Follow Datanami:
June 18, 2024

It’s 10 pm. Do You Know Where Your Company’s Data Is?

Kristin Zmrhal

In an ever expanding digital world, over 40% of companies still don’t have a grasp on their organization’s data footprint. Mastering data governance in today’s landscape is a pressing necessity; however, effective data management isn’t every organization’s forte. Law firms, for instance, excel in and are valued for their legal expertise, but often fall short in data proficiency. Similarly, financial organizations prioritize services and tools that offer financial advice, and healthcare providers focus first and foremost on patient care. Poor oversight can lead to data hoarding, inefficiencies, and increased security vulnerabilities.

Many organizations frequently grapple with data management challenges, and struggle to track their data amid a proliferation of new applications and digital communication tools. This struggle not only causes operational inefficiencies but also heightens security risks such as cyber hacking and ransomware attacks. Poor data management often results in an abundance of ROT (redundant, obsolete, and trivial data), inflating storage costs and creating potential security gaps.

In today’s interconnected world, a robust and collaborative data management strategy is essential for legal teams within organizations in every sector. The rise of collaboration platforms like Slack, Teams and Zoom demands clear and immediate communication, stringent policies, and a savvy use of modern technologies.

By adopting a strategic approach to data governance, legal teams can streamline their operations, enhance security, reduce regulatory risks, and ensure their data is always within reach.

Establishing Clear Communication


Effective data management hinges on clear communication between key stakeholders so as to understand their roles and responsibilities. This requires collaboration between IT and legal teams to develop comprehensive data policies and employee training programs. Simply having a policy that no one knows about or understands is ineffective.

To begin, IT leaders must establish clear goals and responsibilities for data management. For example, consider the technology available to employees and the potential for this information to become relevant in a legal dispute. When a legal team becomes aware of a new data source at the time of the dispute, it triggers a rushed and often costly process to gather and review data. To avoid this, legal, procurement, and IT departments should work together from the start, identifying the most widely used applications within the organization and ensuring they understand how these tools will be utilized.

Regular communication channels for data-related updates are equally crucial. Engaging the legal team during software procurement–beyond just contract reviews–can make a significant difference. This involvement should include understanding how data will be maintained, where it will be stored, the type of content it will handle, and identifying the administrator. For instance, when a company adopts a new product management tool, involving the legal team early on can help set up data governance protocols that prevent future headaches.

By fostering open lines of communication and involving key stakeholders from the outset, organizations can create a robust data management framework that preemptively addresses potential legal issues and keeps everyone on the same page.

Crafting Overarching Data Retention Policies

Developing robust data retention policies ensures that data is retained for the appropriate duration, disposed of securely, and adheres to regulatory and compliance requirements.


A good first step is conducting regular audits to verify compliance with data retention policies and identify any areas of non-compliance. By leveraging automated tools and technologies, organizations can streamline the auditing process, ensuring consistency and accuracy in data assessments. An organization might use these tools to check if their data complies with GDPR, HIPAA, or PCI DSS, depending on the nature and scope of the data.

Educating employees on the importance of data retention and disposal is also critical to maintaining organizational compliance. For example, an organization can implement comprehensive training programs that include practical exercises on proper data labeling and retention. These programs can feature interactive modules where employees practice categorizing and labeling data according to its retention period and sensitivity. Additionally, creating easy-to-reference guidelines and quick-start guides can help employees follow proper procedures consistently.

Regularly reviewing and updating retention schedules ensures that data management practices stay aligned with evolving regulations, industry standards, and organizational needs. This proactive approach helps legal teams within all organizations maintain compliance and security while adapting to new challenges. By staying ahead of regulatory changes and industry trends, companies can ensure their data retention strategies remain effective and relevant.

Leveraging Modern Technology

By harnessing AI and modern technologies, organizations can significantly streamline data management processes and reduce errors such as data inconsistencies or incorrect data classification.


AI is already transforming the way the enterprise world handles data by eliminating tedious manual data management tasks. For example, corporate legal teams are starting to use generative AI to quickly categorize and manage documents, and drastically reduce the time spent retrieving relevant case information. This means lawyers can focus more on what they do best–strategizing and advocating–rather than getting bogged down in administrative tasks.

Moreover, robust data encryption and secure storage solutions are essential for protecting sensitive information from unauthorized access or breaches. Cloud-based data management systems take this a step further, offering enhanced security and accessibility. Contrary to popular belief, the ABA highlights that most attorneys will need to use encryption at some point in their career to avoid ethics violations.

The benefits of cloud-based solutions don’t stop at security and accessibility. They provide scalable storage, powerful processing, and the capability to analyze vast amounts of data, ensuring resilience and availability when needed.

Future-Proofing Your Data Management

Effective data management is essential for legal teams across all sectors to operate efficiently and securely in today’s environment.

Looking ahead, the integration of advanced technologies will continue to reshape data management practices, enhancing data security, driving efficiency, and unlocking new opportunities for growth and innovation.

To stay ahead and thrive in this data-driven era, legal teams must cultivate a culture of continuous learning and improvement, and should be empowered with the knowledge and tools to ensure data security and integrity.

From setting communication protocols to developing comprehensive data retention policies and utilizing advanced technologies, legal teams can navigate the complexities of data management, safeguard their assets and always know where their data resides.

About the author: Kristin Zmrhal is the vice president of product strategy at DISCO, a provider of e-Discovery solutions for law firms, corporate legal teams, construction, energy, and educational organizations. Kristin joined DISCO in 2018 and has held various leadership roles including in professional services, client success, and product strategy. Before her tenure at DISCO, she spent nearly eight years at Google’s Mountain View, California headquarters, where she oversaw the e-Discovery project management and operations team. Kristin began her career in the early 2000s as a consultant in litigation support and ediscovery, managing significant litigation and regulatory projects for multinational corporations and their legal teams. She earned her Bachelor of Science in Economics from Miami University in Ohio and holds an MBA from the Haas School of Business at the University of California, Berkeley.

Related Items:

Data Is the Foundation for GenAI, MIT Tech Review Says

Data Quality Is A Mess, But GenAI Can Help

GenAI Is Putting Data in Danger, But Companies Are Adopting It Anyway