Originally published July 2010

Keywords: structured data,databases, electronically stored information, ESI, storage systems

Scenario

A large pharmaceutical company maintains data related to its research and development in several proprietary, structured databases. The information contained in the database is regularly updated with results of new trials. The company receives a subpoena from a regulatory agency requesting documents related to clinical trials that were completed in advance of releasing a new product. To fully respond to the subpoena, information maintained in those databases must be collected, reviewed and potentially produced. The in-house lawyer responsible for the response to the subpoena is asked to identify all of the relevant sources of information, as well as any potential issues associated with the collection, review and production of information from those data sources.

Structured Data from Databases

An organization may have numerous data storage systems that are updated or changed over time, such as a database of customers, a document management system, or a database that holds information about clinical trials. The data in such databases are dynamic, and they create additional issues for an entity to consider when responding to a request for information, including: What is the best way to generate data from the database? When must an organization preserve the incremental changes for later production in litigations? What are the costs associated with collection, review and production of data?

Databases are typically large, and they do not lend themselves to traditional methods of document review. The raw data that are contained in the databases can be difficult to interpret in isolation, and it is often impractical to produce in litigation the myriad programs that utilize those raw data. Additionally, many databases create, update and discard certain information automatically. Terminating those functions is often impossible without disruption to the organization and, even in instances where it can be done, is typically costly and burdensome.

While it may not be practical or even necessary to save every incremental change to a database, there may be situations in which an entity should be prepared to preserve all electronically stored information (ESI) if the ESI is relevant to pending or foreseeable litigation. Although Federal Rule of Civil Procedure 34(a) provides authority for compelling a recalcitrant party to either produce information or allow direct access to a database, the duty to preserve data does not require a party to undertake creating storage systems or installing software. In certain circumstances, it may be sufficient to produce summary reports out of databases.

To best address the issues associated with the collection, review and production of structured data from databases, an entity should be prepared to address the sources of potentially relevant data, the scope of review and the potential use of summary reports during the early stages of a litigation or investigation. Early discussions should focus on any unique preservations issues, such as the use of summary reports to capture the data contained in the database. If no agreement is reached and information in the underlying database changes in a significant manner by the time a report is eventually generated, a producing party risks spoliation sanctions or an order granting the opponent full access to the database.

Be Prepared for Discussions in Advance of Receiving a Subpoena

In order to be prepared for such discussions shortly after receiving a request for production, organizations should implement policies and procedures for identifying, and cataloging information regarding the databases that it maintains.

Develop Data Source Catalogs

An organization should consider developing a data source catalog as part of an effective information management program. This catalog would contain fact sheets on key data sources likely to be relevant across multiple litigations and investigations. A careful, updated catalog, prepared in cooperation with the IT department, can facilitate discussions about preservation and collection decisions for key data sources without the need to repeat the investigative process in each litigation or investigation.

A data source catalog could include the following categories, depending upon the nature and use of the application at issue:

  • Data source
  • Business area
  • Key contacts
  • Key functionality
  • Brief description
  • Inputs
  • Outputs
  • Date range and retention policy
  • Backup schedule
  • Retention period for backups
  • Preservation considerations
  • Production considerations, including whether system stores confidential or proprietary information
  • Scheduled upgrades
  • Legacy data sources
  • Comments

Obtain Comprehensive Understanding of Relevant Systems

An organization should take steps to develop an understanding of all dynamic or transitory systems that are frequently sourced for litigations, investigations or third-party requests, and that understanding should be documented. In-house counsel should take steps to understand the burden of preserving and producing data from these systems, including any potential impediments to reviewing that data (such as the need for proprietary software) and costs associated with maintaining that data. Additionally, in-house counsel should be prepared to advise outside counsel of these issues.

Develop and Follow Guidelines for When to Preserve Data

Developing and following guidelines that incorporate an organization's understanding of any relevant dynamic or transitory systems is a way to ensure consistency of approach within the organization. These guidelines should provide guidance on when to agree to "snapshots" of such data, as well as the timing and frequency of such snapshots.

Develop Standard Disclosure Documents Regarding Data from Dynamic and Transitory Systems

To avoid possible misrepresentations or failures to disclose potentially relevant data, and to ensure consistency, an organization should consider developing and maintaining standard descriptions of its database applications that are often relevant to litigations, investigations and third-party requests. The process of developing those disclosures, along with the information about the appropriate internal burdens and costs, will be useful to outside counsel and will provide insights into the appropriate fact witnesses should it become necessary to object to preservation demands. To keep up with regular changes and updates to systems, the organization should consider a policy for regularly updating those disclosures.

Learn more about our Electronic Discovery & Records Management practice.

Visit us at www.mayerbrown.com.

Copyright 2010. Mayer Brown LLP, Mayer Brown International LLP, Mayer Brown JSM and/or Tauil & Chequer Advogados, a Brazilian law partnership with which Mayer Brown is associated. All rights reserved.

Mayer Brown is a global legal services organization comprising legal practices that are separate entities (the Mayer Brown Practices). The Mayer Brown Practices are: Mayer Brown LLP, a limited liability partnership established in the United States; Mayer Brown International LLP, a limited liability partnership incorporated in England and Wales; Mayer Brown JSM, a Hong Kong partnership, and its associated entities in Asia; and Tauil & Chequer Advogados, a Brazilian law partnership with which Mayer Brown is associated. "Mayer Brown" and the Mayer Brown logo are the trademarks of the Mayer Brown Practices in their respective jurisdictions.

This Mayer Brown article provides information and comments on legal issues and developments of interest. The foregoing is not a comprehensive treatment of the subject matter covered and is not intended to provide legal advice. Readers should seek specific legal advice before taking any action with respect to the matters discussed herein.