Digital White Papers

LPS19

publication of the International Legal Technology Association

Issue link: https://epubs.iltanet.org/i/1108621

Contents of this Issue

Navigation

Page 45 of 70

I L T A W H I T E P A P E R | L I T I G A T I O N A N D P R A C T I C E S U P P O R T 46 G O I N G F O R I N F O R M A T I O N G O V E R N A N C E G O L D – C L O S I N G T H E G A P O N D I S C O V E R Y M A T E R I A L S than no policy at all, and thus everything grinded to a halt. However, firms are recognizing that this is no longer a viable strate. Client scrutiny as part of the engagement process, the buzz around cybersecurity and data breach, and the ability to leverage existing firm knowledge for business needs mandates a defensible program that ensures the necessary visibility and security of information. Visibility requires that information is accessible to the necessary individuals. This entails the proper use of systems, setting of permissions, and the adoption of a standardized classification system. All too often in a law firm, users can locate their own materials, but are unable to do so across the practice area. Naming conventions and taxonomies require standardization and a shared understanding throughout the firm. Additionally, sensitive information is sometimes not locked down to only the appropriate individuals (e.g, ethical wall considerations or HIPAA-regulated information). Further, institutional knowledge of how to use existing firm system capabilities is often lacking, or worse, the appropriate systems are not used at all (e.g., everything is hoarded in an individual's email instead of within the centralized DMS platform). An approved policy is the first step toward gaining consensus and starting down the road of deployment. Firms need the ability to point to a governing document that will drive proper user behavior. The policy should define what are administrative and client records. The policy should identify where information should be stored and for how long. Client engagement letters need amending to address disposition of documents upon matter resolution. Additionally, executive level buy-in of the policy is necessary for downstream compliant behavior to have a chance. The policy should be socialized with key stakeholders, the management committee, and finally the full user population as part of a coordinated change management program. Next, locating all critical information under firm control is vital. Thus, a data mapping exercise with representatives throughout all departments and practices of the firm to identify all data locations is critical. A data mapping exercise will often uncover information for which there is no current management plan. Examples include 3rd party document sharing sites, physical media such as thumb drives, and systems that house discovery materials. With the explosion in data storage related to ediscovery, this is an area that cannot be overlooked. Regardless of whether data is on firm infrastructure or with a Managed Services provider, firms must develop strategies that safeguard this sensitive information while in active use as well as account for its ultimate disposition. Discovery materials often fall out of the purview of traditional records management functions. Historically, firm records resources lacked visibility into these materials as they are housed in separate systems, with these systems often being 3rd-party hosted. However, managing these materials should be no different than any other electronic data store or physical asset. A record should be created in the firm's Records Management System (RMS) upon discovery database creation. Upon matter resolution, if not pursuant to order or agreement to destroy, the database can be off-lined to physical media and added to the physical client file. The media can be held in on-site physical All too often in a law firm, users can locate their own materials, but are unable to do so across the practice area.

Articles in this issue

Archives of this issue

view archives of Digital White Papers - LPS19