Lora Bentley spoke with Patrick Zeller, a VP and deputy general counsel for Guidance Software. He says large and small companies alike are assembling teams made up of legal and IT representatives to lower the cost and risk associated with e-discovery and compliance requirements.

Bentley: In your experience, do you see legal departments overlapping or working with IT departments?

Zeller: A lot of my responsibility is working with our customers -- legal departments who are working with IT to deal with searching for electronically stored information and collecting it from their networks. Generally, there are three reasons why they do that. One is e-discovery and civil litigation, which makes sense. The second is to deal with compliance and regulatory issues. 

Bentley: Such as?

Zeller: There are a number of things that trigger needing to do an investigation, such as Sarbanes-Oxley whistleblower hotlines, or policing health information for purposes of HIPAA, or they're taking credit card numbers and information and need to meet PCI requirements, or even needing to have an internal audit. Then there’s SEC and banking-regulated companies and all that they need to deal with. That's the second category, for compliance and regulatory purposes.  

Bentley: And the third?

Zeller: Third is when you need to do an internal investigation. All three of those things trigger a need for legal to respond, and legal needs the help of IT to do that. 

Bentley: In order to find it all?

Zeller: Right. Who better than IT networking and data-storage folks to know where the stuff is? That’s created a need for what a lot of companies call “e-discovery teams” or “compliance teams.” They’re composed of legal and IT folks.

Bentley: They focus on searching for and collecting ESI?

Zeller: That’s their primary focus, but they also enforce records management and compliance policies. They police the data that’s out there – determining when it should be deleted or when it should be moved to storage, things like that.  

Bentley: What do these teams bring to the companies that employ them?

Zeller: They help the companies minimize cost and also minimize risk. But they’re also going to have increased consistency in terms of how they search because they’re an internal team that does it all the time. As such, they also improve the quality of that search and collection, as well as increasing its responsiveness – they’re going to do it quicker. 

Bentley: Do larger companies employ these teams more than small companies do?

Zeller: Well, there’s a perception that smaller companies aren’t doing this, but that’s not the case. A lot of small companies are heavily regulated, and if they’re outsourcing e-discovery, that can be very, very expensive. So a lot of companies are seeing huge savings by bringing this in house and controlling it. 

Bentley: Many people say that IT and legal speak two different languages. From what you’ve seen, how do they go about making sure that everyone’s on the same page when they’re developing a search and collection process or records management policies?

Zeller: Well, that’s the heart of the issue. It’s kind of like two worlds colliding. What they’ll do is have a dedicated legal person to deal with IT, and a dedicated IT person to deal with legal. A lot of times these IT people spend so much time working with legal that they’ll end up being [placed in the office] with and permanently detailed to the legal department because there’s so much work for them.