Data privacy issues continue to be a major topic in eDiscovery and litigation, but it can be difficult to know exactly what is required by law to protect customer information.
This article discusses how the eDiscovery process should be handled differently from normal work, how attorneys can help ensure data privacy and why it matters, and what can happen if eDiscovery doesn’t follow the rules.
What is eDiscovery?
This relates to the collection of electronically stored information (ESI), such as emails, text messages, spreadsheets, photos and databases that may be relevant in a dispute. Throughout the eDiscovery process, data protection and privacy are of paramount importance.
In addition to court cases, other examples where eDiscovery could come into play include internal investigations; regulatory compliance audits; intellectual property infringement claims; conflicts between shareholders; and requests for public records.
What is Data Privacy?
An individual’s right to privacy is protected by various laws and constitutional rights. In simple terms, this means that information about you should be kept confidential unless you give your permission for this information to be made public.
There are exceptions, however, such as when required by law or when a government agency (such as a court) requests access. When a person has given his consent, he can revoke this consent at any time.
It is important to understand what data privacy means when it comes to e-discovery because sensitive information is often involved in litigation; if not handled correctly, they could potentially harm those involved, which is not good for anyone.
What are some concerns about privacy breaches?
Privacy breaches raise two main concerns. The first is what happens in the event of a data breach and the theft or disclosure of personal data. It can be as minor as a hacker breaking into your website or as serious as a state-sponsored attack on your business.
The second concern is what happens when you accidentally violate privacy laws by mishandling information during eDiscovery. Either way, your customers will have their information exposed, which could lead to identity theft and other issues.
You need to understand how laws like GDPR can impact your eDiscovery. For example, due to data privacy laws, if you are involved in a private trial involving discovery, you may not be able to review all of your opponent’s files.
But what exactly is data privacy? It refers not only to data security, but also to privacy issues related to information law. To understand your rights and responsibilities under data privacy law, read on!
What can you do to prevent data privacy breaches?
It is crucial to be aware of the personal information you have on file and to keep it safe. If you don’t want your data used or shared without your permission, make sure you don’t do any of these things
- Don’t provide too much information on social media: You need to be selective about what you post online, and that includes everything from your location (there are apps that track where you are at all times) to details of your work (you never know who might try to hack your account).
- Be careful with emails: if possible, use a different email address for work than for social networks so that private messages can remain private.
- Don’t sign up for a free trial that requires an email address;
- Do not use public computers to access sensitive accounts (such as bank accounts);
- Change passwords often;
- Check privacy policies before downloading an app;
- Use a different password for each account.
These simple steps can help ensure that your private information stays private.
What to do in case of violation
When you believe your private information has been accessed without authorization, you should contact your state attorney general’s office. For breaches of medical records and health insurance information, call your health care provider directly.
Each state has different laws on how long companies have to notify individuals of breaches or unauthorized access. Each state also determines what counts as private information and what actions can be taken in the event of a breach or unauthorized access to personal data.
If you have questions, find a lawyer who specializes in privacy laws. These lawyers are usually experienced in data privacy and can give you some insight into what you or your business are likely to face.
Be sure not to assume that lawyers will know everything about a new law – many law firms may need some time for everyone to familiarize themselves with all of its details, which can take weeks or months after its entry into force.
There are many ways to reduce your privacy and eDiscovery risks. Some of them are general, like making backups; while others are specific to your situation, such as storing less data or saving only data relevant to your business.
But however you go about it, reducing privacy and eDiscovery risks is a good practice that will pay off if you ever need to. In most cases, organizations have more control over what happens during the early stages of eDiscovery than what happens during the later stages. For example, an organization may decide not to collect certain types of information at all or simply not to record certain information as part of its regular operations. If there is no data to collect and retain, there will be none left for later stages of discovery.
Data mining or eDiscovery improves steadily, but data privacy improves rules or guiding laws that do not meet litigation or investigation requirements. You or your attorney should understand the compliance necessary to prevent data breaches that are not authorized by law.
Be intentional and plan ahead to avoid facing data breach issues in litigation or business transactions.