Is your law firm leveraging information governance to protect data?
Find Out By Asking 7 Essential Questions
Recently, law firm technology services group LogicForce published “Law Firm Cyber Security Scorecard,” a bi-annual report on the current state of the industry’s security preparedness. Their findings indicate law firms have come far, but they still have a long way to go if they want to protect their client data from security breaches. After analyzing the data, LogicForce gave the legal industry only 42% on its cyber security health. That’s a concerning statistic.
Think about how quickly data grows at law firms. Every new matter is accompanied by paper records and electronic files, many of which are governed by Outside Counsel Guidelines (OCG) for when data should be destroyed or returned to the client. Moreover, OCG becomes increasingly complex every year, which is further compounded by rapidly expanding government regulations. Recently, we’ve seen their impact with the rollout of the EU’s General Data Protection Regulation (GDPR) on May 25, 2018.
As data grows, law firms grapple with how to protect data, stay compliant, and mitigate their risks. One of the industry’s biggest questions today is: How can law firms keep up? A good place to start is by leveraging internal information governance (IG) policies and protocols to ensure data is managed efficiently. If you’re unsure about how well your law firm scores when it comes to IG, assess where you’re at by asking seven IG questions.
Seven essential information governance questions
- Does your firm have internal policies to manage the life cycle of its data?
- Do those policies address how long data should be kept for all data not just client data?
- Are policies approved? If so, do you know where they live?
- What does years of collecting all this data look like?
- What your firm’s exposure if there is a data breech and data is stolen about a client that is no longer with the firm?
- What does the future look like on an annualized basis for the growth of your data?
- How would data growth be impacted if data was archived or destroyed regularly? If data is in the cloud, what is the cost increase year over year for the increase in data?
UPDATE YOUR RECORDS MANAGEMENT SYSTEM TO PROTECT YOUR FIRM
By definition, the value of a modern records management system is that it reduces the risk of sensitive information exposure for clients via the firm. It helps the firm apply appropriate IG controls. Moreover, it enables the firm to know exactly what sensitive information it holds, how long it should retain that information, and when it can dispose of it to minimize risk.
When undertaking an assessment of any new records management system, make sure to ask these three important questions:
- Is it integrated with other data platforms, such as Intapp’s Wall, OPEN and Terms modules? Integration ensures IG can be applied to all data from a single platform.
- Does it include an IG tool that ensures critical information is retained according to set criteria? You don’t want information over-retained, which creates legal discovery and breach risks.
- Does it meet security requirements for the system hosting environment and applications?
Records management systems vary in their ability to address these vital risk management issues. If you know where information is at all times, and you apply appropriate IG controls, your risks are greatly reduced.
AUTOMATE IG AND REDUCE YOUR RISKS
FileTrail is the only records management software that features a single pane of glass to manage all file retention and disposition for every business platform used by law firms. Recently, it launched the Governance Policy Suite (GPS), the industry’s only purpose-built automated IG tool. GPS helps ensure law firms are always IG compliant by enabling them to apply internal polices and Outside Counsel Guidelines to all their files and records from a single location.
GPS is deeply integrated with a firm’s records ecosystem. Its highly advanced automated processes enable firms to apply information governance policies to tens of millions of documents dispersed across many repositories, including Document Management systems, file shares, e-discovery, collaboration, and extranets. GPS’s careful attention to processes eliminates hours of manual labor and complex communication to streamline disposition of documents, handling lateral moves, returning documents to clients, and destroying physical records.
Implementation of IG mitigates risk, reduces storage costs, improves compliance with guidelines, and enhances your value to your clients. Find out more by downloading the GPS Solution Brief.