Issue link: https://epubs.iltanet.org/i/74024
www.iltanet.org That's why some firms choose to implement software- based delegated administrative capabilities that allow lawyers who are overseeing specific matters to designate other lawyers as team members. These members are automatically added to the permitted access roster without delay or involvement from risk or IT teams. Firms should think carefully of when, how and how broadly to enact a distributed administration model. Software can address all of these real-world complexities. With so much choice and flexibility, however, firms can struggle to chart the best approaches for their environments. This is another area where project management can add significant value. Coordinating a structured planning approach should include leveraging the experience of peers who have already traversed these roads and weighed the pros and cons of various approaches. In practice, firms can benefit tremendously from reviewing and considering the processes other organizations follow and, more important, the factors that informed their designs. Incorporating this analysis into project plans can significantly enhance project speed and success. Several avenues exist for such knowledge- sharing. In addition to external consultants, firms can connect directly to peers through organizations like ILTA and the Law Firm Risk Roundtable initiative. Deliver Training and Rollout Communications: Firms should take special care to adequately train users who are responsible for implementing confidentiality policies. In most cases, this means working with risk teams to ensure they are educated about any revised policies and practices and trained on the specific functionality of the technology in question. Training should also cover any changes affecting technical administrators of information systems like document repositories. Rollout plans should also include broader communications to lawyers and secretaries about the underlying drivers, updated procedures and ongoing expectations the firm is implementing as part of its confidentiality initiative. Distribution of an "FAQ" or other summary material is advised. In some cases, firms also 26 ILTA White Paper provide users with a list of confidential matters they are working on by surfacing this information through an intranet portal. In addition to highlighting when and how new restrictions will be put in place, firms should explain how access requests to confidential matters should be handled once information is secured. For instance, should such requests be managed directly by the matter team, the IT helpdesk or a central risk team? Coaching helpdesk staff about common questions they should expect from lawyers and staff, and appropriate responses, is a key practice for addressing unforeseen situations. Lawyers often turn to the helpdesk first when they find themselves blocked from accessing specific information, so make sure they are trained on how to respond to these often demanding requests, which may include involving predesignated points of contact for escalation. People Rise to the Occasion Modernizing firm confidentiality practices can be challenging. Organizations are sometimes reluctant to undertake initiatives that require new investments or change work processes. But the costs and implications of failing to respond to modern information security risks and address new compliance rules are too significant to ignore. As firms are increasingly embracing more thorough approaches to information security, they have created stricter de facto industry standards. The bar has risen, and court, client and insurer expectations have risen in response. With a clear framework in place that focuses on the human as well as technical elements of an information security implementation project, firms can effectively protect themselves and address the evolving requirements they face.