The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/588021
WWW.ILTANET.ORG 9 identifiable information and health care information. Not all vendors provide adequate security controls to meet these stringent requirements, so firms should ensure that any vendor storing sensitive data has strong protections in place. Ask Your Vendor: Do you provide proper access controls, encryption, monitoring procedures, incident response processes, etc. to comply with HIPAA standards? A firm's data must also comply with an array of internal security policies and client terms of business, including ethical walls, matter team restrictions and client billing guidelines. There is no "one size fits all" security restriction that mobile vendors can utilize to handle all the policies firms have in place, so the vendor must provide the ability to define custom restrictions or, ideally, integrate with the firm's systems. Ask Your Vendor: Can firm administrators define additional security policies or import policies from other firm systems to meet client requirements? Mobile application vendors can sidestep some risks by prohibiting lawyers from performing certain types of potentially risky activity. For instance, a mobile time entry application might not give lawyers access to firmwide client/ matter lists, limiting the risk of lawyers billing time against a matter until they are formally added to the matter team. This reduction of risk can come at the expense of lawyer productivity; limiting risk is paramount, but the application must still provide the functionality lawyers need to do their jobs. Application Delivery: How will lawyers obtain the application on their devices? Many legal technology vendors promote the availability of their application via an app store as a key selling point. This is an attractive idea — it enables firms to offer mobile applications in response to individual requests without going through an enterprise-wide implementation process, but that ease of installation comes with drawbacks. These applications are often unable to integrate data with other firm systems — a capability that typically requires an enterprise-wide implementation. The result is that lawyers duplicate data entry or stopping their work because the information they need is not available on the mobile application. Ask Your Vendor: Can lawyers access all relevant information stored in firm systems from their mobile device? Is data entered on their mobile device propagated back to firm systems automatically? Another complication that arises from app store delivery is how to manage upgrades. Three scenarios typically necessitate an immediate application upgrade: • An operating system update • A security vulnerability • A bug fix or enhancement Firms providing mobile applications directly to their lawyers can respond immediately to these scenarios, but applications distributed via an app store must be reviewed by the mobile platform vendor before the upgrade is made available, which could cause weeks of delays. These delays could be a deal breaker for mission-critical applications where any About the Author Ian Gaston is a Technical Product Manager at Intapp. He is responsible for Intapp Time and has worked extensively with major law firms in the U.S. and Australia. Before joining Intapp, Ian was a senior business intelligence consultant for Roambi, provider of a native data visualization platform for iPhone/iPad. Contact him at ian.gaston@intapp.com. Most legal apps need to provide lawyers with all the features available on the desktop version and real-time synchronization with the desktop application to ensure the availability of data across devices.