How do legal, privacy, and records roles divide responsibility during a litigation hold or e-discovery request?
A litigation hold or e-discovery request triggers a shared duty: the organization must preserve and produce potentially relevant information without destroying, altering, or improperly disclosing it. No single function can do this alone. Legal, privacy, and records roles each own a distinct piece, and the process works only when they coordinate.
Legal: scope and obligation
Legal counsel owns the trigger and the scope. They determine when a duty to preserve arises, define the matter’s subject, time frame, and custodians, and issue the written hold notice. Legal also negotiates the scope of production with opposing parties or regulators, decides what is responsive and what is privileged, and certifies that preservation and production obligations were met. They carry the legal risk if relevant information is lost (spoliation).
Records and information management: locate and preserve
Records and IG professionals translate legal’s scope into action across systems. They identify where responsive information actually lives, suspend any disposition or retention rules that would otherwise delete it, and ensure preserved material keeps its metadata, version history, and chain of custody intact. Because they understand the organization’s information map and retention schedules, they are often best positioned to find relevant content efficiently and to confirm that defensible deletion resumes only after a hold is lifted.
Privacy: protect sensitive data
Privacy officers ensure that collection, review, and production do not create new exposure. They flag personal data, protected categories, and confidential third-party information, advise on redaction or minimization, and confirm that disclosing data to outside parties is consistent with applicable privacy obligations. Privacy and legal often weigh these protections against production demands together.
Making the division work
These responsibilities overlap at the edges, so clarity matters more than rigid lines. Effective organizations:
- Define roles and a hold workflow in policy before a request arrives
- Keep one coordinated, auditable record of what was preserved and why
- Reconcile preservation with normal retention so nothing is deleted prematurely
For broader context on aligning legal, privacy, and recordkeeping duties, see the information governance topic hub. The Sedona Conference offers widely cited guidance on the legal-hold and e-discovery process.
Sources & further reading
Authoritative government and non-profit references.
- The Sedona Conference publications — The Sedona Conference
- Records management (NARA) — National Archives (NARA)
How to cite this page
APA
RM University Editorial. (2026). How do legal, privacy, and records roles divide responsibility during a litigation hold or e-discovery request?. Records Management University. https://www.recordsmgmt.org/questions/how-legal-privacy-and-records-divide-responsibility-in-litigation-hold/
MLA
RM University Editorial. "How do legal, privacy, and records roles divide responsibility during a litigation hold or e-discovery request?." Records Management University, 16 June 2026, www.recordsmgmt.org/questions/how-legal-privacy-and-records-divide-responsibility-in-litigation-hold/.
Related questions
- Big-bucket vs item-level retention schedules: how do I choose between them?
- Can a company be penalized for keeping data too long under privacy laws even if nothing was breached?
- Can a US company store records in the EU, or do data localization and cross-border transfer rules block it?
- Can executives or board members be held personally liable for information governance failures?
- Can information governance help reduce cloud storage costs, and how?