An Outlook .pst file can hold years of business communications, attachments, contacts, calendar entries, and deleted-item artifacts. That concentration of potentially responsive data is exactly why producing .pst files for document discovery requires more than exporting a mailbox and sending it to opposing counsel. The process must preserve the source, support reasonable search and review, and produce usable information without creating avoidable disputes over completeness, metadata, or privilege.
For legal teams, the question is not simply whether a PST can be created. The question is whether the collection and production method will withstand scrutiny when the matter involves a meet-and-confer, a regulatory request, a deposition, or trial.
When a PST Is the Right Discovery Deliverable
A PST is a Microsoft Outlook data file that can preserve email messages and associated folder structures in a portable container. It is often requested when a party needs mailbox data in a format that can be loaded into an eDiscovery platform, searched by counsel, or retained as a native collection artifact.
There are legitimate reasons to deliver PST files. A requesting party may seek native mailbox exports to assess completeness. A government agency may specify PST as an accepted delivery format. A matter may involve a small, targeted collection where processing each message into TIFF or PDF images would add cost without improving utility. In other cases, a PST can be an interim transfer format before data is processed into a review platform such as RelativityOne.
Still, a PST is not automatically the best production format. It may be difficult for a receiving party to search without Outlook or specialized software. It can contain nonresponsive material, privileged communications, and personal information if the export is not appropriately scoped. Some review workflows also require extracted text, normalized metadata, de-duplication, and attachment family relationships that are better managed after processing than within a raw PST.
The protocol, production request, case schedule, and agreed technical specifications should guide the decision. If no protocol exists, counsel should address format early, rather than treating the file type as a last-minute production detail.
Producing .pst Files for Document Discovery Defensibly
A defensible PST production begins before the file is created. The team needs a clear understanding of whose data is being collected, which systems contain it, the relevant date range, and whether legal holds, privacy obligations, or regulatory restrictions affect access and handling.
Preserve the source before exporting
When email resides in Microsoft 365, Exchange, an on-premises mail server, a local Outlook profile, or a prior PST archive, the collection source matters. Exporting from a user’s local Outlook application can be appropriate in limited circumstances, but it may not represent the complete mailbox. Cached data may be incomplete, local archives may be overlooked, and a user could have altered folders or deleted messages before collection.
For enterprise matters, collection directly from the authoritative system is generally more reliable. The collection record should identify the custodian, data source, mailbox or archive location, date and time of collection, collection method, operator, and any filters used. This documentation gives counsel a factual basis for describing what was collected and why.
If a device-based collection is required, particularly where local PST archives or downloaded mail may be relevant, preserve the device and document chain of custody. A PST is a data container, not proof that all potentially relevant email has been preserved.
Scope the export with counsel, not assumptions
An all-mailbox export may be necessary for preservation or forensic purposes, but it is rarely the same thing as a production-ready dataset. Before exporting, establish the scope: custodians, date ranges, folders, keywords if appropriate, and whether sent mail, deleted items, shared mailboxes, archives, and attachments are included.
Date filtering deserves particular care. Email systems can contain sent dates, received dates, created dates, modified dates, and archive dates. A filter that appears straightforward can exclude messages that were delayed, migrated, or stored differently. Counsel should decide which dates control and document that decision.
Scoping also needs to account for attachments. A production that includes email messages but omits linked or embedded attachments can create an incomplete family. Likewise, an export may contain large non-email files that drive cost and require separate handling. The defensible answer is not always to exclude them. It is to identify them, make an informed decision, and record the treatment.
Validate the PST before processing or delivery
A completed export is not necessarily a usable export. PST files can be corrupted, password-protected, oversized, or structured in ways that complicate ingestion. A quality-control review should confirm that the file opens, expected folders are present, representative messages and attachments are accessible, and the file size aligns with the anticipated data volume.
Validation should also compare the export against collection logs or source-system counts where possible. If a mailbox reportedly contains 45,000 items and the PST contains 8,000, that gap may be justified by a date restriction or it may reveal a collection issue. Either way, it warrants an explanation before production.
File integrity controls matter as well. Calculate and retain a hash value for each delivered PST, record the original file name and size, and preserve the transfer record. These practical steps help establish that the file received is the file that was exported.
Processing PST Data for Review and Production
In many matters, the PST is only the beginning. Once it is loaded into an eDiscovery environment, the legal team can extract message text and metadata, identify attachments, apply search terms, de-duplicate, conduct privilege review, and prepare a production set that aligns with the agreed protocol.
Processing should preserve key email metadata, including sender, recipient, copied recipient, blind-copied recipient where available, subject, sent date, received date, folder path, and attachment information. Email threading and family relationships can also be highly useful. They reduce repetitive review while allowing counsel to understand how communications and attachments relate to one another.
A review-ready workflow also requires exception handling. Encrypted attachments, unsupported file types, corrupt messages, embedded objects, and password-protected files should be logged and evaluated. Silent exclusions are difficult to defend. A clear exceptions report enables counsel to decide whether to seek passwords, perform further collection, produce a placeholder, or disclose the issue under the production protocol.
For a final production, the producing party may provide native PSTs, individual native email files, image files with load files, searchable PDFs, or a combination. The right selection depends on the governing order and the needs of the case. Image-based production can support consistent Bates numbering and redactions. Native email can preserve functionality and reduce conversion risk. A hybrid approach may be appropriate when emails are produced as images while spreadsheets, multimedia, or other complex attachments remain native.
Privilege, Privacy, and Redaction Risks
PST files often contain far more than case-related email. They may include communications with counsel, personnel records, health information, financial data, customer records, and personal correspondence. Producing a raw PST without review can expose privileged or protected information at a scale that is difficult to reverse.
That does not mean raw PST production is never appropriate. It means the parties should define safeguards. Those may include a clawback agreement, stipulated confidentiality protections, targeted filtering, separate privilege review, and secure delivery requirements. Where redactions are needed, a native PST may not be suitable as the final form because redaction must be applied to the actual produced content, not merely noted in a privilege log.
Security during transfer is equally important. Sensitive discovery data should move through controlled channels with access restrictions, documented recipients, and a verifiable delivery record. Emailing a large PST file or placing it in an uncontrolled consumer file-sharing location is rarely appropriate for a high-stakes matter.
Operational Controls That Prevent Production Problems
The most common PST issues are operational: a custodian was omitted, an archive was not identified, a password was not retained, a file was exported with the wrong date range, or a production was delivered without a corresponding inventory. These failures are preventable when collection, processing, review, and delivery are handled as one documented workflow.
A qualified legal technology provider can coordinate forensic collection, secure data handling, PST export validation, eDiscovery processing, attorney review support, and final production preparation. For matters involving active deadlines, that coordination matters. Concord Document Technologies supports legal teams with the production capacity and controlled workflows required for sensitive electronic and paper discovery matters.
Before any PST changes hands, ask a practical question: can the team explain exactly where it came from, what it contains, what was excluded, how it was checked, and how it was delivered? If the answer is clear, the production is far more likely to serve the case rather than become a discovery issue of its own.


