Clients demand more of firms on data security

The increasing focus on data security and privacy, which permeates all levels of the business community, is starting to force the pace of change in the legal profession.


David Ray, a Director with the Huron Consulting Group, highlights the efforts law departments, law firms, and other service providers are making to protect sensitive and confidential data. He says that 'By nature, the legal industry deals with a large amount of potentially sensitive information, and as a result, data privacy is becoming increasingly more important.' The legal profession has seen itself as 'somewhat immune to these issues. However, the increased overall focus on privacy and recent data breaches is affecting the legal sector just like any other. Law departments, law firms, and legal vendors are recognising this growing pressure and have started to make changes accordingly.' According to Mr Ray, a data privacy and security expert, the five biggest trends in data privacy in the legal industry are in the following areas: 

Law departments are getting wiser.

Law departments are becoming increasingly more involved with privacy issues as well as data breach responses and, accordingly, becoming wiser consumers of external legal services. Unsurprisingly, they are placing the information governance practices of their suppliers under much greater scrutiny than ever before.

Vendor Information Governance Scorecards

Law departments are more often using metrics and scorecards to evaluate law firms and legal service vendors with the expectation they can meet or exceed the same privacy and security practices expected from non-legal service providers elsewhere within the organisation. Scorecards allow organisations to know that the information that goes outside their walls is secure and protected by the appropriate practices.

Law firms see opportunity rather than a threat.

Law firms seem to be responding to these heightened client demands and seeing them as a differentiator when competing for business. Demonstrating an ability to deal with sensitive and often high-value matters from an information perspective makes sense.

Legal vendors are playing catch-up 

Legal vendors are largely playing catch-up in data privacy issues. For a long time, the tools they provided for legal services were narrow. But now legal vendors need to rise to the same challenge. Additionally, these vendors need to design both the software and processes with privacy in mind, consulting the “privacy by design” principles before they become hindrances to the sale of services.

Data privacy is fast moving.

The most important consideration when dealing with privacy and security is understanding that it is an evolving field. The definitions and laws are changing, both within the US and abroad. Everyone in the legal industry needs to be prepared for change and to be flexible. The laws today may be different in two years, so planning with that in mind is critical. Source: Huron 

Email your news and story ideas to: [email protected]