Issue link: https://epubs.iltanet.org/i/37773
practices for peer consumption. The complete group holds quarterly reviews, with session topics that have included the results of peer surveys, firm case study presentations and briefings by guest speakers. SHARING EARLY OPTIMISM AND CONSTRUCTIVE FEEDBACK Most of the participants in the Law Firm SharePoint Consortium are already taking advantage of the technology’s intranet and extranet capabilities. And many plan to expand their use of SharePoint in more operational contexts for workflow and practice management. When asked about requirements for full-scale adoption of SharePoint as a DMS in their organizations, participants prioritized several important feature requirements and capabilities: • Confidentiality management and access control • Ease-of-use for lawyers • Microsoft Office integration • Search speed and configurability While SharePoint already provides these capabilities to some degree, many firms expressed the need for some enhancements, along with a desire to further validate that the technology is ready to smoothly integrate within their particular environments. As with any new technology, IT is concerned about user adoption and experience. In this case, the potential to impact lawyer document management practices triggers understandable caution — even positive change can impact short-term productivity and create unexpected headaches. In addition to user experience, the other key area of concern identified by the consortium (as well as other law firms) when considering broader use of 36 Portal Platforms ILTA White Paper SharePoint as a document management system is information risk management. With so much sensitive client and firm information stored centrally, and tools like search bringing greater visibility, organizations must take steps to ensure that suitable confidentiality and compliance protections are in place and effective. MORE INFORMATION ON INFORMATION RISK Law firms must closely manage and track internal access to client information for many reasons. Today, traditional drivers like ethical screens are increasingly overshadowed by client mandates for restricting secured matters with internal confidentiality walls and by regulatory rules mandating strict privacy protections (e.g., HITECH/HIPAA, ITAR, state and international data privacy laws). Additionally, rules like the EU Market Abuse Directive require more detailed tracking and reporting on lawyer and staff access to sensitive financial information. Today, with issues such as WikiLeaks and law firm-related insider trading incidents making news, clients take a greater interest in how their law firms treat their sensitive business information. In the past, representations of professional responsibility and diligence were enough to answer external challenges. But today the world has changed. Consider one recent example of (alleged) insider trading by a lawyer that made headlines this year. Exercising what might be called “prudent criminal caution,” the lawyer did not check out any sensitive documents. Instead, he relied on the ability to view document titles and metadata in the firm DMS. In situations like this where client information is misused or accidents occur, clients and firms risk fines, damage to their reputations and other repercussions.