Corporations face significant legal and regulatory risks. Federal, state and even foreign governments regularly examine the operations and output of US public and private companies. Most companies face compliance issues, questioning whether their operations run afoul of legal or regulatory requirements. And plaintiffs file lawsuits to question or obtain damages from alleged corporate misconduct.

When presented with evidence of wrongdoing, corporations should launch an investigation to gather and understand the facts so an executive team or board of directors can make informed decisions on how best to proceed. 

Beyond fact gathering, conducting an effective internal investigation can benefit a company in many other ways. Investigations can stop illicit conduct and prevent further violations. They can memorialize a company’s good-faith response to regulatory inquiries, insulate executives or boards against allegations of complicity or conspiracy, and promote a culture of transparency and compliance throughout an organization. Investigations also help a company prepare for anticipated litigation and regulatory investigations.

A corporation can achieve all the benefits of an internal investigation when it deploys a records management policy and proper document collection and review software, including tools for mobile phone data acquisition. It would be best to promptly investigate a trigger event, such as a complaint or workplace issue that presents health and safety concerns, or if you anticipate possible litigation or a government investigation.

Create a plan that details the scope and goals of the investigation with clear objectives, a roadmap, and a timeframe with milestones to complete, including a report to document the research and respond to internal and external stakeholders.

The scope of the investigation should define the subject matter and create objectives to meet specific goals. Properly scoping the investigation can avoid scope creep and keep the research focused and on time. Defining a timeframe allows you to identify relevant custodians and ESI sources. A roadmap should identify tasks to accomplish key objectives and help form a team armed with the software tools needed to achieve a successful investigation.

The Right Team and Tools

Part and parcel to identifying a team with full accountability to complete the investigation starts with providing them with proven technology and processes. The organization should have a records management program featuring litigation hold procedures that mandate that potentially relevant electronically stored information (ESI) is maintained and accessible when litigation or a government investigation is reasonably anticipated. The program should include a data map of all ESI sources and locations (plus the applications employees use) for the team to collect relevant data before it disappears. It is important to note that relevant data is no longer limited to traditional file shares, databases, and email.

Many organizations allow employees to use personal cell phones, cloud-based storage, social media platforms, and other technologies to conduct business. Your team should possess the technical expertise to understand how employees use smartphones and apps, including data maps that reflect redundancy, synchronization, and backups. Considering the amount of data likely available for an investigation, including personal data, counsel and eDiscovery support specialists should incorporate concepts of proportionality and privacy in data collection for investigations and litigation.

A business organization must recognize that investigations, whether for litigation or regulatory purposes, involve people with privacy concerns, regardless of corporate policies. Although companies should thoroughly investigate issues, they must find a balance between collecting relevant information and protecting private information irrelevant to an investigation. That balance must be proportional to the needs of the case and consider individual privacy interests.

In litigation, parties may obtain discovery regarding any nonprivileged matter that is relevant to any party’s claim or defense and in proportion to the needs of the case considering, among other things, the importance of the discovery to resolving the issues and whether the burden or expense of the proposed discovery outweighs its likely benefit. When it comes to mobile phone discovery and personal data, many see a burden in collecting relevant data when it’s intermingled with private, irrelevant data. But that’s simply not the case when ModeOne’s SaaS framework is one of your team’s primary tools for smartphone data discovery.

ModeOne’s patented technology collects data from Apple and Android smartphones for litigation, compliance, and investigation purposes and can focus the collection exclusively on data within the scope of discovery for review. ModeOne uses a remote, targeted smartphone collection technology and proven processes that recognize individuals’ privacy interests in their smartphones and generally their right to control their personal data.

In summary, a successful internal investigation requires a comprehensive plan with a defined scope, objectives, timeframe, and roadmap implemented by a knowledgeable team armed with state-of-the-art tools like ModeOne’s SaaS framework. Using ModeOne, case teams, eDiscovery experts and digital forensics professionals can discover relevant smartphone data proportional to the needs of a case without intruding on a custodian’s personal data and privacy.  Simply, with the right tools, the needs of all constituencies can be satisfied.