Updating security policies will allow document reviewers to complete projects successfully and provide exceptional service to their clients when working remotely.
While the long-term impacts of COVID-19 on eDiscovery services are not yet fully known, eDiscovery service providers are experiencing new challenges. Remote document review, in particular, is becoming increasingly prevalent as more attorneys work from home. The remote environment presents several challenges to review quality and information security. eDiscovery providers must work together with clients and carefully consider their needs and risk tolerances when adapting to new and evolving circumstances.
Review teams typically work under direct supervision in an office setting on authorized equipment, which helps management ensure established protocols are followed. Remote document review has changed this dynamic, forcing teams to quickly outline and adopt new security protocols. However, there are ways that eDiscovery providers can retain office-level security and continue to work efficiently. When developing a plan to address policy changes due to remote work, consider the following:
Plan ahead to meet remote viewing security and operational demands
As eDiscovery providers begin to update their security policies for potential long-term remote work, they should consult their clients, counsel, and partners. This collaboration will help create a comprehensive plan that addresses the necessary provisions involving multiple parties, which include: training, remote staffing, oversight, information security, and confidential information handling. Collaboration will also help create consistency.
Prepare the physical work environment
When considering where remote reviews take place, think about who is in this space and the equipment needed. Ask clients and partners about requirements surrounding the work area, including whether third parties are allowed in the remote workspace, what types of workspaces are acceptable, and how they conduct security compliance. It’s also helpful to determine client expectations regarding reviewer cellphones in the workspace.
Secure data access
When utilizing remote viewing services, there should be controls in place that work alongside physical restrictions to protect confidentiality and keep data secure. An access program or VPN and multi-factor authentication are great places to start. Ensuring programs are up to date and patches are completed when necessary will increase security and help create peace of mind for clients. It’s also a good idea to implement additional access point restrictions, such as limited registered IP addresses in each reviewer’s home office.
Determine devices to use for remote review
Remote reviewing of documents will require a device that provides advanced security and performance. Otherwise, there is a risk of vulnerabilities that could expose associated sensitive data. Be sure to discuss what devices are acceptable for remote review services with clients, counsel, and providers.
Remote work increases the chances of employees using personal devices for work-related tasks. Reviewers should check whether personal computers are permitted and what hardware and software securities should be used and installed. Some clients may even prefer a locked-down device dedicated to remote viewing duties. Communication and oversight software will likely be necessary when conducting remote viewing.
As the coronavirus pandemic changes traditional workplace dynamics, many organizations have adapted their remote reviewing policies. Although remote-work policy updates may be a heavier lift for eDiscovery professionals upfront, there are benefits for transitioning to an online review process, including the ability to increase the number of reviewers available worldwide, making it possible to complete more projects and decrease client response time. Carefully considering each aspect of of remote review and adjusting security policies will allow document reviewers the opportunity to continue to complete projects successfully and provide exceptional service to their clients outside the office.
Genta Spaho is a Senior eDiscovery Project Manager at LOGICFORCE, where she manages and plans eDiscovery projects, including identification, preservation, collection, processing, analysis, review and production of electronically stored information and paper documents.