Follow ACC Docket Online:  

RIM Best Practice Tips for the In-House Attorney

Sponsored by Epiq

C orporations, whether they want to be or not, are in the information business. Information is a critical operational asset for organizations, and needs to be treated as such. With the dramatic explosion of the volume of information and the risks inherent in operating in a largely digital universe, it is not only prudent but critical for firms to invest in developing an effective information governance strategy and a mature records and information management (RIM) program. 

Corporate legal departments have some unique challenges when it comes to managing the information related to matters handled by outside counsel.  In order to manage those records and information effectively, an organization must adopt and enforce a set of policies and procedures to ensure consistent behavior.  To do this, try these best practices:

1. Include your organization's records retention requirements, for each matter, in your engagement letters with outside counsel.  Law firms often over-retain client files, thereby potentially increasing an organization's risk that it's outside counsel may receive a third party subpoena associated with the organization's files, along with the possibility of other risk, such as a data breach, related to material the organization otherwise would have disposed of according to its own policy.

2. As soon as practicable after the conclusion of matters handled by outside counsel, follow-up with the firm to review the retention policy agreed to in the engagement letter and confirm the actions you expect the firm to take.  The policy may be for the firm to return the file to you so you can manage its disposition according to your policy yourself, or for the firm to retain the file for a specified period of time, then destroy it and provide a certificate of destruction to you for your records.  One thing to stress around disposition of your files performed by the firm is that it applies to ALL content, regardless of form or format not just the "paper file," but also all email and other electronic content.  

3. Whenever possible, only send copies or images of original documents to outside counsel.  Retaining the originals ensures the organization has them immediately available should it need them to exercise its rights or meet its obligations. A law firm is not a safety deposit box, and should not necessarily be considered a safer repository for sensitive data than an organization's own systems.   

4. Understand the norms around client file ownership for the jurisdictions in which your company operates.  Law firms are guided by the ABA's Model Rules of Professional Conduct when making decisions about which parts of a client file belong to the client, and which belong to the firm – such as the often-controversial Attorney Notes file.  There is no national standard to which law firms are held, which may mean your results may vary from jurisdiction to jurisdiction.

Establish a RIM policy and retention/disposition schedule that is simple to understand and easy to consistently execute.  Many corporate and law firm RIM policies are overly complex, which leads to inaction, which leads to over-retention of information, which leads to unnecessary cost and risk.  Keep it simple so following the policy is easy to do in the normal course of business, for your organization and your outside counsel.

6. Just do it!  Stop saving everything, and don't let outside counsel save it all either. Use your retention policy, pervasively and consistently. Apply it to everything – email, file shares, document repositories (on-premise and in the cloud; physical documents and electronic ones), duplicate material, drafts, and voicemail. "Forever" and "just in case" are not valid retention periods.  While the commodity price of digital storage looks cheap on its face, the total cost of that storage is exponentially more expensive – and it is NEVER free!

7. Operationalize for consistency. Spending the time to develop and execute on the above best practices will eventually be for naught if a mature RIM program is not put in place and supported with appropriate staff and technology that operationalizes policy to achieve consistency and cost efficiency.

About the Author

Julie J. Colgan

Julie J. Colgan is a certified records manager (CRM) and certified information governance professional (IGP) with more than 20 years of experience in the records and information governance field. She has worked as a practitioner, as an advisor, and as a software and service provider executive. At Epiq, Colgan provides executive leadership for the Business Process Solutions group, focused on strategy and innovation. Colgan is an internationally recognized speaker and author on a variety of information governance and records management topics and is past president of ARMA International, the premier professional association for the information management profession.

The information in any resource collected in this virtual library should not be construed as legal advice or legal opinion on specific facts and should not be considered representative of the views of its authors, its sponsors, and/or ACC. These resources are not intended as a definitive statement on the subject addressed. Rather, they are intended to serve as a tool providing practical advice and references for the busy in-house practitioner and other readers.