January 21, 2018

January 19, 2018

Subscribe to Latest Legal News and Analysis

January 18, 2018

Subscribe to Latest Legal News and Analysis

Information Governance: Managing Digital Debris

The ever-increasing growth of data content combined with complex legal and regulatory obligations makes information governance a critical business issue for organizations. In fact, nearly 70% of data generated by a company has no legal or business value, according to a report published by Electronic Discovery Reference Model (EDRM), an organization dedicated to improving the electronic discovery process. To help organizations determine how to dispose of digital debris, EDRM has developed an Information Governance Reference Model (IGRM).

Defining and Identifying Digital Debris. Before implementing data-governance policies, organizations need to understand what data needs to be kept and what data has no legal or business value. The default method of keeping all data forever may ensure that an organization has all data required by various regulations. However, this method is expensive and unwieldy, particularly as data continues to proliferate at stunning rates. For example, the same email can typically be found in multiple places, such as on email servers, local and networked archives, on smartphones, in the cloud, and on disaster recovery tapes and drives. Other files—such as temporary work files duplicated in multiple locations, data stored on outdated technology and litigation copies—can slow system performance, increase litigation costs, and increase the risk of loss, theft, or breach of sensitive information.

The Information Governance Reference Model. The IGRM was developed to help organizations define an effective information governance strategy. At its core, the IGRM links the legal obligations and business utility of specific data to the stakeholders who create, consume, and manage that data. IGRM recognizes that information management should not be relegated only to IT teams. All creators and consumers of information in an organization must work together. To effectively implement IGRM and create a defensible data-disposal program, an organization must have effective leadership responsible for information governance, must implement policies and processes that link information to relevant stakeholders and must provide stakeholders with the technology and tools to implement the organization’s information governance policies and procedures.

Implementing the Information Governance Reference Model. A critical step in implementing an effective IGRM is assessing an organization’s existing information governance process. This assessment will help an organization identify weaknesses in its existing data management strategies. Based on the organization’s assessment, the responsibilities of information management can be divided among three key groups: business users; legal, risk, and regulatory departments; and IT organizations.

Designing and implementing an effective information governance program can result in a significant payoff by reducing an organization’s risks and costs relating to the storage and management of data.

Copyright © 2018 by Morgan, Lewis & Bockius LLP. All Rights Reserved.


About this Author

Stephanie Tess Blair, Morgan Lewis Law firm, eData Attorney

Stephanie A. "Tess" Blair is a partner in and leader of Morgan Lewis's eData Practice. As leader of the eData Practice, Ms. Blair works with Morgan Lewis attorneys and clients to develop and implement strategies and cutting-edge technologies for successfully managing complex litigation matters, with an emphasis on electronic discovery. As a nationally recognized thought leader in electronic discovery, Ms. Blair has developed industry-leading “best practices” designed to provide clients with state-of-the-art records and discovery management, knowledge sharing, and collaboration resources....


Rahul Kapoor is a partner in Morgan Lewis's Business and Finance Practice, the firmwide hiring partner, and a member of the firm's Legal Personnel and Finance Committees. Mr. Kapoor has deep transactional experience in strategic alliances, joint ventures, corporate partnering transactions, standards body licensing structures, intellectual property strategic counseling, technology licensing, open source software strategy, electronic commerce and privacy, supply and distribution agreements, consignment agreements, spin-outs and core technology licenses, IT outsourcing transactions, as well as intellectual property due diligence issues in connection with mergers, acquisitions, IPOs and corporate financings.

Cindy L. Dole, Morgan Lewis, Technology IP Lawyer, Finance matters Attorney

Cindy L. Dole collaborates with clients at the intersection of technology, intellectual property (IP), and finance. In her technology-based transactional practice, she advises on matters including corporate partnering, open source software strategy, distribution and sales arrangements, cloud computing, and other electronic commerce (e-commerce). Additionally, Cindy helps companies develop and implement IP strategy in connection with financings, mergers, acquisitions, and initial public offerings (IPOs).