What is data mapping?
A data map is a comprehensive and defensible inventory of a corporation’s IT systems that store information, which may be relevant to litigation and other proceedings.
Data mapping also serves the purpose of identifying the potential sources of ESI (electronically stored information) and the location of those sources. Specifically, it should also include who manages those sources, and details about the scope of ESI available from each.
ESI Data Map Key Elements
There are a few key elements of an ESI data map. First, it should identify the IT systems most likely to be relevant based on the organization’s discovery portfolio. For non tech-savy individuals, the data map should also include a plain English description of the IT system’s purpose and role so that it is easily understood. Lastly, the data map should be able to provide answers to critical discovery questions about IT systems. Be sure to include any record retention policies, or policies focused on the purging, and deletion of ESI in your data map.
A data map can also help an organization understand its risk profile. Understanding your company’s risk profile will allow you to validate your understanding of the current state of data storage, and highlight if there is sensitive data in unknown areas of the network. By analyzing your risk profile, you can attempt to secure data and prevent loss, and gain visibility into risk data usage patterns while allowing your private information to stay secure.
Platforms to Include in your ESI Data Map
It’s important to know where all your information is located, and keep the log current by making regular updates. Maintaining an outline of where electronic materials and hard copy documents are stored, and who has access to them allows any information to be easily located if needed.
Consider including the following digital platforms in your data map that may hold crucial evidence at any given time:
- Emails and servers
- Text messages
- Voicemails
- Databases
- Blogs
- Instant messaging/Chat
- Cloud systems
- Audio recordings
- Digital Storage (i.e. iPads, CDs, DVDs, flash drives, backup drives)
- Mobile apps
- File hosting services
- Social Media (i.e. Twitter, Facebook, YouTube, Instagram)
- Online profiles
- Multimedia (i.e. photos, videos)
- Presentations
- Electronic logs (i.e. user log-in, user entry, Facebook “likes”)
- Security monitors
- Internet transactions
- Browser data (i.e. history, cookies, search queries)
- Digital footprints (i.e. IP location)
The dramatic growth in ESI presents a constantly changing environment that directly affects the risks, obstacles, expectations and methods you must face when it comes to eDiscovery. The inaccessibility of data can no longer be a crutch on which to rely on or petition the court regarding to expense of production. An updated data map that accurately depicts your IT systems and sources of ESI will streamline your legal hold and eDiscovery process should litigation arise.
