{"id":388,"date":"2023-10-03T10:38:56","date_gmt":"2023-10-03T17:38:56","guid":{"rendered":"https:\/\/www.cdcr.ca.gov\/hcdom\/?post_type=dom&#038;p=388"},"modified":"2024-12-06T11:53:37","modified_gmt":"2024-12-06T19:53:37","slug":"5-3-22-ediscovery-and-litigation-hold","status":"publish","type":"dom","link":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-22-ediscovery-and-litigation-hold\/","title":{"rendered":"5.3.22 eDiscovery and Litigation Hold"},"content":{"rendered":"\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Introduction and Overview<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>Preserving data is necessary in response to reasonably foreseeable litigation, subpoenas, or Public Records Act (PRA) requests, and may be required under applicable state and federal laws and regulations. Data may include both physical and electronically stored information (ESI). ESI is broadly defined as any information stored in an electronic medium, regardless of its manner of creation or use.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Objectives<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>The objective of this policy is to establish California Department of Corrections and Rehabilitation (CDCR), California Correctional Health Care Services (CCHCS), and California Prison Industry Authority (CALPIA), hereinafter referred to as department, requirements for identification, preservation, capture, and delivery of relevant data in response to requests for information, audit, archive, and legal proceedings.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Scope and Applicability<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The scope of this policy extends to all information assets owned or operated by the department, as well as information assets owned or operated by third parties (if applicable) on behalf of the department.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>This policy applies to the department&#8217;s Chief Information Officer (CIO) or their designee, data owners, legal compliance staff, Agency and Department Information Security Officers, Privacy Officers, Privacy Program Coordinators, Records Management Coordinator (RMC), Records Management Assistant Coordinators (RMACs), Information Asset Custodians, and all users of department information systems.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Policy Directives<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>The department shall:<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Preserve specific active and archived stored information and follow department data classification procedures when a litigation hold request is made.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Provide a written litigation hold notice to all involved parties with clear instructions on what should be preserved and held.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Ensure data and metadata are stored in a manner such that the data source is known and secured.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Ensure necessary and appropriate record retention systems are created and maintained consistent with the records management policies outlined by the Secretary of State\u2019s Office.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Ensure proper controls for the preservation of data are implemented, including electronic communications which may reasonably be subject to legal proceedings.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Establish a process for the intake and fulfillment of PRA requests.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Establish standard protocols for the collection, analysis, and delivery of data including chain of custody, data integrity and auditability of records.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Provide Records Retention and eDiscovery training to appropriate staff.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Return or destroy all preserved or archived data to the affected individuals and resume the normal destruction schedule after the legal duty to preserve evidence ends.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Electronically Stored Information Subject to Discovery<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>ESI is any information stored in an electronic medium, regardless of its format, location, or medium. ESI is subject to discovery in civil litigation and may also be requested under the PRA. ESI includes, but is not limited to:<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>E-mails, texts, chats, and instant messages.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Video, audio, and image files.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Word processing and spreadsheet files.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Website activity and history.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Information posted on social networking websites.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Voice mails and video mail.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Computer programming information, system and audit logs, configuration details.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>In the event of a litigation hold, this policy shall supersede requirements set forth in the Data Retention and Destruction Policy.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Roles and Responsibilities<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Department Chief Information Officer (CIO) or Designee<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The CIO or designee owns this policy and is responsible for ensuring that all users of department information assets are aware of this policy and acknowledge their individual responsibilities.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The CIO or designee is responsible for ensuring that this policy is reviewed annually and updated accordingly.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The CIO or designee is required to audit and assess compliance with this policy at least once every two years.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The CIO or designee is responsible for establishing eDiscovery teams in order to efficiently and properly coordinate the responses to PRA requests and information, audit, archive and legal proceedings.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Department Information Security Officer (ISO)<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The ISO is responsible for the oversight of all department data preservation and compliance requirements and ensures that all applicable standards and guidelines are maintained and reviewed regularly.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The ISO shall assist in the development of data preservation, planning, and production of entity data assets.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The ISO shall assist the RMC, RMACs, Owners of Information Assets, and Information Asset Custodians with ensuring that data preservation, storage, integrity, and delivery meet the SAM 5310, 5310.5, 5310.6 and SAM 5305 requirements for security and privacy.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Department Owners of Information Assets and Program Management<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Owners of Information Assets and program management supporting the department mission, state essential functions, or critical infrastructure shall participate in records retention processes, and ensure data is classified, labeled, and managed according to defined standards.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Owners of Information Assets supporting the department mission, state essential functions, or critical infrastructure shall ensure that records management is incorporated into standard business operation practices.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Owners of Information Assets shall ensure that all pertinent data that is required for the eDiscovery process is preserved and maintained according to the department\u2019s defined standards.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Department Information Asset Custodians<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Information Asset Custodians shall only assist with authorized data collection and preservation requests.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Information Asset Custodians shall ensure that the integrity of the data collection and preservation process is maintained and the request is fulfilled.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Information Asset Custodians shall ensure the requested data is secure and available to the legal team as needed.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Department Legal Counsel<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Legal Counsel shall provide the department eDiscovery designee a written notice to suspend routine or intentional purging of relevant data including overwriting, reusing, deleting, or any other destruction of electronic relevant information.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Legal Counsel shall notify appropriate parties when the obligation to retain the preserved data ends.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Department Records Management Coordinator (RMC) and Records Management Assistant Coordinator<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The RMC, pursuant to Gov. Code 12274, shall assist the RMACs, Owners, and Custodians of Information Assets in establishing appropriate data retention periods.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The RMC shall assist in training identified RMACs and entity staff in records retention.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The RMACs shall ensure that required data retention periods are maintained and data beyond the lifecycle of established policy is properly disposed.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Enforcement<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Non-compliance with this policy may result in disciplinary or adverse action as set forth in the Department Operations Manual, Chapter 3, Article 22.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The department shall comply with the information security and privacy policies, standards and procedures issued by the California Department of Technology (CDT), Office of Information Security (OIS). In addition to compliance with the information security and privacy policies, standards, procedures, and filing requirements issued by the OIS, the department shall ensure compliance with all security and privacy laws, regulations, rules, and standards specific to and governing the administration of their programs. Program administrators shall work with their general counsel, ISO, and Privacy Program Officer or Coordinator to identify all security and privacy requirements applicable to their programs and ensure implementation of the requisite controls.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The consequences of negligence and non-compliance with state laws and policies may include department and personal:<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Loss of delegated authorities.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Negative audit findings.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Monetary penalties.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Legal actions.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Auditing<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The department has the right to audit any activities related to the use of state information assets.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>CDT OIS and the department have the statutory right to audit department readiness to respond and recover from an incident.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Reporting<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>Violations of this policy shall be reported to the department ISO.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Security Variance Process<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>If compliance is not feasible, or if deviation from this policy is necessary to support a business function, the respective manager shall formally request a security variance as defined by the ISO.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Authority<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>This policy complies with State of California Government Code Section <a href=\"https:\/\/leginfo.legislature.ca.gov\/faces\/codes_displaySection.xhtml?lawCode=GOV&amp;sectionNum=11549.3.\">11549.3<\/a>.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Revisions<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>The CIO or designee shall ensure that the contents of this article are current and\u00a0accurate.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p><strong>References<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>Statewide Information Management Manual, Section 5305-A, Data Retention and Destruction<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>State Administrative Manual, Section 5010, Maintenance Records<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>State Administrative Manual, Section 1600, Records Management<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>State Administrative Manual, Section 5310.6, Data Retention and Destruction<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>Federal Information Processing Standard, FIPS 199<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Access Control, AC-3, AC-4<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Audit and Accountability, AU-2, AU-3, AU-13<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Configuration Management, CM-8<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Media Protection, MP-1, MP-2, MP-3, MP-4, MP-5, MP-6, MP-7<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Physical and Environmental Protection, PE-5, PE-19, PE-20<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Planning, PL-4<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Program Management, PM-9<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Risk Assessment, RA-2, RA-3<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Security Assessment and Authorization, CA-7<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, System and Communications Protection, SC-4, SC-8, SC-13, SC 17, SC-28<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>California Department of Corrections and Rehabilitation, Department Operations Manual Chapter 1, Article 16, Sections 13040.7, 13040.7.1, 13040.7.2<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>California Department of Corrections and Rehabilitation, Department Operations Manual Chapter 3, Article 22<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>California Department of Corrections and Rehabilitation, Department Operations Manual Chapter 4, Article 36, Section 47090.10<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>California Department of Corrections and Rehabilitation, Department Operations Manual Chapter 4, Article 38, Sections 47110.7, 47110.16<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>California Department of Corrections and Rehabilitation, Department Operations Manual Chapter 4, Article 45, Section 49020.10.6<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>California Government Code Section 6250<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>California Government Code Section 11549.3<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p><strong>Revision History<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>Effective: 11\/30\/2022<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\t<\/ul>\n\t","protected":false},"parent":228,"template":"","class_list":["post-388","dom","type-dom","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>5.3.22 eDiscovery and Litigation Hold - Health Care Department Operations Manual (HCDOM)<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"5.3.22 eDiscovery and Litigation Hold - Health Care Department Operations Manual (HCDOM)\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-22-ediscovery-and-litigation-hold\/\" \/>\n<meta property=\"og:site_name\" content=\"Health Care Department Operations Manual (HCDOM)\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-06T19:53:37+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/article-3-information-technology\\\/5-3-22-ediscovery-and-litigation-hold\\\/\",\"url\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/article-3-information-technology\\\/5-3-22-ediscovery-and-litigation-hold\\\/\",\"name\":\"5.3.22 eDiscovery and Litigation Hold - Health Care Department Operations Manual (HCDOM)\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/#website\"},\"datePublished\":\"2023-10-03T17:38:56+00:00\",\"dateModified\":\"2024-12-06T19:53:37+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/article-3-information-technology\\\/5-3-22-ediscovery-and-litigation-hold\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/article-3-information-technology\\\/5-3-22-ediscovery-and-litigation-hold\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/article-3-information-technology\\\/5-3-22-ediscovery-and-litigation-hold\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"HCDOM\",\"item\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Chapter 5 &#8211; Administrative\",\"item\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Article 3 \u2013 Information Technology\",\"item\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/article-3-information-technology\\\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"5.3.22 eDiscovery and Litigation Hold\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/#website\",\"url\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/\",\"name\":\"Health Care Department Operations Manual\",\"description\":\"CCHCS\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/#organization\",\"name\":\"Health Care Department Operations Manual\",\"url\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/wp-content\\\/uploads\\\/sites\\\/207\\\/2023\\\/08\\\/cropped-cdcr-cchcs-logos-512.png\",\"contentUrl\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/wp-content\\\/uploads\\\/sites\\\/207\\\/2023\\\/08\\\/cropped-cdcr-cchcs-logos-512.png\",\"width\":82,\"height\":82,\"caption\":\"Health Care Department Operations Manual\"},\"image\":{\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/#\\\/schema\\\/logo\\\/image\\\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"5.3.22 eDiscovery and Litigation Hold - Health Care Department Operations Manual (HCDOM)","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"5.3.22 eDiscovery and Litigation Hold - Health Care Department Operations Manual (HCDOM)","og_url":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-22-ediscovery-and-litigation-hold\/","og_site_name":"Health Care Department Operations Manual (HCDOM)","article_modified_time":"2024-12-06T19:53:37+00:00","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-22-ediscovery-and-litigation-hold\/","url":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-22-ediscovery-and-litigation-hold\/","name":"5.3.22 eDiscovery and Litigation Hold - Health Care Department Operations Manual (HCDOM)","isPartOf":{"@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/#website"},"datePublished":"2023-10-03T17:38:56+00:00","dateModified":"2024-12-06T19:53:37+00:00","breadcrumb":{"@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-22-ediscovery-and-litigation-hold\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-22-ediscovery-and-litigation-hold\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-22-ediscovery-and-litigation-hold\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.cdcr.ca.gov\/hcdom\/"},{"@type":"ListItem","position":2,"name":"HCDOM","item":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/"},{"@type":"ListItem","position":3,"name":"Chapter 5 &#8211; Administrative","item":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/"},{"@type":"ListItem","position":4,"name":"Article 3 \u2013 Information Technology","item":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/"},{"@type":"ListItem","position":5,"name":"5.3.22 eDiscovery and Litigation Hold"}]},{"@type":"WebSite","@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/#website","url":"https:\/\/www.cdcr.ca.gov\/hcdom\/","name":"Health Care Department Operations Manual","description":"CCHCS","publisher":{"@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.cdcr.ca.gov\/hcdom\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/#organization","name":"Health Care Department Operations Manual","url":"https:\/\/www.cdcr.ca.gov\/hcdom\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/#\/schema\/logo\/image\/","url":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-content\/uploads\/sites\/207\/2023\/08\/cropped-cdcr-cchcs-logos-512.png","contentUrl":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-content\/uploads\/sites\/207\/2023\/08\/cropped-cdcr-cchcs-logos-512.png","width":82,"height":82,"caption":"Health Care Department Operations Manual"},"image":{"@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/#\/schema\/logo\/image\/"}}]}},"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Health Care Department Operations Manual (HCDOM)","distributor_original_site_url":"https:\/\/www.cdcr.ca.gov\/hcdom","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/dom\/388","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/dom"}],"about":[{"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/types\/dom"}],"version-history":[{"count":3,"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/dom\/388\/revisions"}],"predecessor-version":[{"id":2677,"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/dom\/388\/revisions\/2677"}],"up":[{"embeddable":true,"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/dom\/228"}],"wp:attachment":[{"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/media?parent=388"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}