How Unified, Cloud-Based Legal Repositories And Process Innovation Are Driving eDiscovery Efficiencies - Part II

Monday, May 2, 2011 - 01:00
Iron Mountain
Sanjeev Srivastav
David Bayer

Iron Mountain, NYSE symbol IRM, is a world leader in information management services, assisting more than 140,000 organizations in 39 countries on five continents with storing, protecting and managing their information. The following is the second of two reports based on a webinar presented on January 27, 2011 by David Bayer and Sanjeev Srivastav .

The webinar addressed how to combine cloud-based repositories, technology and processes to drive down legal costs and create eDiscovery efficiencies, with special focus on unified legal repositories to address both preservation and legal review challenges. Part I provided an introduction to eDiscovery challenges, including examples of actual client situations, and an overview of processes and key requirements for addressing these issues efficiently. Part II delves into how policy and security management operates within a unified legal repository and presents Iron Mountain's state-of-the-art solutions.

Part I Revisited

In Part I1we examined some of the core eDiscovery objectives that corporate legal departments are seeking to achieve today: improving their eDiscovery processes to achieve cost predictability, being proactively prepared for discovery issues in advance of specific matters, and simplifying eDiscovery workflow to establish a single point of accountability - all while ensuring defensibility across the eDiscovery lifecycle. The key to implementing a better eDiscovery process is to take a whole new approach - one that moves away from reactive, matter-driven eDiscovery practices and, instead, adopts a proactive approach predicated on systematic governance policies and workflow.

Using cloud-based technology, Iron Mountain Legal Discovery,, now provides a unified legal repository that enables corporate legal departments and their law firms to consolidate access to legally pertinent documents over time, leverage legal work product across matters and simplify the document review process. A unified legal repository is a cost-effective solution to manage eDiscovery across multiple investigations and litigation matters; securely share, reuse and repurpose work product across multiple matters; quickly identify and stage data for review in a defensible and auditable manner; and efficiently coordinate rich workflows and serial custodians across matters.

Deploying A Unified Legal Repository

A unified legal repository provides consolidated, intelligent access to documents and email aggregated from multiple custodians and multiple matters over time.Using the repository, organizations can collect and process documents once, subsequently tracking and managing the documents and/or associated work product across matters. For example, work product such as tags and annotations generated for Matter One can be saved to the repository and then accessed for later use with Matter Two. A third matter may then arise and pull a subset of documents and work product from the first two matters.

To quickly identify and securely deploy data for new matters, attorneys require real-time, consolidated access to aggregated data stored and managed in the repository. And because the unified legal repository can save and manage historical work product from multiple matters over time, it must provide sophisticated yet easy-to-use access controls and security policies to maintain confidentiality and privilege.

Matter Data Security And Access Control

Many attorneys are familiar with the policies for managing multiple review teams within the Iron Mountain Legal Discovery review platform. The document access controls and metadata security policies that lie at the heart of the unified legal repository build upon these matter-specific policies.

Restrictions, permissions and access controls are easy to manage within small, focused matters.But imagine a database containing millions of documents, with dozens of issue tags, multiple annotations, and various redacted and production versions under review by hundreds of reviewers organized into multiple review teams. Achieving efficient, high-performance review for this type of complex matter itself requires rich workflow and analytical tools. But ensuring that documents and/or work product - each with corresponding access control policies - are securely shared across multiple review teams (and possibly even opposing parties and/or the government) introduces another whole layer of complexity.

First-pass reviewers, more senior issue reviewers, expert witnesses and audit teams may each require access to specific subsets of the document corpus.Some documents may be accessible across all the review teams, whereas some may be restricted to specific reviewers. Work product requires even more granular security policies, since certain work product like tags, annotations and codings may be shared between various teams, whereas other work product, such as redactions, are not.

Unified legal repositories immeasurably raise both the technology as well as information management stakes. They must incorporate controls that allow user-appropriate access while preserving the security of unauthorized documents, all the while minimizing processing requirements while de-duplicating documents globally. As specialized teams come and go, the repository system must be agile, easy to customize and responsive to dynamic needs; thus, at some point, it makes sense to incorporate these systems into the larger corporate governance environment.

Global Policy And Intelligent Systems

Unified legal repositories must implement data access and security control policies not only within a single matter but across large numbers of matters. Each matter can support multiple review teams who may need to be granted access to documents and specific historical work product from one or more previous reviews.This geometrically increases the user population and customization requirements over time.

Embedding a policy engine into the unified legal repository is the most effective way to manage the heavy volume and complexity of document management within corporate legal departments and their law firms. Sharing documents across multiple matters, for example, involves recognizing data or work product overlap between matters and then gathering relevant documents into individual workspaces. Managing the aggregated documents and emails from investigations and litigation in a unified repository that assigns a globally unique identifier eliminates the need to maintain multiple and potentially inconsistent databases. This integrated environment, with fine-grained permission policies, allows you to make dynamic decisions and securely access documents and historical work product from prior matters - especially with fast-breaking investigations, as you can see if we return to the three examples that we discussed in the first part of this article.

The Real World Revisited

A multinational pharmaceutical client was struggling to deal with numerous regulatory investigations. There were over six million documents and about 1.4 terabytes of data across three large databases and four concurrent matters. When faced with a late document production request that entailed cherry picking approximately one million documents and then reviewing them in a very short period of time, reviewers had to perform massive cross-referencing for duplicate productions and confidentiality branding the final production. Moving forward, the unified legal repository as part of Iron Mountain Legal Discovery will help them manage this process and all the document metadata, reliably and on schedule.

A large national financial institution was forced to combine 24 million documents from multiple databases, a situation made more complicated by the fact that different technologies were used to process the documents in the first place. By consolidating the 24 million documents within a unified legal repository we were able to provide consistent capabilities across all documents and matters, including global de-duplication and greater control over their productions.

Concluding our real-life examples is the international investment bank that was subject to a large number of fiscal and regulatory investigations. To enable sharing documents and metadata across more than 40 databases, Iron Mountain created a repository environment to precisely manage the roughly nine million documents and facilitate the production of nearly two million documents in short order. Because privilege decisions were being reversed and documents were being clawed back, this process required a real-time, online system to manage these changes securely and without the need for manual administration.


Unified legal repositories are gaining prominence due to their ability to partition document sets efficiently, securely and cost-effectively. These systems reduce both processing and attorney review costs while harnessing the power of preexisting documents and/or historical work product. Enterprise clients are leveraging these repositories as part of a consistent, integrated business process.

Answers To Questions From Our Viewers

Iron Mountain believes in ongoing collaboration with clients and the legal community. In that spirit, the following addresses specific webinar questions about Iron Mountain's solutions and, we hope, will inspire others to contact us with comments and suggestions.

Do you host the solution or license the technologies to companies and firms? The unified legal repository that is now part of Iron Mountain Legal Discovery is a hosted solution, which speaks to the infrastructure requirements in terms of storage and availability as well as the security of partitioning requirements. It is critically important that clients have an easy-to-use interface to directly search the repository. We are trying to create a win-win situation by reducing the need for capital expenditures within corporate data centers while at the same time providing our clients as much control as possible over their portfolio and discovery matters.

Is a document's metadata changed when you manage it within the repository? No, the importance of the audit trail and defensibility is supreme. We extract metadata when data is ingested into the repository, and then we preserve and transfer it intact.

In purely practical terms, how can a unified legal repository assist corporate legal departments? The repository enables them to simplify their own workflow and better manage outside counsel. In general, they have better control over their global data set, and they can easily partition into new matters and assign individual security policies. They are able to reduce the actual review based upon prior work product. At bottom, a unified legal repository is an efficient, nimble, flexible architecture that corporate legal departments can implement as a proactive, integrated business process.

Is there a limit to how many matters the system can manage at any given time? The simple answer is no, though the system can be customized on this basis, allowing real-time synchronization for some matters and periodic data sweeps for others. The key feature is that the system can be scaled to meet individual client needs and volumes.

In terms of data duplication and its inherent dangers, is the data ingested into the repository a copy of an original document? No, in fact, the key features are the ability to process just once, use multiple times; de-duplicate globally; reduce storage requirements; and identify each document uniquely.The flexibility of Iron Mountain Legal Discovery enables matter-specific document versions to remain outside the data population. Specific productions and redactions, for example, can be matter-specific and maintained outside the unified legal repository for any reason; thus, the system can be useful simply as a filter for locating relevant documents and redacting them.

Is there a separate history of each document for each matter? Yes, and clients are using this feature with great satisfaction.

Does Iron Mountain offer other solutions that work with Legal Discovery? Yes. As discussed in this webinar, Iron Mountain offers Iron Mountain Legal Discovery, featuring our new unified legal repository, but we also offer the Iron Mountain eVantage on-premises early-case-assessment solutionthat can work hand in hand with legal discovery. Please visit our website at to view product information.

Iron Mountain helps corporate legal departments and their law firms manage information, reduce risk and facilitate the essential transition to an electronic corporate law practice. Iron Mountain's expertise has earned the trust of more than 97 percent of the Fortune 1000 and 10,000 law firms worldwide. A commitment to helping our customers control costs and improve productivity defines every solution we deliver. We welcome your emails with questions or comments.


1MCC's readers may refer to our April 2011 article entitled "How Unified, Cloud-Based Legal Repositories And Process Innovation Are Driving eDiscovery Efficiencies, Part I" at http://www.metrocorpcounsel. com/current.php?artType=view&artMonth=April&artYear=2011&EntryNo=12097.

David Bayer is the Director of eDiscovery Product Marketing with Iron Mountain. He is responsible for solution marketing activities with advanced information governance and eDiscovery solutions. Mr. Bayer has over 20 years experience in enterprise software with a focus on search, eDiscovery and advanced business analytics. Sanjeev Srivastav is the Vice President of eDiscovery Technology with Iron Mountain. Mr. Srivastav manages eDiscovery operations for the hosted Iron Mountain legal discovery service including eVantage, an on-premises early case assessment appliance. He also has many years of experience managing all aspects of eDiscovery services and is involved in over 1,000 projects covering all aspects of the EDRM framework.

Please email the presenters at and with questions about this webinar.