
Earlier this year, Judge Peck announced at LegalTech that “If 2012 was the year of predictive coding or technology-assisted review, 2013 or ’14 seems to be information governance.” The next step is for groups like Sedona to continue advancing the discussion by defining what’s within the information governance purview, who’s involved and what guiding principles are at play. Until there’s better clarity about these basic building blocks it will be hard for this initiative to get beyond the early adopter stage and go truly mainstream. If/when that happens, information governance promises to truly ring in a new era in the defensible management of data within organizations.