A Winning Strategy to Developing a Corporate Legal Hold Playbook

Bobbi Basile | February 12, 2015

A legal hold is the term used to describe the actions an organization must take in order to preserve all forms of relevant information when a legal obligation arises; it is the first critical step in an effective electronic discovery program. While much has been written about the legal requirements and the pitfalls of failing to effectively implement legal holds, for today’s purposes I will address the processes and decisions that should be considered when developing a Legal Hold Playbook.

It’s no coincidence that the triad for a successful initiative – people, process and technology – enumerates technology as the third element. By necessity, the people need to be identified to initiate and own the processes, and only then can the requirements for the supporting technology be defined.


An organization must first decide when a legal obligation arises to preserve relevant information. This is often referred to as a ‘trigger.’ In other words, companies should consider which business events necessitate the initiation of the legal hold preservation workflow. A review of the litigation and investigations portfolio and interviews with key stakeholders (e.g., Human Resources, Audit, etc.) can aid in the decision process. Considerations should include:

  1. When to issue a hold
  2. When and how to release a hold
  3. The frequency and intervals of reminders to “refresh” the content of the hold notification (redefining the scope of the hold to clarify the subject matter, time period, etc.)
  4. The logistics of ensuring the preservation of sources of data not associated with a specific individual [A1] (e.g., Information Technology, Human Resources, Records Management, etc.).


Custodian is a fancy term for a ‘person who creates or has in their possession’ relevant information. The process of identifying and prioritizing custodians must be defined and documented. An organization is a fluid environment with employees transitioning internally and exiting on a regular basis.  Determining the identity of the appropriate people with knowledge of a retrospective fact pattern can turn into a frustrating game of Clue, the Corporate Edition. Documenting the resources to consult within the organization will not only expedite the process, but help to ensure that important custodians, or data sources, are not overlooked. Furthermore, the identification of custodians is not a one-time event in a matter and the frequency to add custodians or data sources needs to be documented as a repeatable procedure.

Once the custodians are identified, it is essential to gather and document their patterns of behavior as they relate to creating and storing information. The questions used to elicit this information are often referred to as a ‘data-usage questionnaire.’ The information elicited should include the devices a custodian uses, where he/she stores data (c: drives, network drives, thumb drives, etc.), the use of third-party email applications, etc. The questionnaire should be standardized, documented and refreshed as information is gathered throughout the case and as fact patterns emerge. The data-usage questionnaires inform the downstream collection of relevant data.

Data Sources

Understanding where data is stored, how it is stored, frequency of back-ups and the logistics of collecting data from each location is a topic worthy of its own lengthy discussion. Suffice to say, a Legal Hold Playbook should include, at a minimum:

  1. Where data is located (active and back-up) and how it is preserved
    • User-created data
    • System-generated data
  2. Data preservation related to employee transitions
  3. Third-Party data (contractors, “cloud” storage, SaaS environments, etc.)
  4. Data preservation in regard to business acquisition and divestitures
  5. The process to identify protected or confidential content


The legal hold process should be designed and managed in a manner that permits matter-level and cross-matter reporting. By designing the process with the end in mind, you will be able to develop reports that will be useful in managing the legal hold process at both macro and micro levels.

To aid in estimating the overall scope and budget, matter-centric reporting should include: the status of the hold notices, data usage questionnaires with incomplete responses, the status of data preservation efforts and metrics of the data preservation. The metrics reported should enable counsel to present compelling fact-based burden and expense objections to manage the scope of discovery effectively.

Cross-matter reporting should be designed to enable an organization to gather metrics across all matters to determine the volume and identity of custodians on hold, the volume of data subject to preservation (custodian-based and non-custodial data sources) and which custodians and data sources are on overlapping holds.

In addition to addressing triggers, custodians, data sources and reporting, it is essential that a Legal Hold Playbook include overarching protocols and procedures, such as:

  1. Roles and responsibilities between stakeholders (Legal, IT, Business Managers, HR, etc.)
  2. Escalation procedures
  3. Preservation procedures per data source/data type (e.g., how to preserve mobile devices, cloud-based data, etc.)
  4. Issuance of holds (content and logistics)
  5. Release of holds (when and how)

Once the strategies, protocols and processes are defined, an appropriate technology can then be selected to automate the procedures to implement legal holds. Ultimately, the defensibility of a company’s Legal Hold Playbook will rest on the soundness of the decisions and effectiveness of the processes and not the technology employed.