e-discovery <ul><li>Séminaire Fédisa 22 février 2011 </li></ul>Jacques Folon Partner Edge Consulting Chargé de cours ICHEC...
<ul><li>Qui est certain que son organisation est parfaitement en règle et peut à tout moment identifier et présenter les d...
La présentation est en ligne sur www.slideshare.net/folon
Table des  matières <ul><li>Situation actuelle </li></ul><ul><li>Un prérequis ECM </li></ul><ul><li>Ediscovery </li></ul><...
La situation actuelle:  1/de nombreuses « machines »
2/ trop d’informations mène à l’infobésité…
Le contrôle
Quelles informations  ? <ul><li>Electronically stored information (ESI) </li></ul><ul><li>Documents scannés, fax </li></ul...
2. Un prérequis:  electronic content management
www.aiim.org/training
Source :  https://www.britestream.com/difference.html .
<ul><li>Most of today’s records start out in electronic form </li></ul><ul><ul><li>Letters </li></ul></ul><ul><ul><li>Emai...
Electronic records management <ul><li>The electronic management of paper records? </li></ul><ul><li>The management of elec...
Content types and how well managed For each type of content, evaluate the degree of control that exists in your organizati...
What are the main business drivers? Copyright © AIIM  |  All rights reserved Source: What is ERM www.aiim.org/training ERM...
Driver: Compliance <ul><li>Laws </li></ul><ul><li>Regulations </li></ul><ul><li>Policies </li></ul><ul><li>Standards </li>...
Driver: Effectiveness <ul><li>Not losing records </li></ul><ul><li>Sharing records </li></ul><ul><li>Finding records easil...
Drive r : Efficiency <ul><li>Accessing records quickly </li></ul><ul><li>Space savings </li></ul><ul><li>Reduced handling ...
Drive r : Continuity <ul><li>Records are vulnerable to loss </li></ul><ul><li>Businesses tend to fail if they  </li></ul><...
The records lifecycle Copyright © AIIM  |  All rights reserved Source: NARA Source: What is ERM www.aiim.org/training
Fundamental principles <ul><li>Records are created, received,  </li></ul><ul><li>and used in the conduct of  </li></ul><ul...
Access and usage principles <ul><li>Records should be accessible to authorised users  </li></ul><ul><li>Users should be ab...
Retention principles <ul><li>Records must be managed through their lifecycle </li></ul><ul><li>Records should be kept as l...
Disposition principles <ul><li>Disposition is an accepted phase of the records lifecycle </li></ul><ul><ul><li>Transfer/ac...
What is ‘Capture’ ERM System Copyright © AIIM  |  All rights reserved Source: What is ERM www.aiim.org/training Capture
The purpose of capturing records <ul><li>Establish a relationship between the record and its context </li></ul><ul><li>Pla...
Why not capture everything? <ul><li>Hard cost of storage </li></ul><ul><li>Volume of non-records to sift through </li></ul...
So, what is metadata? <ul><li>Metadata = “Data about data” </li></ul><ul><ul><li>For a document or record this means data ...
Perspectives on metadata <ul><li>Entering metadata is often called “indexing”  </li></ul><ul><li>Different users of an ERM...
Why is access control necessary? <ul><li>Ensure ‘systematic control’ and ‘credible evidence’ </li></ul><ul><li>Ensure auth...
The objects of user access rights <ul><li>Provide or limit access to specific classes, </li></ul><ul><li>files or records ...
Retention periods - 1 <ul><li>Capturing a record implies need for retention </li></ul><ul><li>A record may be retained in ...
Retention periods - 2 <ul><li>Records will vary in their intrinsic nature  </li></ul><ul><li>Some records may need to be r...
The benefits of destroying records <ul><li>Keeping everything forever is expensive </li></ul><ul><ul><li>Storage costs </l...
3. Après ERM => ediscovery
Définition et contexte <ul><li>L’électronique discovery, appelé aussi e-discovery ou ediscovery constitue le  procédé par ...
Ediscovery model Source for the next 9 slides:  http://edrm.net
1/information mgt
2/ identification
3/ préservation
4/ collecte Collection is the acquisition of potentially relevant electronically stored information (ESI) as defined in th...
5/ processing
6/ review
7/ Analyse
8/ Production
9/ Présentation
GSA IT Quarterly Forum -- Aug 2007 4/ The Sedona Principles:  Best Practices Recommendations & Principles for Addressing E...
The Sedona Guidelines <ul><ul><li>Second work product of working group </li></ul></ul><ul><ul><li>Draft published in Septe...
The Sedona Guidelines <ul><li>1.  An organization should have reasonable policies and procedures for managing its informat...
The Sedona Guidelines <ul><li>2.  An organization’s information and records management policies and procedures should be r...
The Sedona Guidelines <ul><li>3.  An organization need not retain all electronic information ever generated or received. <...
The Sedona Guidelines <ul><li>4. An organization adopting an information and records management policy should consider inc...
The Sedona Guidelines <ul><li>5.  An organization’s policies and procedures must mandate the suspension of ordinary destru...
5. Conclusion
RÖLE DU RESPONSABLE DE SECURITE
 
 
Sommes nous prêts à nous défendre?
Jacques Folon [email_address]
Je suis prêt à répondre à vos questions
Chargé  de cours Partner Auteur Blog www.privacybelgium.be   http://be.linkedin.com/in/folon www.edge-consulting.biz [emai...
Upcoming SlideShare
Loading in …5
×

Ediscovery Fedisa Belgium

1,183 views
1,075 views

Published on

Conférence donnée lors du séminaire fedisa belgium le 22/2/2011

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,183
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
15
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • ERM Certificate Program Copyright AIIM
  • ERM Certificate Program Copyright AIIM
  • ERM Certificate Program Copyright AIIM
  • ERM Certificate Program Copyright AIIM
  • ERM Certificate Program Copyright AIIM
  • ERM CO06 Access 06/11/2005 10:52:27
  • ERM CO06 Access 06/11/2005 10:52:27
  • National Archives and Records Administration This slide has a background graphic of Sedona, Arizona.
  • National Archives and Records Administration
  • National Archives and Records Administration
  • National Archives and Records Administration
  • National Archives and Records Administration
  • National Archives and Records Administration
  • National Archives and Records Administration
  • Ediscovery Fedisa Belgium

    1. 1. e-discovery <ul><li>Séminaire Fédisa 22 février 2011 </li></ul>Jacques Folon Partner Edge Consulting Chargé de cours ICHEC Professeur invité Université de Metz Administrateur Fedisa Belgium
    2. 2. <ul><li>Qui est certain que son organisation est parfaitement en règle et peut à tout moment identifier et présenter les documents nécessaires à se défendre en justice et est prêt à parier 12 bouteilles de champagne? </li></ul>
    3. 3. La présentation est en ligne sur www.slideshare.net/folon
    4. 4. Table des matières <ul><li>Situation actuelle </li></ul><ul><li>Un prérequis ECM </li></ul><ul><li>Ediscovery </li></ul><ul><li>Sedona principles </li></ul>
    5. 5. La situation actuelle: 1/de nombreuses « machines »
    6. 6. 2/ trop d’informations mène à l’infobésité…
    7. 7. Le contrôle
    8. 8. Quelles informations ? <ul><li>Electronically stored information (ESI) </li></ul><ul><li>Documents scannés, fax </li></ul><ul><li>Textes (word, pages, et des anciennes versions), tableurs, calendriers, </li></ul><ul><li>Emails entrants et sortant </li></ul><ul><li>Databases, sites web, blogs,… </li></ul><ul><li>Disques (centraux, locaux, pc, disques externes, clés USB, …) </li></ul><ul><li>CRM, CMS </li></ul><ul><li>GSM et PDA </li></ul><ul><li>Time sheet, comptabilité </li></ul><ul><li>Messagerie instantanée </li></ul><ul><li>Voice mail </li></ul><ul><li>GPS navigation systems </li></ul><ul><li>Archivage externe </li></ul><ul><li>Metadata </li></ul><ul><li>Réseaux sociaux (privés et professionnels) </li></ul>
    9. 9.
    10. 10. 2. Un prérequis: electronic content management
    11. 11. www.aiim.org/training
    12. 12. Source : https://www.britestream.com/difference.html .
    13. 13. <ul><li>Most of today’s records start out in electronic form </li></ul><ul><ul><li>Letters </li></ul></ul><ul><ul><li>Emails </li></ul></ul><ul><ul><li>Faxes </li></ul></ul><ul><ul><li>Web transactions </li></ul></ul><ul><ul><li>Other transactions </li></ul></ul>The importance of records Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    14. 14. Electronic records management <ul><li>The electronic management of paper records? </li></ul><ul><li>The management of electronic records? </li></ul>Question: Is ERM Answer: Both Source: What is ERM www.aiim.org/training
    15. 15. Content types and how well managed For each type of content, evaluate the degree of control that exists in your organization in managing it. All respondents (462) Source: What is ERM www.aiim.org/training
    16. 16. What are the main business drivers? Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training ERM Effectiveness Continuity Efficiency Compliance
    17. 17. Driver: Compliance <ul><li>Laws </li></ul><ul><li>Regulations </li></ul><ul><li>Policies </li></ul><ul><li>Standards </li></ul><ul><li>Good practice </li></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    18. 18. Driver: Effectiveness <ul><li>Not losing records </li></ul><ul><li>Sharing records </li></ul><ul><li>Finding records easily </li></ul><ul><li>Getting the complete picture </li></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    19. 19. Drive r : Efficiency <ul><li>Accessing records quickly </li></ul><ul><li>Space savings </li></ul><ul><li>Reduced handling costs </li></ul><ul><li>Other examples </li></ul><ul><ul><li>Archival costs </li></ul></ul><ul><ul><li>Disposal of furniture </li></ul></ul><ul><ul><li>Consumables </li></ul></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    20. 20. Drive r : Continuity <ul><li>Records are vulnerable to loss </li></ul><ul><li>Businesses tend to fail if they </li></ul><ul><li>lose their records </li></ul><ul><li>Electronic storage may </li></ul><ul><li>speed recovery from </li></ul><ul><li>a disaster </li></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    21. 21. The records lifecycle Copyright © AIIM | All rights reserved Source: NARA Source: What is ERM www.aiim.org/training
    22. 22. Fundamental principles <ul><li>Records are created, received, </li></ul><ul><li>and used in the conduct of </li></ul><ul><li>organisational activities </li></ul><ul><li>Organisations should create </li></ul><ul><li>and maintain authentic, </li></ul><ul><li>reliable, and usable records </li></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    23. 23. Access and usage principles <ul><li>Records should be accessible to authorised users </li></ul><ul><li>Users should be able to </li></ul><ul><li>search and access records </li></ul><ul><li>in usable formats </li></ul><ul><li>Records should be organised </li></ul><ul><li>to support access and </li></ul><ul><li>management </li></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    24. 24. Retention principles <ul><li>Records must be managed through their lifecycle </li></ul><ul><li>Records should be kept as long as required </li></ul><ul><ul><li>Statutory requirements </li></ul></ul><ul><ul><li>Legal requirements </li></ul></ul><ul><ul><li>Business or operational needs </li></ul></ul><ul><li>Retaining records longer than required may increase organisational liability </li></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    25. 25. Disposition principles <ul><li>Disposition is an accepted phase of the records lifecycle </li></ul><ul><ul><li>Transfer/accession </li></ul></ul><ul><ul><li>Destruction </li></ul></ul><ul><li>Records should be </li></ul><ul><li>disposed of at the </li></ul><ul><li>end of the lifecycle </li></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    26. 26. What is ‘Capture’ ERM System Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training Capture
    27. 27. The purpose of capturing records <ul><li>Establish a relationship between the record and its context </li></ul><ul><li>Place the record into a controlled environment </li></ul><ul><li>Link the record to other related records </li></ul><ul><li>Allow the record to be managed effectively </li></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    28. 28. Why not capture everything? <ul><li>Hard cost of storage </li></ul><ul><li>Volume of non-records to sift through </li></ul><ul><ul><li>Operationally </li></ul></ul><ul><ul><li>For legal or audit requirements </li></ul></ul><ul><li>Increased liability for </li></ul><ul><li>disclosing too much </li></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    29. 29. So, what is metadata? <ul><li>Metadata = “Data about data” </li></ul><ul><ul><li>For a document or record this means data such as its author, its title, the issue date, and other information which can usefully be associated with it </li></ul></ul><ul><li>Nothing new or unique </li></ul><ul><li>Defined in terms of units called “Elements” or “Fields.” </li></ul><ul><ul><li>Some support “sub-elements” or “attributes” </li></ul></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    30. 30. Perspectives on metadata <ul><li>Entering metadata is often called “indexing” </li></ul><ul><li>Different users of an ERM system will have different views of what metadata can do for them, and what metadata is required </li></ul><ul><ul><li>Business perspective </li></ul></ul><ul><ul><li>Records management perspective </li></ul></ul><ul><ul><li>User perspective </li></ul></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    31. 31. Why is access control necessary? <ul><li>Ensure ‘systematic control’ and ‘credible evidence’ </li></ul><ul><li>Ensure authoritative records </li></ul><ul><li>Protect commercially sensitive information </li></ul><ul><li>Protect personal </li></ul><ul><li> information </li></ul><ul><li>Limit access to protectively </li></ul><ul><li> marked information </li></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    32. 32. The objects of user access rights <ul><li>Provide or limit access to specific classes, </li></ul><ul><li>files or records </li></ul><ul><li>Provide or limit access to features </li></ul><ul><li>Provide or limit access by security </li></ul><ul><li>classification </li></ul><ul><ul><li>‘ Need to know’ </li></ul></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    33. 33. Retention periods - 1 <ul><li>Capturing a record implies need for retention </li></ul><ul><li>A record may be retained in different ways </li></ul><ul><ul><li>ERM system </li></ul></ul><ul><ul><li>Software application </li></ul></ul><ul><ul><li>Separate electronic media </li></ul></ul><ul><ul><li>Paper </li></ul></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    34. 34. Retention periods - 2 <ul><li>Records will vary in their intrinsic nature </li></ul><ul><li>Some records may need to be retained for very long periods of time </li></ul><ul><li>Other records will need to be </li></ul><ul><li>retained for shorter periods </li></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    35. 35. The benefits of destroying records <ul><li>Keeping everything forever is expensive </li></ul><ul><ul><li>Storage costs </li></ul></ul><ul><ul><li>Search and retrieval </li></ul></ul><ul><ul><li>Discovery </li></ul></ul><ul><li>Courts have held that there is no requirement to keep everything forever </li></ul><ul><li>Destroying records reduces risk </li></ul><ul><ul><li>When it is done consistently and in accordance with the records program </li></ul></ul>Copyright © AIIM | All rights reserved Source: What is ERM www.aiim.org/training
    36. 36. 3. Après ERM => ediscovery
    37. 37. Définition et contexte <ul><li>L’électronique discovery, appelé aussi e-discovery ou ediscovery constitue le procédé par lequel une donnée électronique est recherchée, localisée, sécurisée, identifiée afin qu’elle serve de preuve à charge ou à décharge dans un litige civil ou pénal. </li></ul><ul><li>L'accès rapide aux informations contenues dans les documents est indispensable pour élaborer des stratégies gagnantes dans le cadre de contentieux juridiques. </li></ul><ul><li>Il est souvent impossible ou il faut trop de temps pour accéder efficacement aux informations pertinentes dès le début du processus de découverte. </li></ul><ul><li>De plus, les entreprises sont tenues de conserver et parfois de divulguer des données qui n'existent que dans des langues étrangères. </li></ul><ul><li>Avoir les bonnes données au bon moment est critique. </li></ul><ul><li>Les entreprises ont donc besoin de solution pour trouver très rapidement les documents requis quelle que soit leur langue. </li></ul>Source www.systran.fr
    38. 38. Ediscovery model Source for the next 9 slides: http://edrm.net
    39. 39. 1/information mgt
    40. 40. 2/ identification
    41. 41. 3/ préservation
    42. 42. 4/ collecte Collection is the acquisition of potentially relevant electronically stored information (ESI) as defined in the identification phase of the electronic discovery process. The exigencies of litigation, governmental inquiries, and internal investigations generally require that ESI and its associated metadata should be collected in a manner that is legally defensible, proportionate, efficient, auditable, and targeted.
    43. 43. 5/ processing
    44. 44. 6/ review
    45. 45. 7/ Analyse
    46. 46. 8/ Production
    47. 47. 9/ Présentation
    48. 48. GSA IT Quarterly Forum -- Aug 2007 4/ The Sedona Principles: Best Practices Recommendations & Principles for Addressing Electronic Document Production (Second edition, June 2007) The Sedona Guidelines: Best Practices Guidelines & Commentary for Managing Information and Records in the Electronic Age (Sept. 2005)
    49. 49. The Sedona Guidelines <ul><ul><li>Second work product of working group </li></ul></ul><ul><ul><li>Draft published in September 2004 for public comment; published in September 2005. </li></ul></ul><ul><ul><li>They are: </li></ul></ul><ul><ul><ul><li>Important background and roadmap of issues </li></ul></ul></ul><ul><ul><ul><li>Link between RIM, IT and Legal Perspectives </li></ul></ul></ul><ul><ul><ul><li>Flexible, Scalable and Reasonable </li></ul></ul></ul><ul><ul><li>They are not : </li></ul></ul><ul><ul><ul><li>Standards or minimum requirements </li></ul></ul></ul><ul><ul><ul><li>Unchangeable </li></ul></ul></ul>
    50. 50. The Sedona Guidelines <ul><li>1. An organization should have reasonable policies and procedures for managing its information and records. </li></ul>
    51. 51. The Sedona Guidelines <ul><li>2. An organization’s information and records management policies and procedures should be realistic, practical and tailored to the circumstances of the organization. </li></ul>
    52. 52. The Sedona Guidelines <ul><li>3. An organization need not retain all electronic information ever generated or received. </li></ul>
    53. 53. The Sedona Guidelines <ul><li>4. An organization adopting an information and records management policy should consider including procedures that address the creation, identification, retention, retrieval and ultimate disposition or destruction of information and records. </li></ul>
    54. 54. The Sedona Guidelines <ul><li>5. An organization’s policies and procedures must mandate the suspension of ordinary destruction practices and procedures as necessary to comply with preservation obligations related to actual or reasonably anticipated litigation, governmental investigation or audit. </li></ul>
    55. 55. 5. Conclusion
    56. 56. RÖLE DU RESPONSABLE DE SECURITE
    57. 59. Sommes nous prêts à nous défendre?
    58. 60. Jacques Folon [email_address]
    59. 61. Je suis prêt à répondre à vos questions
    60. 62. Chargé de cours Partner Auteur Blog www.privacybelgium.be http://be.linkedin.com/in/folon www.edge-consulting.biz [email_address] Administrateur

    ×