Building the foundations for keeping legal data safe

Modern information management is about much more than minimising risk. Effective records management practices can  help your chambers  to be more innovative, customer-focused and agile. But as the rate of information creation continues to grow and the need to be compliant increases with it, new techniques are required.

 The impact of GDPR

The introduction of the General Data Protection Regulation (GDPR) in May 2018 was a signal for organisations to sit up and pay attention to how their data was being used across departments with new requirements coming into force. The role of a barrister includes constantly recording personal information such as client addresses and trade union activities putting the task of GDPR compliance in their hands; therefore they have to act as their own data controllers. The new rights to access data means that both barristers and law firms must know where their information is kept. In order to keep the risk away from a firm, organisations need to know not only which documents, records and matter they hold and are able to store, but which they legally should no longer hold, such as personal information including dates of birth, criminal records and previous addresses. Reviewing document retention at appropriate intervals is key to compliance.

Yet, although the recognition is there, many organisations are still not following through and putting document management practices in place. The generational divide combined with the use of out-dated processes has meant there is a general reluctance amongst law firms towards technological change. Yet, the importance of innovation cannot be stressed enough; an unexpected regulatory investigation can occur at any moment and find that matter that should have been deleted, is still being stored. And, not to mention the risk of a data breach, which could have vast repercussions including stolen data, unhappy customers and as a result, a negative impact on firm reputation.

Taking the first step

 Organisations need to ensure they have the right tools in place, at the right time, in order to succeed; the same way that a world-class footballer wouldn’t attempt to score the winning goal in the newest trainers to hit the market without making sure they fit properly first. In the race to prepare for their clients’ digital initiatives, the pressure is on, and law firms are still lagging behind. Competing for digital clients will be difficult if legal departments don’t become a fully digitised enterprise as it is this that will enable them to gain insights from both their own and client data as well as promote better business decisions. But, applying new and intelligent automation tools such as AI or machine learning won’t and can’t provide results if the foundation isn’t there, with no structure or transformation strategy behind it. Technology should not be adopted for technology’s sake; layering up the groundwork and establishing an operational infrastructure is the first step. Understanding why your organisation needs an information management system is essential to become not only efficient, but also safe.

The first step organisations need to take is to understand and analyse what data they hold, where it is stored and if it can be easily classified. Once the information has been identified and analysed, organisation-wide instructions should be put in place to clarify how certain types of data should be handled, such as sensitive data which could reveal racial or ethnical origin, trade union membership or religious beliefs. This process can increase in efficiency with the help of a Records Manager, who can ensure the system is adopted and adhered to by the entire organisation. As well as this, Records Managers can establish new systems and oversee the switch from paper to electronic record keeping, making sure that out-dated records are destroyed or archived and establishing which future processes should be put in place. It’s vital that once the process is mapped and defined, a clear description of duties and objectives is agreed and the behaviour of people in the organisation is continuously monitored to ensure standards are maintained and followed even after implementation.

Technology as an investment

 Data security is inherently important to a law firm or legal department. Not having a secure information management system in place is a privacy risk, one that no organisation should be willing to take. As one of the biggest targets for cyber crime, data protection is one of the greatest risks that law firms face, and therefore safeguarding sensitive client data should be high on the priority list. Compromised data means compromised trust, so it is important for departments to look at how they create, store and share their data. Far too many organisations deploy technology solutions as a quick fix, without thinking of the bigger organisational strategy or the implications the technology could have in the future.

Law firms need to ask themselves: how does the technology need to be maintained, and is it something that will really help the organisation’s customers to work more efficiently, smarter and safer? Rather than following any and all digital trends, or adopting the same as your competitors in order to catch up, organisations must think about what the right technology is for them. Barristers can use technology to help manage caseloads and optimise efficiency, such as reducing the time it takes to litigation. Centralising the processes and creating access to secure and compliant information such as pleadings or mortgage deeds off site allows law firms to work in a much more productive, efficient and cost-effective manner.  In light of this, it is clear that a smart technology investment can drive a business forward, and with the right business case, has the best chance of being worthwhile and profitable.

The attraction of new and exciting legaltech is undeniable, and being able to offer clients something different will always be tempting. But before taking the leap, it is essential for organisations to understand the data within their organisation and how to use it efficiently, smartly and safely. And being safe doesn’t just keep an organisation safe from data leaks and breaches, but for suppliers, it means that they are able to prove to their customers and potential customers that certain safety and security standards are adhered to, bringing significant competitive advantage and the opportunity to become a first-class supplier right to the forefront.

After all, compliance is key, so ensuring the right document management system is initially in place to enable documents to be properly stored, structured and classified, will enable your firm or legal team to be efficient and safe, to reap benefits in the long-term.

Christiane Müller-Haye, Director of Global Strategy & Products, Phoenix Business Solutions.


Share this post