The Federal Rules of Civil Procedure govern how we exchange information with our opponents in a lawsuit. Even before a lawsuit is filed, you have an obligation to preserve information that may be relevant if you have reason to expect that a lawsuit may be filed (based on a government inquiry or a nasty letter from a lawyer).

In the past, that was simple. You sent out a memo instructing everyone not to throw away or destroy anything important. When the lawsuit arrived, you made photocopies of everything and gave them to your lawyer. Pretty straightforward.

More Data than You Can Hit with A Stick

Then along came the Internet, and things got complicated. Today, more than 95 percent of business information is generated and stored electronically, and more than half of that never is printed in paper form. Even when it is printed, the paper version contains only a fraction of the information contained in the electronic form—which often includes metadatadata about when, how, and by whom it was created, modified, viewed, transmitted, and deleted.

To further complicate matters, the same document may reside in several locations in several different formats. The amount of information available is staggering.

In recognition of this complex reality, the Federal Rules of Civil Procedure were revised in 2006 to cover electronic data. When you suspect that you may be sued, it's no longer enough to print a copy of critical e-mails and put them in a file. You now have a duty to preserve the information in its various electronic formats. If you don't take adequate steps to preserve the data, it may cost you.

Plan Now or You Might Pay Later

If you wait until you're sued or even when you first suspect a lawsuit, it will be far too late. There's too much electronic information in too many places to try to locate and freeze it when you get your first nasty letter from an employee's lawyer.

First, meet with your IT personnel or vendor and inventory all the possible sources of electronic data. Then develop a litigation plan that identifies who is responsible for what.

Second, develop a document-retention policy that sets destruction schedules based on the type of document, applicable legal requirements for the document type, and the realistic business need for the document.

Finally, make sure that document-destruction procedures can be suspended quickly when the lawyers call.