What is the CEO’s role in eDiscovery and how does a head cheerleader protect its organization?
The CEO’s role in eDiscovery is no different from that of the Chief Executive Officer in any organization, which is, in essence, the ultimate team leader. The CEO’s primary function in this arena comes down to two critical tasks:
- The CEO, as with any process within the organization, must make certain that those in the C-Suite with eDiscovery responsibilities are adequately and properly fulfilling their duties.
- Just as importantly, the CEO must be the cheerleader – making it clear to the entire organization the importance of eDiscovery responsibilities and obligations, so that team members in every corner of their organization understand, embrace and meet those expectations.
Ensuring C-Suite Compliance
A large part of a CEO’s role in any organization is to ensure that the organization’s leaders fully and properly fulfill their individual roles and are prepared for whatever they may face – including legal events. Starting with the Chief Legal Officer (or General Counsel), the CEO should require routine reporting and certification that the legal team has considered, planned and prepared for a legal event. The CEO need not dig into how the sausage is made, but they should know that it’s being addressed and handled properly.
The CEO should understand the CLO’s obligations and regularly question the CLO during routine one-on-one and C-Suite meetings to confirm that appropriate planning and preparations have taken place and that those plans are actually working as expected when implemented.
That same basic check-in and questioning should take place with each member of the CEO’s C-Suite team:
- Have the CISO, CFO, CCO, CTO and CHRO each fully evaluated their individual responsibilities and taken steps to ensure that their teams have plans in place that can be quickly and efficiently executed when a legal event occurs?
- Do they routinely examine and test those plans? How have those plans performed when actually implemented? What metrics were measured and examined to determine that?
- Do each of them perform post-event reviews of those plans to measure their effectiveness and implement any changes, updates or improvements learned during actual legal event implementations?
- Are all members of your C-Suite team working together to develop, test and implement those plans?
These are not new concepts; process definition, creation, testing, implementation, review and updating are tried-and-true steps common to any business practice. It’s the CEO’s responsibility to ensure that the C-Suite team is taking the same approach to eDiscovery as they would to any other routine business process.
This is especially crucial in organizations that regularly deal with legal events. The more litigious your organization, the more important it is to make sure that your team has clear, well-defined, effective and efficient plans in place to deal with litigation. Lacking these plans, your legal events can create chaos, disrupt employees’ daily workflow, and cause huge (though easily avoidable) expenses that have the potential to derail your entire organization.
The CEO as the eDiscovery Cheerleader
One thing new CEOs learn rather quickly is that they must be careful when talking about any topic, as whatever they mention often becomes the focus of employees throughout the organization. I personally learned, for example, that I couldn’t just casually mention some new feature I thought would be great to see eventually get worked into a software program my development team was creating. I found that, intended or not, my hallway musings suddenly would become the focus of team conversations and could even derail development pipelines. This was a valuable lesson in the power of the CEO’s voice at every level of the organization—a powerful tool indeed when wielded correctly.
This starts with the C-Suite. By simply asking your C-Suite team about their plans and preparations for legal events, you are making it clear to your team that you expect them to take these obligations seriously. Your CLO/GC will feel empowered and will face much less resistance from the rest of the C-Suite team in building such plans when you’ve made it clear that it’s a priority of the organization from the very top, not just a legal department initiative.
Beyond your communication with C-levels, it’s important that you put your stamp on eDiscovery efforts throughout the organization. For example, your CLO/GC might send an email to the organization about document retention requirements or about a new legal hold solution or about a training session on these topics. The CEO’s role in eDiscovery includes lending your voice to those general announcements and making it clear to the entire organization that those announcements are something you, as the leader of the organization, take very seriously. Emphasize that these are items to which you expect everyone, at all levels of the organization, to devote careful attention.
Indeed, we often suggest to our clients when implementing a new legal hold solution that the CEO (either alone or jointly with the CLO/GC) send out an email announcement or talk about the new solution in their next internal organization-wide town hall conference if they conduct such events. If, for example, the CEO tells everyone in the organization: “We’ve selected this new platform, it’s an important tool in ensuring that we meet our legal obligations, and I expect you to fully and quickly comply when you receive a notice from this system,” you will be astounded how effective that can be.
Making Plans You Hope You Never Use
In the end, as with anything else in the business, the buck stops on the CEO’s desk. And that’s true whether the CEO is directly involved or not. Think of this as you create and update your Business Continuity Plan (BCP). While your actual role within the plan may be more essential and central, most of that plan is worked and implemented by other members of your C-Suite.
Most CEOs don’t, for example, come up with plans on how the company will deal with a cyberattack, nor will they jump into action directly with servers and networks if such an attack occurs. But an essential part of the CEO’s role in eDiscovery is to make sure a plan is in place, that it’s routinely tested and updated, and that when it’s needed, the right people are taking the right steps to implement that plan.
When it comes to eDiscovery, a CEO may not spend much time in the deep end of that pool. But if the CEO doesn’t ensure that their team is prepared for a legal event, then when a legal event sends the company into chaos (or worse), it’s the CEO who will have to answer for that lack of preparedness and risks to the organization (and ultimately, its shareholders).
The last thing a CEO wants to answer in a deposition, or to the Board or anyone else, is why the organization failed – in anything. So, just like any other aspect of your organization, as the ultimate leader, with ultimate responsibility, it is your role to understand enough about the obligations a legal event will create and ensure that your entire C-Suite team – and thereby your company – are well prepared.
Safeguard your organization now for litigation ahead.
Here at BIA, we routinely help our corporate, governmental and other organizational clients develop, test, review and implement eDiscovery plans, workflows and playbooks. Reach out to us today—we can help you and your C-Suite team with that process. Fulfilling the CEO’s role in eDiscovery means you’ll never have to answer for why your organization was caught unprepared when your next legal event occurs.