Business Drivers for Document Management – Part 1
Business Drivers for Document Management – Part 1
Law firms and lawyers exist to create documents for clients—but do not own them. Their clients do. Like many owners, clients have many concerns about how others interact with their property; particularly stemming from cybersecurity and privacy needs.
In fact, the management of documents, email and other content comprises nearly all the top concerns of Chief Legal Officers which are, in this order : (1) Regulatory changes (2) Protection of corporate data, (2) Governance and management of data, and (3) Ethics and compliance requirements.
Clients, therefore, have enacted rules with some wake-up-call consequences: not being paid, sued, or simply fired. Commonly known as Outside Counsel Guidelines (“OCGs”), the rules exist to control processes. OCGs have moved from guidelines to actual contracts that provide for indemnification of the client for cyberbreach and violation of privacy laws and require firms to explicitly secure the client’s data. 79% of legal departments now provide OCGs to their law firms, a 30% increase over 2017, and are overwhelmingly the most effective methodology for legal departments to control spend and mitigate risk.
Firms are challenged to comply with OCGs, and this is causing collection cycles to increase, invoices to be rejected and line items to be met with refusal to pay, written off, or in some cases, whole firms to be sued or fired. 39% of clients measure law firm performance against OCGs and almost half of chief legal officers will fire their law firms in 2019 redirecting that work to another firm as a result.
The principles are simple. All organizations need to make sure they follow the best practices on mitigating cybersecurity risk: through education, data encryption, strong perimeter security and password policies. Firms need to have a process to make sure that the clients’ document are organized, the nonpublic data secured to those who need access to it, the ability to report on it, and then destroy or transfer when requested.
To comply with the data side of the OGCs, firms must have a clear information governance strategy for which the firm’s document management system is the foundational system.
Just owning a DMS is not good enough
That is why 98% of law firms report owning a document management system (DMS) . This is most the logical location for the electronic matter file.
Unfortunately, it is commonplace that simply owning a DMS technology does not equal proper running and adoption of that technology. And this is true across many verticals including Legal.
In a recent survey of over 2,000 lawyers across a wide range of projects, the data illustrated that lawyers explicitly avoid working in the (insert any name) DMS and, instead, will put files on their local C drive, or a network share, because this is what’s easier and makes more sense to a lawyer—or at least to one blind of the business drivers. It’s time to prioritize adoption, starting with removing the blinders.
The problem is that partners are disconnected from the business drivers contracted in OCGs rendering the firm’s liability and revenue loss potential invisible.
Adoption means using the DMS as the Electronic File
Why do firms own a document management system (DMS) in the first place and what do we mean by its adoption? The DMS can be divided into two essential cases:
- Work-in-process: drafting, versioning and delivering documents–getting the document out of the door.
- The electronic matter file: creating a record of all documents related to a matter plus email in a single location
- Complying with the top Chief Legal Officer’s concerns is not possible without an electronic file.
This is because information governance can only apply to the known. This is not an epistemological tautology.
A firm cannot create a processes around data–governing, creating and
implementing retention and destruction policies, securing or locking down unknown entities–if the firm isn’t even aware these processes don’t exist. This means matters require a proper electronic file to be maintained and to include all client documents plus related email in order to govern the known. Lawyers storing documents outside of the electronic file, therefore, expose the firm to multiple layers of risk—financial, ethical, regulatory and security risks.
OCG compliance necessitates Electronic Files
Firms can count on clients’ enforcement of Outside Counsel Guidelines to make sure their data isn’t the next headline news story.
Here are a few more key client concerns stipulated in OCGs that require firms to maintain an electronic file to support proper governance and security:
1. Regulatory changes: Firms today face multiple regulatory mandates directly and indirectly through their client’s regulator. Among others, the General Data Protection Regulation (GDPR) provides for significant fines–up for % of a firm’s global annual revenue– for compliance failures. This regulation mandates, among other requirements, that firms be able to track and, if requested, delete personal data held anywhere by the firm– on behalf of clients and others. This alone necessitates a structured,
electronic system for managing such content.
For client files, the DMS is the only sensible such option.
2. Security: Clients are stipulating ‘need-to-know’ security. This means data is secured and limited only to those who “need to know” then deleted or transferred back to the client as soon as it is no longer necessary. The Association of Corporate Counsel (ACC) memorialized this in 2017 in: “Model Information Protection and Security Controls for Outside Counsel Possessing Company Confidential Information,” and is now delivered in OCGs to firms.
3. Ethics and compliance: Moreover, the electronic file is not just a good idea but rather a regulatory or ethical duty of a lawyer’s license to practice law. A client can request a copy of their file at any time—an inefficient delivery on this request will not be paid for by the client, nor (and maybe worse) appreciated. Each jurisdiction has different requirements on what exact information the firm needs to provide in a file transfer. There are ethics opinions in the United States that indicate that if you do not maintain a file, the cost of creating one is on the firm.
4. Strategy: Client files are typically transferred as a result of law firm partners (“laterals”) moving firms, and in the 7-year period between 2010 and 2017, close to 50% of all partners moved firms in the US market—with Atlanta and Chicago markets exceeding 50% of all partners. 2018 was even more aggressive as the busiest year on record for partner lateral moves in the Am Law 100. In the UK are between 500 to 1000 moves per year which adds up to about 3500 moves that are considered ’substantial’ meaning that the number is even larger as only the ‘newsworthy’ moves are reported. This is a huge business challenge for firms to sustain continuous governance and security over client records.
The implementation and adoption of an electronic file solution within the firm’s Document Management System is a core element of a firm’s information governance strategy
Want to learn more about Manage & Govern Content?
Read more about Manage & Govern Content from our solution page.
Check our related articles
There’s no scarcity of legal industry reports chorusing the refrain: margins are flat; corporate counsel are increasingly taking more work in house; law firms aren’t responding in kind. ...16 March, 2016No comment
Over the past year, we’ve seen an increase in the number of firms moving to need-to-know or pessimistic security for non-public data....19 June, 2018No comment