Tracking new regulations and compliance rulings from federal and state government can be dizzying—they include FRCP, HIPAA, GLB, and more. But now more than ever, the government expects all businesses to comply, not just large corporations.
Today, every company is responsible for its data and for securing its customers’ information, no matter how much it costs to do so. In today’s litigious business world, the possibility of being dragged into a lawsuit is very real, and if that happens, you will likely need to make your information available to the process. And woe to the company that cannot comply with basic regulations, because a judge will not accept that you thought those requirements applied only to the big companies.
A good example is a recent investigation involving Freddie Mac. A small agency working with Freddie Mac was pulled into the investigation, and the agency had to complete a request by the government for an electronic discovery search. The agency assumed the cost would be minor, but it did not have an automated approach to managing its data in place. The inaccessibility of the data required an army of attorneys and staff to perform a hands-on physical review. The cost came to $6 million. When the agency sought relief, it was turned down by an appeals court. It should have known better.
So here are some first steps to avoid future problems: