Is Your Review Team Up to Par?

At the end of the day, regardless of the e-discovery providers you select, you are only as good as your review team. When choosing an on-shore or off-shore provider, you need to ensure they have stellar hiring and training practices. Here are some guidelines:

Hiring

Building a good review team starts with the hiring process. The best review teams consist of well-educated attorneys. Hire individuals educated in a legal system closely aligned to your own. This means if you are in the UK, then perhaps India, Australia or New Zealand attorneys would be a good fit; and, if you are in the U.S., the Philippines is your best bet. As I noted in my August 28 blog post, in the recent ABA Ethics Committee opinion, the Committee opined that “[w]hen outsourcing to foreign lawyers you need to assess whether their legal education is comparable to that of lawyers in the U.S.” ABA Formal Opinion 08-451, at 3. “In some nations, people can call themselves ‘lawyers’ with only a minimal level of training. Also, the professional regulatory system should be evaluated to determine whether members of the nation’s legal profession have been inculcated with core ethical principles similar to those in the United States, and whether the nation’s disciplinary enforcement system is effective in policing its lawyers.” Id. at 3-4.

In order to ensure that you are hiring the best, you must do your homework - conduct background checks, confirm undergraduate and law school education, confirm references and administer competency tests. Once you are confident you’ve made the right selection, it’s time to think about training. You should be asking your outsourcing service provider about the following important components of an effective training protocol for review teams:

What kind of general training is conducted for the review teams?

Legal Training

• Is an overview of the discovery procedure (including document production formalities followed in the applicable jurisdiction) provided?
• If jurisdiction is within the U.S., does the team receive a refresher on the attorney-client privilege and work product concepts?

IT Training

• Are there in-depth platform and e-discovery technology platform training sessions for all team members?

Tests

• Are tests administered on the team’s understanding of legal issues and facts involved in the litigation?
• Are tests administered on the team’s understanding of the review protocol?

On-the-Job Training

• Do the quality control personnel provide regular daily feedback to first level reviewers to increase efficiency and accuracy?
• Does senior management maintain a quality check on workflow by providing continuous feedback to highlight errors and areas of improvement?

Are there any project-specific training protocols?

Training Materials

• Do your team members have a comprehensive review binder containing a summary of the matter or litigation, pleadings, notice to produce/document requests, cast of characters, privilege list?
• Do they provide the team with e-discovery technology user guides or other training documents?

Facts of the Case

• Do they provide project specific training sessions that start with introducing the reviewers to the facts of the specific litigation?
• Do they review relevant pleadings and case documents, ensuring each reviewer is familiar with the complaint, the requests for production, attorney lists and a list of FAQs?

Law Related to the Case

• Do they review and refresh concepts of responsiveness, attorney-client privilege and work product protection as well as a discussion of confidential and proprietary information related to the case?
• Do they provide training on all substantive issues pertinent to the review?

Process

• Do they provide refresher training on the e-discovery review platform?
• Do they provide online training modules designed that mimic live review situations?
• Do they provide continuous testing of individual reviewer’s work product (e.g. two reviewers are given the same documents to review and the work product is compared for accuracy)?
• Do they administer periodic testing on the FAQs, attorney lists, and the requests for production?

If you are outsourcing or contemplating doing so, you owe it to yourself, your company and your client to investigate your service provider’s hiring and training practices. This is the only way to ensure you have a quality team staffing your projects. If any readers have other suggestions about effective training programs they’ve observed, we’d be happy to hear about them. We’ll include a “training best practices” summary in a future post.

How Safe is Your Data?

Do you really know what your attorneys are doing with your data? I am betting not. Most companies hand their data over to service providers (law firms or attorney staffing agencies) without even an inquiry into the providers’ security protocols. Have you ever walked through a law firm or document review room? Other than getting past a receptionist, did you see any other security measures in place? The answer is most likely “no” or “I didn’t think to look.” Either way it is not good.

The fact is that most companies take assume that once their data is in the hands of a legal service provider (especially a law firm) it is safe and sound. Having practiced at a law firm and having worked on hundreds of document reviews, I can tell you that is not always the case. Law firms assume that their standard security is enough and that contract attorneys can be trusted because they have signed a non-disclosure agreement. This is a naïve assumption at best. An attorney once commented to me that if he wanted to become an inside trader all he had to do was walk down the hall of any law firm. Perhaps that is an exaggeration and perhaps not. The fact remains that, on most document review projects I have witnessed, law firms allowed contract attorneys to access the Internet from review computers/facilities, access personal email accounts, carry cell phone/cameras, USB storage drives and personal belongings into review areas. In some cases, reviewers conduct their work on computers with open USB ports and CD/DVD drives, and even work from home on their personal computers. Seriously??? How secure do you think any of that is? You might as well post the data on the Internet.

Perhaps law firms and onshore attorney staffing providers need to start taking lessons from offshore LPOs. Since their inception, LPOs (as the relatively new kid on the block) have been required to convince clients that it is safe to send data abroad for processing or review. They have had to employ aggressive security measures and state-of-the-art security technology to win the confidence of their clients throughout the world. LPOs have raised the bar for what constitutes a secure review or processing facility. On-shore providers need to play catch up, and in a hurry.

To ensure that client confidentiality is rigorously protected, service providers (including law firms) should employ a redundant security strategy that incorporates physical security, computer and data security, personnel security, and additional protocols. The following provides a good checklist of the security measures companies should require from their providers:

Physical Security

• Biometric access controls
• Audit trail records to identify the circumstances under which particular information has been accessed
• Secure off-site storage for digital audit trail records
• Biometric entry and exit locks keyed to individual reviewers to monitor access
• Additional badge identification
• Time, location, and information access restrictions
• Escort program for visitors
• Visual and motion detection surveillance

Data Security

• Information securely maintained and hosted by the e-discovery review application provider (e.g., Applied Discovery, Concordance, Kroll OnTrack, etc.)
• Secure web access incorporating Proxy/Firewall
• Each individual client team working on a local system based on a client/server architecture with a client controlled (U.S. based) data source supported by Citrix or other Windows-X platform
• PCs with biometric access, user tracking, limited user rights, and disabled media drives and communications ports
• Individual PC firewall and antivirus protection
• Network monitoring and tracking

Personnel Security Measures

• Comprehensive background checks – confirming credentials, past employment, and all references.
• Staff security training
• Full time on-site security personnel

Other Security Protocols

• Review team may not possess cell phones, cameras, or PDAs in secure areas
• No papers or writing instruments except as necessary for the project and which do not leave the work area
• Papers collected and securely shredded at the end of each work session
• All reviewers and personnel required to execute confidentiality and nondisclosure agreements upon hiring

These security measures and protocols are crucial in protecting clients’ information and maintaining a secure environment whether the review is conducted on-shore or off-shore. In the end, it is a company’s responsibility to inquire and ensure the appropriate steps are taken to ensure the security of their data.

WiE & Term Searches vs. Context/Conceptual Searches

Today, I attended a meeting of the LA chapter of Women in E-Discovery (WiE) - check out www.womeninediscovery.com. Great organization! If you are a member of the fairer sex, do join! Anyway, I digress. The topic of discussion was term searches vs. context/conceptual searches. After a very productive discussion, it appeared to this participant that our consensus was that whether you choose to pursue a term search or a context/conceptual search of the data depends on the type of case, the amount of data involved, the budget, the timeline and whether you know what you are looking for. The fact is that there is no one solution that fits all cases. Context or conceptual searches don’t necessarily replace term searches. Instead, they are another weapon in the arsenal. No matter which tool you choose; the key is to make an informed decision and QC the results. No tool is flawless.

I am curious, what do you all think about the debate between term searches and context or conceptual tools? Don’t be shy.

Congrats Mr. Hennessey…

I know this is old news, but because I was on vacation and prohibited from using my computer I am now forced to play catch up…. Anyway, it comes as no surprise that Joseph Hennessey of Newman, McIntosh & Hennessey voluntary dismissed his complaint against Acumen Legal Services and President Bush that sought an injunction against outsourcing. But I just want to take a minute to congratulate him for coming to his senses.
Unfortunately, it appears that at some point in the future Mr. Hennessey may revive his ill conceived and meritless crusade against outsourcing. He claims he would “rather litigate something with liability and damages” and plans to investigate if there have been any government interceptions of medical documents before he returns, and then return to court. Don’t hold your breath…