filetrailblogbanner.jpg

Blog

Information Governance for Law Firms - Why IG Compliance Isn’t Happening (Part 2)

information governance, Information Governance Software

Information Governance for law firms - why IG Compliance Isn't happening II

Last week, we launched a 3-part article series about information governance (IG) for law firms. Every year, IG is getting more complex. As a result, even when law firms successfully launch IG programs they are often unable to follow through on implementation. High overhead costs and detailed manual procedures mean that compliance with IG policies isn’t 100%—or even followed at all.

In fact, today there are only a handful of large law firms that are doing destruction of physical records. Almost all firms have ignored disposition of electronic documents for 10 years or more. With all the risks associated with failing an audit, it doesn’t make sense that more firms aren’t compliant. In Part 2 of this series, we explore exactly why IG compliance is such a major challenge for modern law firms.

Regulations make IG convoluted and messy

In the previous article, we covered how industry- and government-regulated industries have impacted IG for law firms, creating the IG revolution we’re experiencing today. What we didn’t cover was how incredibly convoluted they’ve also become. Many information security and governance stipulations are not consistently applied across all data in a legal matter. Oftentimes clients issue different management controls and retention for their client data versus the other information involved in a legal matter.

For example, some clients are requiring law firms to confirm the return or destruction of “client provided data” within 120 days of work on a matter, while other legal matter records may be retained for 7 years. Moreover, many clients are now defining “key data” (i.e., very sensitive client information, such as service account details, employee information or business trade secrets). And, they’re assigning very exacting limitations on it.

These limitations may include who’s authorized to access it, the data’s geographic location, and requirements for IT system controls (such as data encryption). Clients are also stipulating the technology methods used to delete the data from a firm’s IT system and confirmation methods for that deletion.

Law firms aren’t just tracking paper records

In tandem with the complexity of staying IG compliant, there has been a dramatic growth in the volume and types of records that law firms must track and manage. A big reason for this situation is that during the past 10+ years digital information has gotten easier to store. In other words, the volume of data has begun growing at an unprecedented rate. According to some estimates, its compound average growth rate is 61.7%—a rate that’s expected to skyrocket higher over the next decade. Now, not only do firms have to manage and track the retention and disposition of paper records, they must also keep up with rapidly growing digital documents as well.

Today, records and documents are everywhere. Electronic documents are stored in a number of places outside document management solutions: from SharePoint to shared network drives to individual computer desktops. Physical records are stored on-site at numerous branch offices, as well as offsite storage facilities. It’s not hard to see why tracking and managing records in so many different places has become almost impossible. In this environment, effectively instituting and following-through with IG policies is a task that very few firms succeed at.

Most software does not help

Getting a handle on IG can’t be accomplished with a manual system. Ultimately, an effective IG program uses records management as its defining pillar. Today, the goal of an effective IG program is to manage and track all records in every repository. Beyond physical records and electronic documents, this even includes transactional records, such as those found in AR, AP, and ERP systems.

While some firms try to tackle the issue of electronic records by rolling out electronic document management solutions, these systems simply don’t address retention, much less solve the disposition problem across multiple repositories. Ideally, managing retention policies and disposition reviews should be done once, in a single software system. To succeed in today’s increasingly complex IG environment, the best strategy for law firms is to be thoroughly knowledgeable about what IG software is available. Most are not.

Learn about the IG problem

IG is one of the biggest issues law firms face today. IG compliance threatens to overwhelm law firms’ resources, massively reduce productivity, negatively impact reputations, and undermine long-term profitability. Recently, we published an eBook that delves deep into the subject.

Read more: Client Retention Hinges on Information Governance – How Automation Is Making Compliance Possible.

Download the eBook today

filetrail-ebook-jan2018.png

Tagged: information governance, Information Governance Software