The biggest challenge with any legal hold process is ensuring that potentially relevant data is actually preserved.

But with evolving requirements for how data is managed by new data privacy laws like the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR), data that was once thought to be secure by just sending a legal hold and counting on the custodian to preserve that data themselves may not be true anymore.

Here are 4 steps for ensuring that your legal hold process accounts for new data privacy requirements.

1. Automate legal hold notifications
2. Maintain an up-to-date Data Map/Inventory
3. Minimize irrelevant ESI
4. Document the process