Three Lessons We Learned from ILTA Compliance Summit 2021

Three Lessons We Learned from
ILTA Compliance Summit 2021
16 June 2021· 3 min read
The International Legal Technology Association (ILTA) held its 2021 Compliance Summit at the end of May and it was packed with sessions & expert panels across the industry. During the summit, these experts delivered in-depth analysis of changing privacy and cybersecurity regulations, the pandemic-lead explosion in digital transformation, and best practices for data compliance and minimization.
Here are three of the biggest insights we gained from the event.
Digital Transformation Opened the Door for New Possibilities…and Data Concerns
Many industries were already listing digital transformation and disruption at the top of their priority list heading into 2020, but the response to the pandemic may have accelerated this process by as many as five years.
Due to this rapid transformation and unplanned deployment of technology, there has been an explosion of data across different collaboration systems, including Microsoft Teams, creating data chaos. This chaos presents vulnerabilities and risk of breaches for firms as they try to govern systems by creating logical places to save data, discouraging employees from saving data in personal drives or in the wrong locations. As our CEO and Co-Founder, Keith Lipman, said during the event, there needs to be a paradigm shift in which organizations admit that “anyone can be hacked.”
Data governance is about compliance as much as it is about data privacy and cybersecurity standards. When hackers breach systems, they often copy or delete sensitive or intellectual property data. If your organization is unaware of where data is stored or what data you had in the first place, you may not even know you’ve lost it. This leaves you vulnerable to regulatory fines and may damage your reputation with clients.
As the members of the Microsoft panel said during the event, these risks have placed new focus on data breaches, privacy, and regulatory policy changes that firms need to consider.
Regulatory Policies and Laws are Starting to Catch Up with the Landscape
The increased adoption of Microsoft Teams – which is now home to over 145 million daily active users – has created a new wave of cybersecurity, compliance, and privacy challenges. The speed at which these systems were adopted created a gap between regulatory laws and the level of technological innovation.
That is changing.
Around the globe, nations are writing new laws or amending their existing laws in order to place an increased scrutiny on compliance and privacy.
In the US, individual states like California and Virginia have taken the lead in compliance laws. The California Privacy Rights Act (CPRA) amends the existing law in California and adds language covering data minimization, purpose & storage limits, and adds a new standard of consent.
Virginia went one step further than California’s CPRA with the Consumer Data Protection Act (CDPA). The CDPA Characterizes the party who initially collects and controls personal data as the controller and obligates that party to be a good steward of the data through transparency with the consumer accountability for sharing data with third parties (processors). It also places the onus on organizations to implement appropriate security to safeguard data.
Similar laws are on the way in New Jersey, New York, Pennsylvania, Vermont, Texas, and many more states.
Internationally, the European Union, Canada, China, Japan, Brazil, and Australia have all adopted or amended new regulations as well, with varying degrees of scrutiny. For instance, Canada’s Consumer Privacy Protection Act (CPPA) – which will amend the existing Personal Information Protection and Electronic Devices Act (PIPEDA) — places a greater focus on consumer consent awareness than other laws in the US and internationally. The EU’s General Data Protection Regulation (GDPR) actually just came around on its three-year anniversary to largely great success.
Firms should pay close attention to this shifting regulatory landscape, aiming to go from manual processes to an automated approach for provisioning and governance across collaboration systems.
Security and Compliance Are Merging
Due to the speed at which the pandemic forced firms to adopt new tech, firms were unclear as to whether they were focusing on security or compliance. Some firms emphasized security, attempting to meet the present dangers of increased remote work head on, while others took the regulatory approach, adjusting processes to meet compliance requirements.
There isn’t necessarily a right or wrong path here, but in hindsight, we’ve now learned that it doesn’t have to be an either/or. In fact, although security and compliance require separate strategies, they are merging as a central topic of risk mitigation.
The legal tech market is now seeing an increased demand for software platforms, like Prosperoware CAM, that cover security, compliance, and governance together. By using such technology platforms, your firm can both address the rapidly emerging dangers of the post-pandemic work environment, as well as the over-arching trends, client needs, and regulatory changes that emerge over a longer period of time.
The 2021 ILTA Compliance Summit helped address and even answer some of the foremost concerns that emerged this past year in the wake of the pandemic.
Stay tuned for upcoming posts from our team at Prosperoware that delve more into these issues.

Want to see CAM & Microsoft Teams in action?

Want to see CAM & Microsoft Teams in action?

Share
Tags: