The data we need for discovery lives in a system we're about to decommission—how do we handle it?
Decommissioning a system that holds potentially discoverable data is one of the higher-risk moments in records and information governance. The core obligation does not disappear when the hardware does: if litigation is reasonably anticipated or already underway, relevant information must be preserved. Retiring the system without addressing that duty can lead to spoliation findings, sanctions, or adverse inferences.
Identify the duty before you touch the data
First determine whether a preservation obligation exists. In US federal civil litigation, the duty to preserve attaches when litigation is reasonably anticipated, and the Federal Rules of Civil Procedure govern much of the process. Standards differ by jurisdiction — state courts, regulators, and other countries impose their own rules — so confirm scope with counsel early.
If a legal hold is in place, the data in the target system is almost certainly within its reach. Map what the system contains, who the custodians are, and which records overlap active holds or retention schedules.
Preserve before you migrate
Treat preservation and migration as separate steps:
- Preserve in place or capture a defensible copy of held data before any cutover, including relevant metadata, audit logs, and structural relationships.
- Document the chain of custody and the migration method so you can later show the data is complete and unaltered.
- Validate that exported content is readable and searchable in its new home, not just transferred.
Native formats and metadata often matter as much as the content itself. Losing them during conversion can undermine authenticity later.
Migrate the rest under retention rules
Data not subject to a hold still follows its retention schedule. Dispose of records only when their approved schedule allows and no hold applies — never as a side effect of shutting a system down. Frameworks such as ISO 15489-1 reinforce capturing records with enough context to remain usable over time.
Coordinate across legal, records, and IT
Decommissioning succeeds when legal defines obligations, records/IG confirms retention and disposition authority, and IT executes the technical migration and validation. Build a documented timeline, keep the source system or a verified copy available until preservation is confirmed, and record decisions throughout.
For more on the discipline overall, see /topics/ediscovery/.
Sources & further reading
Authoritative government and non-profit references.
- Federal Rules of Civil Procedure — U.S. Courts
- ISO 15489-1 Records management — ISO
How to cite this page
APA
RM University Editorial. (2026). The data we need for discovery lives in a system we're about to decommission—how do we handle it?. Records Management University. https://www.recordsmgmt.org/questions/how-to-handle-discovery-data-in-a-system-being-decommissioned/
MLA
RM University Editorial. "The data we need for discovery lives in a system we're about to decommission—how do we handle it?." Records Management University, 16 June 2026, www.recordsmgmt.org/questions/how-to-handle-discovery-data-in-a-system-being-decommissioned/.
Related questions
- A key custodian left the company—how do we preserve and collect their email and files after they're gone?
- An employee admitted to deleting emails relevant to a lawsuit—what do we do now?
- Are curative measures or monetary fines available when lost data can be replaced through other sources?
- Can a company be sanctioned for spoliation when an employee auto-deleted text messages or ephemeral chats?
- Can a court order cost-shifting or limit search terms when keyword searches return an unmanageable hit count?