publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/1188906
I L T A W H I T E P A P E R | I N F O R M A T I O N G O V E R N E N C E 65 PII and PHI which seems to reside everywhere and yet incredibly difficult to identify everywhere—and for which a spate of new regulations across the globe are popping up faster than we can keep pace. All of which is only to raise the bar of our ethical and moral obligations, in addition to our legal ones. This is why with regulations spanning GDPR, CCPA, HIPAA, as well as other privacy regulations, litigation readiness, electronic discovery requirements, a majority of Chief Legal Officers report they are extremely concerned across all areas of data protection, regulatory or governmental changes, and information privacy in 2019 1 . And we haven't even gotten started looking at data beyond the basics of being a byproduct of business activities that needs governance and protection; we haven't even scratched the surface of optimizing it to be a driver of business strate and innovation. To be sure, this is the new arena of competition across all business verticals, and why we need to get to IG Nirvana. Convergence Point: IG Wins and Retains Enterprise Business for Law Firms Organizations should be thinking about how to position their data as a corporate asset to extract their data's value and derive actionable insights, but we can't if we are stymied at stage 1 of simply organizing it. To the Chief Legal Officer, data means mitigating risk, whether internally or with all external partners. This is a main reason why corporate clients are driving change to their outside counsel processes. When it comes to selecting and retaining outside counsel, the vast majority (79%) 2 of legal departments now do two things: 1. Investigate law firms' information governance strengths during Request for Proposal competitive processes, and 2. Once won, solidify terms of the relationship by creating contracts called Outside Counsel Guidelines that stipulate the firm's processes and sometimes technologies regarding data protection, billing, matter staffing, and more. Internally, law firms have been challenged to get buy-in for information governance. The process has required too much manual effort by end users and the business case, or the 'what's in it for me,' was not sufficiently strong. It's no surprise then that even the information governance initiatives that did gain traction were susceptible to being tabled, delayed, or even abandoned amongst a morass of conflicting priorities. In the era of RFPs, OCGs, GDPR, CCPA, and other acronyms — the "what's in it for me?" is now tangible: it can be the difference between "win" the work or "lose the work"; it can be "breach of contract"; it can be fines of up to 4% of total revenue (GDPR) or $750 per California (CCPA) resident 3 (there's 39.56 million residents in the state of California). Our Current Processes and Technologies Are Not Sustainable Unfortunately, this potent cocktail mix makes our current processes dead on arrival. We don't know where the data is. There's too much in too many disparate repositories. It seems obvious to point out that we can't leverage our policies and processes if we I N F O R M A T I O N G O V E R N A N C E N I R V A N A I S R E A L , A N D I T ' S A G A M E - C H A N G E R Organizations should be thinking about how to position their data as a corporate asset to extract their data's value and derive actionable insights.