In the first six months since sweeping changes altered the Federal Rules of Civil Procedure for federal court cases, some large insurers are making progress in revising their operations so they can preserve and produce electronically stored information--if and when needed.

The federal rules, which were amended last December, require parties to any federal court civil dispute to meet early to discuss so-called "e-discovery" issues related to preserving and producing e-mails and other ESI. For most companies, complying requires significant re-engineering, especially to make stored data available and searchable.

The challenge for the insurance industry is particularly important because of an insurer's dual role: It is both a large corporate entity--that may itself be sued--as well as the insurer of corporations for which it provides defense coverage as part of policies that protect them from liability or directors and officers risks.

As such, insurers now face higher litigation costs for themselves and their insureds as well as increased costs for new hardware and software to fund more sophisticated records management programs. They also must fund better training and coordination for legal and information technology staff, which must cooperate more closely than ever before.

Opportunity to Retool

If handled correctly, though, the challenge will become a long-term opportunty to streamline and rationalize records management for both insurers and insureds alike.

Insureds, though, are expected to face increased scrutiny from underwriters of liability and D&O policies about their own data management programs, which may be reflected in future insurance premiums.

The new requirements--and the state court equivalents that are being developed--must also be coupled with recent case law developments that increase the obligation of a plaintiff or defendant to preserve documentation from the time the dispute became reasonably likely, said Jon Neiditz, an attorney in the Atlanta office of Lord, Bissell & Brook L.L.P.

The federal requirements represent "a big change in practice," because they mandate early meet-and-confer discussions that must include information about material that won't be produced, Mr. Neiditz said.

The requirements are particularly challenging because of the wide variety of digital information in e-mail, text messaging, word processing files, spreadsheets and databases. Huge quantities of frequently redundant data are processed through insurers' headquarters and on employees' personal computers and handheld devices. In addition, a company's backup data often is archived offsite for security purposes.

Currently, 60% of corporate data resides in, or is attached to, e-mails, the National Law Journal estimated last year.

In litigation, "e-mail provides the smoking guns--casual, colorful communications," Mr. Neiditz said.

The new federal rules are especially important to insurers, because "the insurance industry is significantly more litigious than any other industry," said Marie-Charlotte Patterson, vp of market strategy for AXS-One Inc. in Rutherford, N.J. About 40% of the software company's clientele is in the insurance or financial services industries.

"Insurance companies, historically the object of disputes brought by policyholders and class action claimants, are by far the biggest litigation magnets," according to a 2006 survey by Houston-based law firm Fulbright & Jaworski L.L.P. "The approximately 1,700 cases pending by the average insurer was more than five times the average tally posted by the next highest sectors" of energy, retail and financial services, according to the survey of 422 in-house law departments worldwide.

Such cases continue to mount as "more than half of insurance company counsel reported taking on 50 or more new lawsuits in the past year," the survey said. "Insurers appear to get embroiled in the biggest stakes cases--17% reported having more than 50 lawsuits pending with at least $20 million at issue. By contrast, only 6% of energy companies reported more than 50 suits in the $20 million or greater range."

Good Faith, Bad Faith

Given the high volume of litigation, insurers should be particularly interested in the so-called "safe harbor" provision of the federal rules that "offers limited protection when ESI no longer exists," Mr. Neiditz said. "Absent exceptional circumstances, discovery sanctions may not be imposed if ESI has been lost as result of the 'routine, good faith operation' of a computer system," he said.

"Consistent and appropriate records management operations are now becoming a cornerstone in the plans of many organizations to establish 'good faith' for purposes of that provision," Mr. Neiditz said.

In addition, all companies should strive to comply because it helps avoid the bad-faith label that plaintiffs can apply when their discovery requests are unmet as well as court sanctions plaintiffs can seek, said attorney Dennis Steckler, Downers Grove, Ill.-based senior solutions architect and alliance manager with Patni Computer Systems Inc., a consulting firm with worldwide headquarters in Mumbai, India.

Complying with the e-discovery requirement also helps companies avoid sanctions including default judgments and "adverse inference"--judges telling jurors that they can assume that missing e-mails contained damaging information, Mr. Neiditz said.

Missing ESI could result in millions of dollars in fines as well as punitive damage awards, attorneys say.

Most consultants say insurers are aware of the challenges and are taking steps to address them.

"Insurers are at the front end of the curve" in responding to the challenges of e-discovery, said Christopher Kruse, president and CEO of CaseCentral Inc., a San Francisco-based consulting firm on litigation and regulatory projects for insurers and attorneys.

"Insurers are probably ahead of individual companies" and are "very involved," Mr. Steckler said. "Any large company--and the top four or five brokers--are actively working on it."

Smaller insurance-related companies, such as managing general agents, may have to struggle although there is help available to them, he said.

"Some insurers have been addressing e-discovery demands over the past few years," but the pace of activity increased since April of last year, said Mr. Neiditz, who has helped more than 100 insurers and reinsures deal with e-discovery issues. They are establishing preservation processes and protocols as well as training employees, he said. They also are addressing how to develop record management programs that can be administered consistently.

Ms. Patterson, though, has a different perspective. "For the most part, insurance companies have been caught off their guard with the changes to the Federal Rules of Civil Procedure," she said. "In the vast majority of cases, IT is out in the cold and not ready."

Boardroom Interest

Until a year or so ago, data management was a back-office function. As a result of the change in discovery rules, though, a company's board of directors is becoming more interested in how its information technology system works, Ms. Patterson said.

From an IT perspective, "e-discovery is further expanding how data and information must be managed and who needs access to use and (should) have access to it," said Aimee Siliato, director of government relations and the Data Management Department at the Insurance Services Office Inc. She also is president of the Insurance Data Management Assn., a voluntary organization of data management professionals. Both are based in Jersey City, N.J.

IT professionals no longer merely manage statistical and financial data, she said. The e-discovery regulations emphasize that "data is by far one of the most critical assets" of an insurance company, she said. The requirements mean there are investments to be made in IT in addition to "some pain" in bringing them into operation, she said.

"It's an enormous task," Mr. Steckler said. "For most companies, it is a significant re-engineering effort."

For example, a large part of the project stems from insurers' need to document their own policies and rethink their document-destruction policies, he said. Many companies with paper-based documents destroy them in accordance with regulatory requirements, which typically allow destruction after a five- to seven-year period, Mr. Steckler said.

If an insurer has outsourced its IT services, it is important that vendor contracts contain strong indemnification provisions that benefit the insurer, consultants say.

In addition, there is a great need for closer coordination between an insurer's general counsel and its IT staff. They must be "on the same page," Mr. Kruse said.

One approach that some insurers have found helpful is to appoint a document coordinator for each business unit, such as an insurer's claims department, Mr. Neiditz said. That person would be responsible for communicating policies to other staff members, among other things.

"Managing ESI is an enterprisewide activity that requires uniform records management policies and the technology infrastructure to automate and enforce them," according to "Managing Litigation Costs and Complexity," a white paper by CaseCentral.

CaseCentral recommends what it calls "discovery life-cycle management" to enable companies to make every stage of discovery efficient and "a repeatable business process," it said.

Such a repeatable process "is reasonable and defensible, which is exactly what companies need to be compliant with" the federal discovery guidelines, it said. In addition, that process reduces costs, minimizes disruption, boosts responsiveness and reduces the risk of inadvertently producing information that is unnecessarily damaging.

Specifically, such a solution "features a unified repository; automated, rules-based workflow; and audit capabilities" that enable a general counsel "to effectively capture, share, manage and store information," the paper said. "Once evidence enters the repository, retention policies ensure that litigation holds are enforced. During review, all annotations, redactions and designations become part of the evidence metadata. Instead of treating each new matter as a one-off entity, the company's legal team can reuse information effectively and leverage prior document reviews," it said.

The cost of compliance

Complying with the requirements of federal law as well as case law "absolutely" increases insurers' costs because the amount of information they must track and control has grown exponentially, CaseCentral's Mr. Kruse said.

For many large insurers, the cost of dealing with the e-discovery issue has doubled or tripled over the last two years, he said. "The costs have a longer tail--a minimum of five years--than anyone wants," Mr. Kruse said. Ultimately, though, those costs should decline once companies have improved their records management systems, he said.

Predictions vary about the impact of e-discovery on litigation costs.

Theoretically, it may increase the cost of litigation involving individual plaintiff's who aggressively seek e-discovery, Mr. Neiditz said. In addition, e-discovery requirements may reduce the amount of business-to-business litigation because each side will prefer to settle rather than meet the requirements of the amendments to the Federal Rules of Civil Procedure, he said.

As the insurance industry becomes more accustomed to dealing with e-discovery exposures, insurers may tighten underwriting guidelines for insureds seeking to renew D&O or some liability coverages, some consultants say.

Mr. Kruse said his D&O insurer already asks about management's compliance with other regulatory requirements, so he anticipates that underwriters will ask about his firm's readiness to deal with the e-discovery rule changes in the future.