LAWTECH The Law Technology Magazine
Issue 1 | October 2014
IT + Legal = Efficiency The right to be forgotten examined...
Knowledge management in the spotlight...
The missing link in legal IT...
alb
Business Solutions
Advanced Legal
www.advanced-legal.co.uk 0844 815 5575
The complete practice solution ALB - the fastest growing PCMS in the market - is a single, fully integrated, system that delivers everything your legal practice needs to improve productivity and grow in today’s competitive market. Improve client engagement Unify matter management and legal accounting Ensure firm-wide compliance and risk management Drive business efficiency with automated processes
CONTENTS
10
24
32
REGULARS 5
News – All the latest in the industry
BETTERBUSINESS 14 28 32
How Management Software Represents the Future of Law Firm Evolution Understanding the Importance of Legal Management Software Controlling Access To Company/Client Data Held in the Cloud
CASESTUDY 6 24
Lawfusion Finds its Niche in a Norwich Law Firm Divorce Negotiator Helps to Ensure Amicable Divorces
ITSYSTEMS 36
Understanding the Benefits of Cloud Computing in the Legal Space
LEGALTECHNOLOGY 10 18 40
A Merger is a Great Opportunity to Optimise CRM How Management Software Can Advance Your Legal Firm’s Efficiency Probate Software – Four Key Considerations
OPINION 8 20 22 38
The Right To Be Forgotten – Will it Work? Law Firms Must Find New Ways to Protect Their Sensitive Data The Missing Link in Legal IT The Digital Challenge of Dealing With Domestic Violence
LAWTECH October 2014
3
FOREWORD
Publisher: Partha Goswami partha@lawtechmagazine.com Editor: Steve Gold steve@lawtechmagazine.com Advertising Sales: Ian Titchener ian@lawtechmagazine.com Design: Bold Creative andy@lawtechmagazine.com The views expressed in the articles and technical papers are those of the authors and are not endorsed by the publishers. The author and publisher, and its officers and employees, do not accept any liability for any errors that may have occurred, or for any reliance on their contents. All trademarks and brand names are respected within our publication. However, the publishers accept no responsibility for any inadvertent misuse that may occur. This publication is protected by copyright © 2014 and accordingly must not be reproduced in any medium. All rights reserved. ISSN 2055-6608 Printed by Buxton Press Limited, Palace Road, Buxton, Derbyshire SK17 6AE Arjun Media 26 St Thomas Place, Cambridge Business Park, Ely, Cambridgeshire CB7 4EX Tel: 01353-644-056
4
LAWTECH October 2014
A warm welcome to the first issue of LawTech Magazine
E
ffectively marrying the law and technology is no mean feat, especially since IT systems have been accelerating down the technology turnpike for more than two decades. I well remember my first business computer system - plunked on my desk when I was an NHS Senior Auditor in the late 1980s along with the instruction that, ‘we need software, but there’s no budget for it Steve…’ I also remember my contract law modules - which formed part of my accountancy and NHS professional examinations in the late 1970s and 1990s. Both the law and technology – as sciences - have moved on immensely since those days, of course, but what I am finding is that there are two types of computer users in the 2010s - the pure user and the technically savvy user. It’s broadly the same with cars - a recent analysis by the AA revealed that less than 10 per cent of motorists could even begin to spot the systems under their car bonnet.
But whilst you can call out the AA, RAC or Green Flag person to rescue you from a car breakdown situation, there is no equivalent in the law business - if you don’t understand the basics of computers, then you will be struggling to profitably using a computer as a part of your legal profession business. This is where LawTech Magazine enters the frame. I’m hoping that, through an informative and entertaining mix of relevant news, features and case studies, to raise your awareness of how technology can make your life easier and more efficient in the legal profession. I don’t expect you to find every feature in LawTech useful, but I hope that the bulk of the content will help you raise the bar (pun intended) on your understanding of the IT and legal professions. I also hope you enjoy this, the first of many issues of this magazine. May all your legal and IT problems be little ones. Steve Gold Editor - LawTech Magazine
NEWS Dentons has issued an updated advisory on EU legislation and cookies that are used on Web sites. The law firm advises that a ‘cookie audit’ should be undertaken with the assistance of IT departments/specialist legal advisers. Cookie audits, says the company, should include a review of the types of cookies used by the web site, the life span of such cookies and how intrusive the cookies are. Once the company understands the cookies that its Web site(s) use, Dentons advises that it must then consider the options available to it in order to comply. The ‘strictly necessary’ exemption should also be considered, says the law firm, and companies should look to local regulator guidance – as well as the WP29 opinion - when applying this exemption. Interestingly, the law firm says in its advisory (published on the Lawyer Web site) that the deadline for compliance has expired in many European jurisdictions, meaning that companies must act quickly to avoid any possible enforcement action. http://bit.ly/1DvIFCF Legal Publish, SaaS (Software-as-aService) content management and marketing platform, has taken the wraps off a SaaS-based CMS system for law firms. At the core of the service is the Legal Publish CMS, a secure Web content management system that provides high levels of customisation and system integration. Surrounding the CMS is a suite of valuable add-on marketing services, such as SEO, social media marketing, and Google AdWords campaign management, which the firm says will assist in marketing. Eric Diamond, the firm’s CEO, said his company has worked with some of the leading international law firms to provide platform and marketing solutions. It has found, he explained, that they were all looking for a better solution for managing their Web content and marketing efforts than the complicated, rigid, proprietary platforms they had been tied into for years. Legal Publish, he added, was created to provide that very solution. Built on top of an open source framework, the Legal Publish CMS is billed as being usable by non-technical users to easily deliver a compelling content experience. Out of the box the Legal Publish CMS
includes a variety of law firm-specific features such as pre-built content types; relational crosslinking of content; multilingual capabilities; and integrated email marketing. The service also includes a custom-built proposal generator which enables firms to leverage content from their website and external sources to create powerful branded proposals and marketing materials.
and client records for marketing purposes. Plans also call for the mailshot and bulk email facilities within Lawfusion to be expanded to provide new features, such as an intuitive graphical interface for mailshot/bulk email design, reporting on email open and link click-through rates for campaigns. Users will also have the option to schedule email campaigns to go at a specific time.
www.legalpublish.com
www.selectlegal.co.uk
RAVN Systems has released RAVN Manage 3.6. The software is billed as a tool that manages an organisation’s enterprise organisations to be more efficient in managing critical search and other applications. According to the company, RAVN Manage 3.6 has increased functionality including a new version of RAVN Manage REST API, allowing the viewing and editing of configuration and service states. The software also has a new integrated online documentation feature, which it says makes it easy to see API requests and responses. The new version of the software has the ability to create new service types by cloning existing ones in the new `service types settings’ view. The application also supports an updated engine settings view, which RAVN says will enable a clearer view of which drivers are enabled for each service type.
Football fans’ excitement as the long, dark days without top-class football finally ended with the start of the Premier League season in mid-August, but was muted by an announcement from the Premier League that it was going to “clamp down on fans posting unofficial videos of goals online.” One of the trends of the World Cup this summer was the saturation of unofficial clips of goals posted online by people simply watching games on their TV at home. According to Dentons, the law firm, if you were not fortunate enough to see James Rodriguez’s stunning turn and volley for Colombia against Uruguay, no doubt you were able to catch a clip of it on your mobile moments later from a friend through Vine or Twitter. The law firm says that the instant accessibility of content is no doubt a positive for the fan, but it also presents somewhat of a problem for rights holders chasing that elusive pot of gold at the end of the digital-rights rainbow. The law firm notes in its analysis that the Premier League is in the middle of a threeyear deal with News International worth £20m and which allows News International titles to present near-live clips of key moments in Premier League matches. Because these clips are normally placed behind a pay wall by News International, Dentons says in it’s advisory (published on The Lawyer Web site) that - with consumers able to access free unofficial clips on social media platforms - the value of these rights to both News International and the Premier League is in danger of becoming significantly diluted.
www.ravn.co.uk Select Legal Systems has announced that work has begun to extend the already powerful capabilities of Lawfusion’s marketing and CRM module. The company says that enhancements planned for later this year include contact screens that are significantly revamped to make them even more powerful and users will be able to manage sales and marketing tasks outside of case management, against relevant contact records, as well as to progress, manage them and record history. The software is also being updated with a campaign results manager screen with configurable views, whilst sales and marketing professionals in law firms will be able to add bespoke fields to contact
http://bit.ly/1DvKfER
LAWTECH October 2014
5
CASESTUDY
LAWFUSION
FINDS ITS NICHE IN A NORWICH LAW FIRM How a leading East Anglian law firm tapped the power of case management software to boost efficiency and allow fee earners to maximise their control on cases
Challenges
Cozens-Hardy has been practising law for more than 100 years and has developed a solid reputation of integrity and high standards. Already well known for its expertise in business law - and boasting the largest specialist residential conveyancing department in Norfolk - the firm has also been praised for its high-profile work in employment disputes – particularly in the area of redundancies. Cozens-Hardy LLP’s 40-year old family law department is famous for the successful handling of many highnet-worth divorces and the firm has an APIL accredited Personal Injury team acknowledged for handling claims in excess of £1 million for clients with traumatic brain injuries. To manage all of this, their case and practice management software is extremely important to them.
Going residential
It is not business-to-business at the law firm. For the general public, CozensHardy LLP boasts the largest specialist residential conveyancing department in Norfolk and the firm has a highly respected Trust team too. 6
LAWTECH October 2014
According to David Taylor, the law firm’s partnership secretary, after 15 years with Norwel, the management team made a decision to go to market for a new legal case and practice management system. “As the only Norwel user in East Anglia we felt somewhat isolated. Also we wanted a software supplier who was more in touch with the needs of firms of our size,” he explained. “In our experience many case management systems sound amazing in theory. In practice though, despite all good intentions, it hardly ever turns to be as easy as anticipated. So we were looking for case management functionality that could be tailored to our specific needs. It sounds obvious, but it was important to find software that our fee earners would actually use,” he said. After a lot of research Cozens-Hardy LLP got it down to a beauty parade of three packages and Lawfusion from Select Legal Systems became their system of choice. Select Legal implemented Lawfusion Accounts and Case Management for Cozens-Hardy LLP across 61 desktops for the Practice in 2001. This included Lawfusion’s generic workflow templates for case management.
More than a decade on, Taylor recalls why Cozens-Hardy LLP selected Lawfusion above the rest. “Firstly, Select Legal offers different editions of Lawfusion for different sized firms and it was clear they were working closely on a daily basis with many other practices of our size. They also demonstrated to us that they understood the business needs of a high street practice like ours – which was incredibly important to us,” he said. “Secondly, we were very impressed with the flexibility of Lawfusion’s case management. It was clear it could be tailored easily to our specific needs,” he added. Thirdly, says Taylor, as a successful software provider to the legal profession for many years, Select Legal has been around since the early 90s. This, he adds, gave his team peace of mind that CozensHardy had chosen a software partner that was here to work alongside the law firm for the long haul.
Five business benefits
Cozens-Hardy LLP was asked to list the top five business benefits the Practice is seeing as a result of using Lawfusion to run the business:
CASESTUDY
1
Lawfusion gives fee earners the flexibility to keep control
As David Taylor explained,“The Lawfusion case management software has been a real winner for us. This is the first time our fee earners have ever used any of the case management software we as a Practice have made available to them. It was important we didn’t take control away from our fee earners. They needed to be able to continue to run their cases in their own individual way, with their own pre-set texts, letters and documentation. Lawfusion allows fee earners to drive cases in their own unique manner. It is an enabler. There are no annoying and meaningless prompts.” Lawfusion, he says, is incredibly ‘fee-earner friendly’ and is the only case management software he has ever worked with that does exactly what it says on the tin.
2
Increased productivity
Prior to the Lawfusion implementation the ‘secretary to fee earner ratio’ at Cozens Hardy LLP was 1:1. Since implementing Lawfusion, the ratio is significantly lower at 2.5:1. Philippa Rudd, Principal Solicitor for the firm’s Residential Property Department said, “We find that Lawfusion helps us to work more quickly and efficiently in that it automatically produces letters and reports for us. We find fee earners who rely on the system work far more productively.”
Lawfusion in the spotlight
3
David Taylor, the law firm’s Partnership Secretary explained the consensus of opinion amongst Cozen-Hardy users regarding the consistency they get with Lawfusion. “The intuitiveness and flexibility evident in the case management side of Lawfusion is also available throughout the rest of the Lawfusion package. Many legal and case management systems around today, I have found, tend to ‘pour like water but set like stone.’ This is not the case with Lawfusion – we have the freedom to shape the software to the way we want to run our Practice and this is extremely refreshing,” he said.
4
At last case management software our fee-earners can actually use
Consistency across the whole package
Continual development
The team at Cozens-Hardy LLP is particularly pleased with the way Select Legal embraces new technologies and trends in the use of technology. A good example of this is the SMS text messaging functionality the conveyancing team is using through the Lawfusion case management. Residential property clients are automatically sent text message updates regarding time critical events such as – exchange of contracts, to acknowledge completion dates as well as general updates. They particularly like that these client text messages are saved to the clients’ case management files in Lawfusion for future reference.
Cloud vs on-premise - With Lawfusion Direct, Select’s cloud based option, users get a full suite of practice management software as well as all the fully integrated Microsoft Office and Exchange products running from the Lawfusion cloud. But if having Lawfusion on your own in-house servers works out more cost effectively, Select Legal Systems says it can deliver an on-premise option instead. In fact Select Legal has hundreds of happy users in both camps using Lawfusion to run and grow their businesses. Lawfusion is the software of choice for over 160 UK law firms and is flexible, intuitive - and represents excellent value for money providing everything a law firms needs in today’s demanding marketplace. The offering has powerful legal accounts and case management software at its core, but includes many other modules including
David Taylor, Partnership Secretary, Cozens-Hardy LLP
5
Outstanding support
Helen Lawrik, IT Manager for Cozens-Hardy LLP said: “What we have with Select Legal is a true partnership. The support team is excellent and very consistent, especially when I analyse the complexity of some of our requests we pass their way. They are always on hand to investigate and provide timely advice and guidance. I also use Select’s Support Web site regularly – an excellent knowledge base with many useful documents and articles.”
Conclusion
Steve Dixon, Development Director and Joint Founder/Director of Select Legal Systems had this to say: “It is very encouraging to know that the effort the development team at Select Legal puts into the software in terms of making it user friendly and fit for purpose is making a difference to our clients.” “Cozens-Hardy LLP is an excellent firm with a strong team of highly respected lawyers. I am delighted to hear that our software is making their lives easier, their days more productive and their processes more efficient,” he said.
legal billing, time recording and marketing software that has, of course, been designed specifically for law firms. Lawfusion comes in three specific editions: Standard - designed specifically for the larger and / or multibranch law firm Small firm - providing all of the rich functionality of the standard edition, but specially packaged for the small but growing law firm Solo - a single user system, ideal for the sole practitioner or start up firm www.cozens-hardy.com
www.selectlegal.co.uk
LAWTECH October 2014
7
OPINION
THE RIGHT TO BE FORGOTTEN -
WILL IT WORK?
8
LAWTECH October 2014
OPINION An undergrad’s view on the European Court’s latest Web ruling By Olivia Perry, Undergraduate in Human Sciences, UCL
Introduction
My expertise and understanding on Internet privacy goes as far as adjusting my settings on Facebook to ‘just friends’, but I have always been wary of online presences and enjoyed the perks of an extremely common name. However, I have no need to fear, as now there is a ‘right to be forgotten’ law to help manage your online presence and privacy Now as I am merely 20 years old and have yet to become an expert in any subject, I am always very aware of my naivety regarding subjects I have no extensive reading on, nor read interviews or attended lectures from industry experts. Nevertheless, one BBC article - dating back to 2012 - quoted a spokesman for the UK’s Information Commissioner stating that this ruling was, in 2012 at least, aimed at young people to help manage their online presence. For this reason, I am this ruling’s target audience, so this is my opinion on the rulings.
Research
After researching the issue from news articles (mainly from the BBC, the Guardian newspaper and alike) this is the subject as I understand it: A new European Court ruling means that for any information online about an individual that is irrelevant or outdated the subject can have his or her link removed from a search engine such as Google. Hence, you can now fill out a Google search removal request form asking to remove a result from a Google search that includes your name, in which based on the new laws infringe on your online privacy. But this is not automatic and for any request that Google receives, as they state on their form, they will “balance the privacy rights of the individual with the public’s interest to know and the right to distribute information” before removing any link from their search engine. These rulings do not have the effect of removing all links from search engines forever - because this is a European ruling and all the effects are limited to European searches. Hence if you simply go onto google.com instead of their European equivalent, you will be able to find the ‘missing’ links. With this new ruling some people are arguing that you could regard this as an infringement on freedom of speech, or that it is Internet censorship. And to be perfectly honest, when I first heard of this law, it was presented to me as Google taking down articles people didn’t like about themselves, which my thoughts did assume would amount
to restriction on free speech. Web sites have even been created in response to this new ruling by publishing the links that Google have removed. One of the questions you could then ask is what types of articles are being removed? What is defined as irrelevant or outdated information? The issue which resulted in the European Court ruling was a Spanish man complaining that an article about an auction of his house 16 years ago to recover his debts came up whenever anyone searched for his name.
Online forums
Many people on some of the online forums that I have read, write about issues such as removing articles, which are uncomfortable for paedophiles or other criminals. However, Google does reserve the right on their online form that “we may decline to remove certain information about financial scams, professional malpractice, criminal convictions, or public conduct of government officials.” I am also quite aware I am slightly biased within this subject matter. I do have exposure to a leading charity which helps people who are being stalked, and they know of many instances where the stalking victims have had fake profiles made of them, and I can really sympathise why someone in that position would want a link to such a fake profile removed from Google. Also I was a teenager who grew up surrounded by the joys of the Internet and social media sites, yet I had no real idea that if it’s on the Internet it’s on there forever. So, although I was more wary about my online presence than average, I can really sympathise with those youngsters, as stated in 2012 the law was aimed at, who want to forget their online footprint left behind from their teenage years. Is this new legal ruling a censorship restricting freedom of press, or a modern day privacy law keeping in times with the Internet generations? As the law was only `clarified’ earlier this summer (just gone), it will be interesting to see in a year how well it’s been implemented and the consequences of this ruling becoming clearer. Much of the focus has also been on Google, so it will be interesting to see the responses from other search engines to this change too. http://en.wikipedia.org/wiki/Right_to_be_forgotten LAWTECH October 2014
9
LEGALTECHNOLOGY
A MERGER IS A GREAT OPPORTUNITY TO
OPTIMISE CRM Getting all your IT ducks in a row. Gina O’Connell explains how a law firm merger offers IT opportunities By Gina O’Connell, Client Advisor, LexisNexis Enterprise Solutions
Introduction
The merger and consolidation trend in the legal sector continues unabated. According to accountancy firm, Wilkins Kennedy, in the last year the number of law firm mergers grew by 65 per cent. Many firms view a merger as an opportunity to competitively position themselves against Alternative Business Structures and expand across borders. The smaller to mid-sized firms believe that a bigger entity is in a stronger position to exploit new business opportunities and grow. So if business growth is a key driver for mergers, merging firms would do well to take a strategic approach to amalgamating their marketing and business development machineries early on in the merger. In the last 18 months, I have personally been involved with numerous projects to help law firms merge the contents of their CRM (Customer Relationship Management) systems to establish a structured and coherent function. I find that those firms that take a premeditated approach are the ones whose marketing and business development teams hit the ground running, capitalising on their strengthened position faster. 10
LAWTECH October 2014
Different ideas
A merger situation requires different ideas, culture and capabilities to come together seamlessly, driven by a fresh set of business goals for the new entity. To enable the CRM function to support business objectives, a meticulous approach is necessary. First and foremost, there is a need to define the firm’s post-merger CRM requirement. This entails determining how many staff members need access to the solution, does CRM need to be centralised and if so, in which location, what level of functionality the firm will need for marketing and business development, and the like. Similarly, it’s critical that the CRM project is properly scoped. Most firms use multiple business systems and a merger is a good time to integrate the CRM system with the new entity’s practice management, e-billing, e-marketing, business analytics, news, conflict checking and human resource management systems. This will allow the firm to leverage CRM for strategic business development – an integrated business environment coupled with powerful intelligence on clients, prospects and contacts provides insight into the firm’s most profitable clients,
which clients offer opportunity for organic growth, and even an analysis of existing unexplored expertise for new focus areas. Such integration is not always easy to do as it depends on the IT infrastructure the new entity has. IT infrastructure incompatibilities often need to be resolved in order to properly combine two CRM systems. For example, the individual firms may have been using different versions of Microsoft Outlook and different business and CRM systems too. So prior to merging the CRM function, determine which systems and version will stay, whether new workflows need to be created and if any of the systems need to be re-engineered. This is the perfect opportunity to make such modifications for long-term gains. If substantial IT-related activity is required, there is value in outsourcing key aspects of the project to external parties. Often, third parties and suppliers are more cost-effective in the long run. Technology suppliers and integration consultants have the expertise, experience and manpower to undertake such projects more efficiently – after all, it is the mainstay of their business. This then allows the CRM team to focus on the more strategic aspects of
LEGALTECHNOLOGY
the merger such as scoping the business development tactics, determining the data strategy and articulating data entry guidelines. Secure a budget for the CRM project based on a solid business case, clearly outlining how the function will support the achievement of the firm’s objectives. Make the budget comprehensive – include all the resources that the team needs to implement, track and support the firm’s marketing and business development goals. This means that things like cost of professional IT services, outsourcing costs, data cleaning, system health checks, new hardware and software, staff training and contingency expenses must be included. In fact, don’t hesitate to speak to your Client Advisor at your CRM solution provider to help determine a realistic budget and activity timeline. The solution provider knows the system best. By undergoing a detailed budgetary process, firms often find that post the implementation they are able to demonstrate ROI for the activity in quantifiable terms, which in turn helps in securing future spend too. Fundamental to all the above is a clearly structured CRM project team. A dedicated project leader with the freedom to select a dedicated team is more likely to deliver good results.
Focus a fair amount of effort, budget and time on data quality and the database
The project leader then also takes on the responsibility to deliver the work, on time and to budget. Crucial to any CRM project is that it’s not treated as a technology project, but a business assignment. In addition to IT personnel, include professionals across all levels of marketing, business development, fee-earners, support, personal assistants and finance.
CRM’s lifeblood: data
Focus a fair amount of effort, budget and time on data quality and the database. The quality of the relationship intelligence and insight that a CRM system throws up hinges on these. The ideal scenario is of course a single database for the entire firm, but there are challenging decisions to be made. For example, which database must become the master? This will depend on the version numbers in use, and which of those database versions are most customisable and easily integrated with other systems such as Microsoft Outlook, practice management system, news and content, etc. Furthermore, this is also a good time to think about any new elements that should be incorporated into the merged database, such as mobile CRM. Even well maintained CRM systems require periodic data cleaning. Prior to merging systems, undertake data LAWTECH October 2014
11
LEGALTECHNOLOGY
de-duplication and database reconfiguration to reflect the requirements of the new organisation. You will be rewarded with user adoption, which among other things also depends on the usability and quality of data residing in the CRM system. Winning back users post poor experiences of using the CRM system can be an arduous task. When merging the CRM systems, think about the data structure that best meets the requirements of the new firm. Plan this from the start. Similarly, clearly define the new data entry guidelines on which contacts (based on the new entity’s business focus areas) should be added to the CRM system, how new contacts should be added and how future edits to contact must be made. Most importantly, ensure that a Data Protection compliance policy is in place for the new entity. Mishandled data can have serious repercussions for the firm and employees, but also for clients. Privacy breaches can lead to financial penalties of up to £500,000, damaged reputation and loss of client trust. Only recently, the Information Commissioner’s Office (ICO) issued a warning to barristers and solicitors to keep personal information secure, following a number of data breaches reported to the ICO involving the legal profession.
Swiss Verein
Many multinational professional services firms follow a decentralised Swiss Verien structure to limit their accountability. 12
LAWTECH October 2014
This means that their operation/contracts are only bound by local regulators and any issues arising in one region does not impact business in others. However, from a CRM standpoint, such an approach impacts data sharing – diminishing the benefits of a centralised CRM function to support the achievement of business goals. In a merger situation, it is advisable that the new entity revises its contract for its CRM solution that extends across the firm. The CRM vendor can then provide new licence keys for usage across the geographies in which the merged firm operates and the contract can be strategically optimised for business expansion.
Win over users
Firms that incorporate change management, communications and training as key elements of the CRM project during a merger, see most successful adoption of the discipline. Also, many CRM projects fail due to a lack of understanding on the part of the user base as to why or how the new software should be used. Engage with staff right through the implementation of the merged system to secure their buy-in. From the start, let them know ‘what’s in it for them’ and how the CRM system will help them perform their roles more efficiently, enabling them to meet their professional goals or KPI’s (Key Performance Indicators).
Devise an internal training programme that addresses the requirements of users by department and role type. The usage requirement of a partner will be different to that of a marketing professional and a data steward. Also, use different training formats. For example, a 45 minute demo focussed on relevant functionality for fee-earners may be suitable for partners, but data stewards will better benefit from a fullday, hands-on training to give them a real feel for the system. Access to training materials such as eLearning modules, FAQs, WebEx sessions and the like is a good way to support the system’s adoption. ‘Walking the floors’ when the merged system goes live always works well. It also allows the project team to gain valuable feedback to fine-tune the system. Given the current competitive business environment, there is almost impatience among law firms to grow. A merger is seen by many firms as providing a nearinstant fix (metaphorically speaking), but thereafter, they must be quick to capitalise on their new position to achieve business goals. A well-structured, well-resourced and well-executed CRM discipline poises newly merged entities to undertake marketing and new business initiatives alongside proactive client management to quickly consolidate their position and grow. www.lexisnexis-es.co.uk
LAWTECH
THE PERFECT FIT FOR YOUR LEGAL PRACTICE
W
hitiae volor repe illatem. Itatumet molorem rem esti omnis ea nam, commod ma quation Atculloressita Linetime, siweomnis believe bylaccum listening to our customers quaethat omnit and by reacting as their requirements change we have et hicae pelit ulparum quunt eat quodi helped transform the operational od ut intocullibus, quatiam es et repedi efficiency of some of the UK’s foremost law firms. Our Liberate suite of software consequi dolore dolupta turiae incto is has many “off the peg” components which can be further doluptiae. Bor sinimus dolor si blandit tailored to the individual needs of the user. As well as estrum intwith quisciti nectatem quas we id ullaut assisting their daily tasks also help and improve digenduciat rem volor ate volor renihilist the overall efficiency and profitability of their practice. cumlooking nem videstis venduciet Soaut if mi, you’re for aalegal software supplier that lique que voluptat veliquia dolutatem re provides a tailored fit then look no further. Call us now. pa acerion sectiscil ma nostrum quatini inctibus. Management Practice Ut eumqui iliquatum eicima quiscitis magni deleseq uuntiam excearum volorep Case Management elenduciust, et enecaborro isti cus sed modis excea voloriam eum voloribus, Business Intelligence necture ntibusandis est, officipsunt et officium eum asi de vellorro consed mod Online Case Tracking denducid quo omnihit doloren dandaep modioriberit es eost, et essimperion eribus as sa site illesto cum lam fuga. provit facernam nis quatus quatur, unti Online Payments Henestruptae netur aut pa ditatur, sin untions equata alicidel ilis mos volupta necest, consequ isciam. tatur, asinus saereperum eresecerunt eos Client Relationship Management Minciuribus eatia illam, utatest, autatectur? sitatur, nimagni hicium ressequiatem Abo. Sim elest essum est mint liciis Matter Budgeting nulpa sitia volor audae dolorpost pelit pa plaut eosant pellam aut dolorunt. aborumq uaecabore, autemol uptatur Oluptati sime cum, officipsam etur? Debt Recovery siminciumet eum ipsam ape volecul Obisquas as eosanimus. Gendebit labore pores et de quis et qui odi ullum eumconsed mod modioriberit es eost, et lam, ut faceatiosam adit, officiis mi, toreic essimperion provit facernam nis quatus te apiciis eumquibus rem faccum expla quatur, unti untions equata alicidel ilis dolo temquam, sitatur, tem voluptate mos volupta tatur, asinus saereperum volorepudi idunt, ut etur solecatem ius eresecerunt eos autatectur? expe natis disim fugit, con nonsequo Abo. Sim elest essum est mint liciis eium cum iunt aut is Uptati ut ut que pa plaut eosant pellam aut dolorunt. evendae vid et iur? Um quam si berio. Ut Oluptati sime cum, officipsam etur? eossimusant elitem est, quunti bla et aut Obisquas as eosanimus. Gendebit eum www.linetime.co.uk reperum ex enis alitati berior aperioribea fugiatur aut omnis in consequam fugia
Made-to-measure software
CALL 0113 250 0020 info@linetime.co.uk
esserit ionsequi coreptaturem sam, corem facere volore oditem quiant. Tem sunti nonet es commoloriti oditatendunt quaercia ditentur sequi dolent as esseque sam, illoribus verum sequas qui que nis doluptaquo volest, consecus am, ium quae doles est, escienetur simaximus quo beatur aut quassum imusam rest, quam quostibus, to optat volore pla nume dollatisqui quos maio ipienem quodit faccum ipsa sequas volupiet quibus et estius quatemp oreperest voluptas veritio nsendes simodit, sequas quamet utem cupid mincipsam eveliquo ipictem et erro eat lam res quatem hilloraes moloresse dolupit atemquas doluptatint fugiam ium lab is quos int, optiber natiorehent ventorio. Aborehent quam, te consecte pelecatem quostrum qui rent quatius aperum quiam ium voluptatiat accupti usandiatis nobitas esequam quid modiaernam de cum quo doluptation corerum si consequia am harum et volenitatur a quis eniti aliam quis volendi arum fuga. Nam sunture, ut laborectum volessequunt a sectibus molorum quamuscitiae ides voloria doluptae. Et Olest faceris que conseri oreicipsam, estisciis rest, voluptatem. Nequi dolore verore comnimolum auda vid utectia pa audist, qui sequi nonsed maximolum liquam, omnihil in rem ate ne venditatur? Sant expernam exersperitas mod que porernaturem ut apel magnati beribus aceperum que occus veles ellorro minusdae verferf erspel maximolut accabo. Borendebis esenis molum nos ius, qui blacest, que aditis eos etur, sendit plita nis rae impos nulpa et, ventur
Legal Software LAWTECH October 2014
13
BETTERBUSINESS
HOW MANAGEMENT SOFTWARE REPRESENTS
THE FUTURE OF LAW FIRM EVOLUTION
14
LAWTECH October 2014
BETTERBUSINESS
Corinna Codd explains how law professionals can enhance their approach to knowledge management
By Corinna Codd, Director, Yerra Solutions AG
Introduction
The highest performing law departments recognise the importance of effectively managing their knowledge and expertise in order to increase productivity, reduce risk, and improve the quality and value of the legal support they provide. However, to date there has been no universally recognised standard to enable law departments to gain visibility into how efficiently knowledge and expertise is created, developed and leveraged within their organisations, and to define and implement a strategy to do this more effectively. The KM Code Set, developed within the framework of the Legal Electronic Data Exchange Standard (LEDES) Uniform Task Based Management System (UTBMS), was created to address this problem. It is designed to be equally applicable to law departments at all levels of KM maturity, from those who are embarking on a KM strategy for the first time, to those who have a well-developed KM function but wish to improve one or more aspects of it. It is intended for law firms as well as in-house legal functions – the term ‘law department’ is used in this article to mean both. Following five stages or ‘tasks’ as set out in the Code Set, we explain how an organisation at the beginning of its KM journey can use the framework to develop and maintain a successful KM strategy, and also to track time spent against each activity. The full KM Code Set can be found at www.utbms.com. A key point to note first: it is critical that the scope and definition of ‘knowledge’ is clearly established and understood before the Code Set is applied. An organisation has to decide if ‘knowledge’ for this purpose includes only the key, proprietary, high-value know-how that the legal department would be deeply troubled to lose; or every last draft, memo, letter, research or newsletter produced.
Task 1
Assess and Evaluate the Current State of KM There is always some KM activity going on in an organisation, whether easily recognisable or not. The trick is to track it down, then assess how good it is. It helps if you break up the 5 components of KM: knowledge, expertise, processes, technology and culture. Knowledge - identify items of documented (explicit) knowledge located within your organisation or with external partners (e.g. law firms or legal content providers). Examples would be legal opinions, templates and ‘house’ standard forms, or closing sets. What falls within the definition of ‘knowledge’ needs to have been decided in advance. Test yourself by asking: ‘Do we know what specific items of knowledge are available and where they are located?’ Then comes the evaluation. Ask yourself: ‘Do people in my organisation have access to all the items of knowledge they need? Can they rely on the quality of the knowledge available to them? What (if any) distinction is made between the accuracy and completeness of the highest level of know-how, and other items in the set?’ Expertise - identify unformalised (tacit) knowledge located within your organisation or with partners. This means defining which people have what skills and expertise, and how they are connected together. Then ask yourself: ‘Are we satisfied we have the right skills and expertise available, and at the appropriate levels? Processes - identify what processes exist to enable knowledge and expertise to be developed and leveraged effectively. Are
There is always some Knowledge Management activity going on in an organisation LAWTECH October 2014
15
BETTERBUSINESS
there processes in place to transform the knowledge in people’s heads to documented, tangible knowledge, which can then be used by others? Do processes exist to facilitate the exchange of knowledge between people, internally and externally? If they do exist, how efficient are these processes? Technology - identify the systems and underlying technology that support the management and mobilisation of knowledge. This could be anything from an enterprise-wide legal document management system to a SharePoint collaboration site. Then ask yourself: ‘Do these systems effectively support the processes they are designed for? Are they fast, reliable, user-friendly and well connected with each other?’ Culture - finally, identify the cultural environment of the organisation relevant to fostering the development and mobilisation of knowledge. Are people encouraged or rewarded for sharing their ideas and work product, or is there rather a culture of knowledge-is-power so that individuals hide and hoard their own knowledge for self-interest? If so, are there identifiable reasons for this? Ideally you should do a benchmarking exercise to map the findings from Task 1 activities against the business objectives of the organisation. If the business goals are innovation, productivity and talent growth, ask yourself: ‘Is our knowledge and expertise sufficient to support these business outcomes? Are our processes and technology of a standard to help drive productivity? Benchmarking against peers and competitors also sets a robust basis for the tasks in the next stage. 16
LAWTECH October 2014
Task 2
Develop Strategy and Plan for Improved Future State of KM Vision The next step is to define and develop a strategy for an improved future state of KM. As with all good strategic plans, you need to start with a vision. The vision should clearly state how better KM will directly contribute to achieving the business objectives. Examples include ‘quicker access to higher quality knowledge that will enable people to focus on innovation instead of duplication’ or ‘better mobilisation of expertise will improve our skills base and attract new talent’. Strategy development - a comprehensive KM strategy will need to consider all the 5 components of KM. It may be that elements of this exist already – e.g. a plan to improve the organisation’s technology infrastructure that includes the systems used for KM. If not, it is helpful to formulate the strategy by asking questions such as: ‘What knowledge do we need that we don’t have and where can we get it?’ ‘What talent are we missing and how do we develop or acquire it?’ ‘What processes should we put in place to enable knowledge and expertise internally and externally to be efficiently accessed and leveraged?’ ‘How do we incentivise knowledge sharing?’ Important also is to define a clear change management strategy that underpins all five other components of your KM plan.
Task 3
Strategy Execution It is often said that execution of a strategy is easy. That depends
BETTERBUSINESS
The next step is to define and develop a strategy for an improved future state of Knowledge Management on how well the strategy is defined. Key success factors include reviewing and validating the plan with key stakeholders, appointing a project team and assigning clear roles and responsibilities, ensuring the ongoing support of an influential sponsor, and most importantly developing a comprehensive communication plan to engage, drive change, sustain and evolve your new KM strategy.
Task 4
Measurement and Reporting The penultimate phase in the KM lifecycle is to measure and report results. This means developing metrics and analytics to quantify the benefits realized from the new KM strategy. Define what to measure, how to measure it, and how often, for each of the five components. For example: How much new knowledge is available? What level of quality is it? How much is being reused and by whom? What new expertise do we have in the organisation? Have better processes improved efficiency or reduced risk (or both). Has a better technology landscape increased speed and efficiency of working? Has an improved culture of knowledge sharing contributed to productivity? Then review the results, report, and assess the impact to judge if different or additional measurements would be better.
Task 5
Maintain/Update New Improved State of KM
Knowledge - knowledge can quickly become out of date, so a continuous review cycle needs to be established, at frequencies appropriate to the level of quality. Think about questions such as: ‘Are we defining gaps where new knowledge is required? Are we capturing know how from current matters? Are we archiving or discarding unused or out-of-date knowledge? Expertise - having the right talent in an organisation is the bedrock of success. Acquiring it is one thing, but retaining and developing it is equally or even more important. Ask yourself: ‘Do we provide skills development opportunities to renew and refresh internal expertise?’ ‘Do we have mentoring and coaching programmes to transfer and retain expertise within the organisation?’
Processes, technology and culture
Similar requirements apply to these components. Processes need to be reviewed to ensure they are still in place and valid, or to simplify them. Technology moves on so fast that improvements are almost continuously available. It is important to remain alert to efficiency or productivity gains that could be generated by an upgrade in your IT. Run a pulse check every so often on the cultural environment to reveal potential roadblocks. www.yerrasolutions.com
The final set of tasks relate to sustaining the enhanced state of KM in your organisation, and are essential to continue to realise the benefits deriving from it. LAWTECH October 2014
17
LEGALTECHNOLOGY
HOW MANAGEMENT SOFTWARE
CAN ADVANCE YOUR LEGAL FIRM’S EFFICIENCY Brian Curtis discusses the digital revolution taking place in case management
By Brian Curtis, Marketing and Product Marketing Manager, Advanced Legal
Welcome to the revolution
Change in the legal market is constant, but it should be clear that the practice management system must be revolutionised to meet the demands of clients. The introduction of disruptive technologies and the concept of the 3rd platform challenges the old ways and will force a change in how practice management systems are created and used. The Practice and Case Management System (PCMS) has, for the most part, remained a constant over the last 20 years. Clients, Cases and Matters can be managed, documents produced, accounts and bills submitted and processes followed. What innovation has been present has been to refine the current solution not introduce a new one. This is largely due to the nature of the market itself which until the recent introduction of ABSs, outside competition and growing regulation has had a very stable firm/client relationship. But as with the consumer challenges faced by the retail, finance and insurance markets during the 1990’s and 2000’s the legal market now has to accept that its client base has changed – the demand for choice, great customer service and modern forms of communication are creating a sea change in how legal services 18
LAWTECH October 2014
are delivered and for the law firm to keep up technology has to play a pivotal part. The arrival of a new technology paradigm will always accelerate the rate of change in a market and for the legal industry this is no exception. The increasing adoption of social media, the pervasion of smartphones and the rise of the cloud have all combined together into what IDC refers to as the “3rd Platform” – and it is changing the way we do business.
A platform for growth
Built on the foundations of traditional IT infrastructure such as the LAN, the internet and Client/Server technology the 3rd Platform is the convergence of four key IT trends; mobile computing, social media, cloud computing and big data into a unified environment that delivers the perfect opportunity for businesses to innovate and grow. Now whilst the 3rd Platform is a hot topic amongst the leading lights in IT and championed as the future of business by analysts such as IDC and Gartner many law firms are asking; “What does it mean for me?”
The new normal
According to IDC, one billion smartphone devices were shipped during 2013 and a further 195 million tablet devices (Gartner) were sold. Mobile devices are
our digital companion, forever on (most of the time) and always with us and now unsurprisingly they are a key element to the legal practice. From email access to appointment booking, and dictation to time capture – the all-in-one device now allows us to remain productive whilst away from the office but the key to its complete integration into the legal workplace is how well the data it produces can be assimilated into the central systems. The most obvious route is the smart extension of existing systems into the mobile space but the debate around Native Application vs HTML 5 solution is yet to be resolved and aside from very specific “point solutions” such as digital dictation there is yet to be a break through application that creates the mobile equivalent of the PCMS. A survey by FindLaw in July 2014 found that three per cent of consumers turned to social media when searching online for legal services. That seems a small number but as the millennial generation start to reach the age when they will look to consume legal services themselves then it is clear that the number will rise. However these consumers are not turning to social media looking for links to sites, they are actively looking for recommendations from peers. The growth of social media has had a
LEGALTECHNOLOGY direct impact on how consumers research their purchases – rather than looking on the firm’s website users now turn to other consumers to gain insight. An active social media strategy will help firms with this but delivering a good, and consistent customer experience will ultimately drive more referrals.
What’s so big about data anyway? For legal firms (even the big ones), not much. Let’s put the term into context:
5.9 billion – the number of searches per day on Google in 2013 1.5 million – the number of requests per second handled by Amazons Web Services Division 9.3 million – the number of transactions per day handled by PayPal With those sorts of numbers it’s easy to see why the term ‘Big Data’ can be dismissed by the legal market, but the point is not the size of the data but the type of data it is, unstructured and outside of a PCMS for example emails. With so much data in emails it’s no wonder firms panic at the mere mention of a formal document request, its one of the key reasons that eDiscovery exists. How firms can benefit from the concept of big data is through the analysis of the Practice as a business – performance analysis, right down to the fee earning individual or matter type can provide the firm with a wealth of tactical and strategic knowledge that will help drive the business forward. In addition, by combining website data and CRM systems, firms can begin to see client buying and research habits – much in the same way that retailers track consumer behaviour before and after a purchase. This allows a greater understanding as to why purchase decisions are made and helps firms determine what they need to do to guide the purchase process.
Mapping the cloud
With all the noise around cloud services over recent years it seems a little dated now but the fact of the matter is that Cloud Infrastructure is the one key component in the 3rd Platform that could instantly revolutionise how firms run their Practice. There are already several examples in the UK where legal firms have taken
advantage of cloud infrastructure to unleash their potential; virtualising practices and chambers, ridding themselves of capital expenditure and traditional office space and delivering the ability to flex the size of the practice in line with market demand. The latter of these is key - the economic downturn hit many firms hard, now that there is an uplift in business how will firms keep pace with consumer demand if they have to rely on arcane infrastructure to grow? The ability to simply add or remove a new virtual desk to the office without the worry about capital cost means firms can be much braver with their strategies. These four elements will become a layer over the traditional PCMS and just by their very presence will directly effect and alter how Practice Management Systems are used. Engaging through social media via your mobile device to drive referrals to your business will soon become commonplace and the 3rd Platform will be at the heart of it.
The next step
However introducing the concept of the 3rd Platform is all well and good but without turning it to focus on the user it is doing little more than getting in the way of delivering a good service. To truly revolutionise the Practice Management System attention must be given to the end-consumer of the legal service - which begs the question - what do they want? We are all consumers, we all have experience of good and bad user interfaces – why would accept anything less from a legal specific solution? A good UI will drive productivity and make users more engaged in the content they are working on. But of course there is another side to the UI coin and that is the consumers’ experience. We accept digital interaction as the norm now, clients requesting or tracking progress on matters through a website or mobile app is a natural extension to this and yet few legal firms in the market offer it. Delivering a good user experience for your clients – at every touch point or interaction - is key to client retention. www.advancedcomputersoftware. com/legal LAWTECH October 2014
19
OPINION
LAW FIRMS MUST FIND NEW WAYS TO
PROTECT THEIR SENSITIVE DATA Paul Doble discusses the legally complex subject of sensitive data
By Paul Doble, Chief Sales and Marketing Officer, The DX
Challenges
As most firms and clients know, confidentiality is the foundation of all legal advice. However, without the ability to keep a client’s information secure, confidentiality cannot be ensured, thus the essential trust between client and the service is threatened. Recent news reports have highlighted a series of data breaches in which lawyers have failed to protect private information, resulting in the Information Commissioners Office (ICO) warning that action must be taken to keep personal data secure. Such breaches can bring severe consequences for both client and law firm, meaning that crucial steps must be taken to ensure information is securely handled and stored.
Cause for concern
Christopher Graham, the Information Commissioner, recently stated that 15 complaints had been filed to the ICO against solicitors and barristers in the previous six months, related to files and private data that had been lost or accidentally shared with third parties. Several of these complaints surrounded the mis-handling of physical documents, which were found to be regularly 20
LAWTECH October 2014
transported in briefcases, left in vehicles overnight, or stored in individuals’ homes – all of which pose security risks. Inefficient disposal of data was also highlighted as a serious concern after a recent incident saw private documents discarded as waste on street corners. In other instances, due diligence came under scrutiny as professionals were caught sharing documents with third parties without hiding or omitting the personal details. A similar example found details of a social services case left on the street by a solicitor at Oxfordshire County Council, again suggesting a need for increased due diligence.
Following the series of breaches, the ICO publicly stressed the importance of tightening security measures and published top tips for solicitors and barristers on how to handle data proficiently. It included advice to professionals to consider the form of protection necessary when sending files, depending on their content, and only to transport sensitive data when essential. The warning echoes the words of a similar caution from FBI and NSA whistleblower Edward Snowden in July, when he urged lawyers, accountants, and other professionals handling personal data to update their confidentiality measures following the spy surveillance revelations.
OPINION
Individuals must exercise extreme caution in order to ensure that their behaviour does not threaten the security of the files. In particular, he warned that the ongoing development of new cyber platforms and technologies meant that digital communications were no longer safe from infringement or privacy breaches.
Security statistics
Findings from DX’s 2014 Information Security Survey demonstrated that both physical and digital documents are perceived to be at risk from security breaches. Nearly six out of 10 (57 per cent) of the legal professionals surveyed believe that emails pose the greatest risk, with 55 per cent of those questioned aware of emails being sent to the wrong addresses and potentially revealing confidential information. Even though human error was noted as an area of concern within the legal professionals surveyed, malicious attacks – whether criminal, government-sponsored or from activists – were surprisingly considered to be less of a threat. This hints at a lapse in awareness from the legal community as levels of cyber crime and activist action continue to grow, in addition to evidence of espionage targeted at law firms. It seems that warnings from central government and the Solicitors Regulatory Authority (SRA) are being somewhat overlooked by some legal professionals, in addition to a sense of complacency regarding knowledge of the Data Protection Act and outsourcing regulations. Such attitudes may be the result of a lack of awareness of the potential penalties involved. According to the DX’s 2014 Information Security Survey, few say they are fully aware of the fines for law firms and Alternative Business Structures for material breaches and noncompliance. According to the UK data regulator, serious breaches of the Data Protection Action can result in penalties of up to £500,000. However, the negative consequences can go much further than
a monetary penalisation, as security breaches will severely tarnish brand names and threaten client trust.
Addressing the problem
Multiple public data breaches and warnings from industry watchdogs are clear indications that changes must be made to the way in which data is shared, transported and protected. Fortunately, there are many practical steps that can be taken to tighten security measures and minimise the chances of data being compromised, hacked or intercepted. When handling physical documents, individuals must exercise extreme caution in order to ensure that their behaviour does not threaten the security of the files. As seen in recent security breaches, legal documents have been left in compromising locations and transferred between the courtroom and lawyers’ own homes without due care, leaving them liable to loss, damage or theft. Lawyers must be aware of these risks and transport such documents with care, also utilising secure delivery services to ensure maximum protection of sensitive information. In addition, such information must be disposed of correctly. Leaving highly confidential files in bin bags for example, is unacceptable, as it leaves them vulnerable to unauthorised viewing and loss of client confidentiality. As such, all physical documents must be securely destroyed, or shredded, when no longer needed. Technological advances have also given us the option to transfer data online, which can help firms to avoid undue risk compared to transporting physical files. However, as the above research suggests, this can present a new set of dangers, specifically in connection with email communications, which are susceptible to falling into the wrong hands through both human error and fraudulent interception. In addition, there is a common misconception that securing email
accounts with a username and password disables malicious intrusion, yet fraudsters are developing increasingly sophisticated hacking techniques, which means that passwords can often be ineffective. To counter this, robust encryption should be used for all emails containing sensitive information. Unauthorised disclosure can be avoided by protecting data through mathematically complex algorithms, so that if an email finds its way into an unintended inbox, there will be no breach of private information. Secure email systems like these are crucial in the legal industry, where highly confidential emails are sent of a very frequent basis between law firms, solicitors, the courts and the customers themselves.
A legal lesson
Legal professionals must take personal responsibility for adopting the correct security measures and protecting any sensitive data in order to avoiding incurring penalties for the firm, damaging its reputation, and threatening client confidentiality and trust. As such, due diligence must be taken when transferring files, whether physical or electronic, for which secure services are available. It is up to lawyers to decide which measures are most suitable for specific situations, and whether documents will be safer in the form of an encrypted email or a securely transferred physical file. Recent security breaches should act as a call to action to all in the legal industry. Rather than merely prompting a strict warning from the ICO, the incidents should raise lawyers’ awareness of the potential dangers and risks threatening the confidential materials in their hands, therefore enabling them to make more informed decisions on securing private information – as well as their reputation. www.thedx.co.uk LAWTECH October 2014
21
OPINION
THE MISSING LINK IN
LEGAL IT James Lyne explains that it is all about the human element when major data breaches take place...
By James Lyne, EMEA Director & Instructor at the SANS Institute and Director of Technology Strategy, Sophos
22
LAWTECH October 2014
OPINION Introduction
From hacks against eBay to Russian Internet forums with millions of stolen credit card details available for just a few pence each, the scale and scope of cybercrime is simply breath taking. Last year alone according to McAfee, the security vendor, IT security breaches cost the global economy $425 billion. However, the true extent of financial losses to private companies is hard to judge as many breaches are simply brushed under the carpet aided by a lack of mandatory disclosure laws. Our observations suggest that it comes down to the human element when major data breaches take place. Closer to home, the UK Information Commissioner, Christopher Graham has taken to naming and shaming public organisations that have allowed lax security to result in breaches. Browsing through the list of incidents it is clear that one of the most common causes of security breaches is not Tom Cruise style `Mission Impossible’ elite criminals but simple human error. Most of the time when you speak to staff following an incident the initial cause might well have been somebody just trying to get a job done, often something that they believed would help the company. It could be something as simple as creating a collaborative space like Dropbox to share files, lending a colleague a password or acting on a seemingly innocuous email request. Our observations suggest that people in general don’t have the same level of scepticism online that they do in the real world, “If a ‘Prince’ walked up to you on the street and asked for your bank details so he could transfer a million pounds as your cut of a £50 million inheritance for which he needs a UK bank account, most people would just keep on walking. Every day, however, these type of spear fishing attacks are still finding victims online. It’s worth noting that that technology has not made it easy for the non-techie, as it is hard to judge which types of files or Web sites are unsafe. We are, after all, taught from an early age to look left and right before crossing the road and that dark clouds might mean rain. Not many people are told that clicking on the .EXE file attachment in an email claiming to be a new security update from your online bank is not a good idea. As a teacher of cyber security courses for the SANS Institute, my own belief is that organisations - and particularly HR managers - should take a leaf out of health and safety best practice when it comes to information security.
Health and Safety
Health and Safety legislation has been instrumental in helping to improve conditions in the workplace and failure has known consequences and remediation actions.
The most common causes of security breaches is not `Mission Impossible’ elite criminals but simple human error
And if you look at information security, we are starting to see similar legislative frameworks forming in several vertical markets, within public sector and at an international level. Probably the best-known standard is the Payment Card Industry Data Security Standard (PCI DSS), which is a set of requirements designed to ensure that all companies that process, store or transmit credit card information, maintain a secure environment. Set up in 2006 by the major payment card brands including Visa, MasterCard and American Express, the evolving standard aims to enforce security best practice along with continual audit to improve payment account security throughout the transaction process. More recently, in March the European Parliament passed the draft Network and Information Security (NIS) directive. The purpose of the draft directive is to establish measures aimed at ensuring a high common level of network and information security across the Union. In order to do so, the Member States, the key Internet service providers and the critical infrastructure operators will become partners in the obligation to ensure the security of the network and the information. Although legal and national frameworks are important, Meagan Tudge, Manager for SANS’ Security Awareness Division, believes that the 25 million businesses across the EU should be the focal point for changing human behaviour when it comes to cyber security. Tudge sees a correlation between the educational process, communication and wider understanding of best practice. Many organisations struggle with defining and communicating Information security policies, she says, and it can sometimes turn into a checkbox exercise where employees must read and sign but don’t actually understand why or feel any affinity to maintain a vigilant and best practice posture. She suggests that organisations could equate it to a wider view where teaching employees that Infosecurity should be a lifestyle position. In her experience, a message that says the same organised criminals that are intent on breaching corporate security will use the same tricks and traps to gain access to sensitive information at a personal level can help turn security policy into a much more compelling message. SANS Securing the Human Program contains all the materials necessary to deliver a high impact security awareness program. The series of video modules, multiple choice tests and support collateral are designed to ensure that the program goes beyond simple compliance and instead focuses on changing human behaviour. www.securingthehuman.org
LAWTECH October 2014
23
CASESTUDY
DIVORCE NEGOTIATOR
HELPS TO ENSURE AMICABLE DIVORCES
24
LAWTECH October 2014
CASESTUDY
Carol Sullivan explains how her legal service franchise business model has been a success...
By Carol Sullivan, Founder Director, Divorce Negotiator franchise
Introduction
Select Legal’s Divorce Negotiator - a customised version of the company’s Lawfusion software - is unusual in the legal software and services business for two reasons: firstly it is designed to assist in the amicable settlement of a divorce for both parties through one law firm, and secondly, it offers the franchisee law firm the option of using local IT systems or cloud computing resources. The technology has already been put to the test in a family law franchise business where - as of June of this year - the software/ service is now in active use at the law firm’s headquarters operation, as well as 13 franchise offices. According to Select Legal, because it is unique in many ways, Divorce Negotiator assists both the husband and the wife through the divorce paperwork from the initial Petition stage, all the way through to Decree Absolute with a single fee. Following three years of experience, Carol Sullivan, the owner and Managing Director of the Divorce Negotiator franchise says she uncovered resounding evidence that there was a real need for this kind of service across all walks of life, decided to offer the model as a franchise. Carol worked closely with the legal software team at Select Legal to tailor the software to do things `her way’ so that she could replicate the high levels of customer service she had developed at headquarters across her franchise network and make it absolutely fit-for-purpose.
Divorce Negotiator in profile
Carol Sullivan set up Divorce Negotiator in 2010 with a clear vision. She wanted to set up a business that would help couples in England and Wales achieve amicable divorce. Unique in many ways, Divorce Negotiator assists both parties through the divorce paperwork from initial Petition through to Decree Absolute. With a focus on reaching a fair settlement for the whole family, this service guides couples through ‘the grounds for divorce’ and all aspects of the law regarding settlement, children and basically making the process completely transparent, less costly and less daunting for everyone involved. In August 2013, Carol set up the service as a franchise model, after uncovering resounding evidence that there was a real need for this kind of service across all walks of life. Ten months later (June 2014) there are 13 franchisees with several more in the pipeline. Interestingly, Carol is not a practicing solicitor, but she qualified with the Chartered Institute of Legal Executives in the early 1990s, worked for the Crown Prosecution Service after that
and unfortunately having gone through her own particularly difficult and costly divorce in 2001, she certainly has the knowledge and experience to offer this unique family service. As of June 2014, Divorce Negotiator has handled over 400 ‘amicable’ divorces.
It’s all in the software
Carol wanted case management and legal accounts software that would help her manage and control her unique service as she started to build up her franchise network. She looked at several systems before choosing Lawfusion, saying that she liked the software and the people from the start. “Select Legal understood immediately what I was looking for in a case management system whereas some of the other suppliers I saw didn’t seem to grasp how different my service was. They couldn’t accept that I was working on behalf of both the husband and the wife. One system I looked at in particular was very rigid - you got an off-the-shelf package and there was absolutely no flexibility to change it. But Select really have gone the extra mile from day one,” she said. “With Lawfusion, I have complete freedom to make the software do things my way and the experts at Select have helped me write it, test it and fine tune it to make it absolutely fit-forpurpose,” she added. Select Legal says it often works closely with clients to develop additional functionality. They believe this is what sets them apart from much of the legal software competition. According to Steve Dixon, co-owner of Select Legal and the firm’s Development Director, said, when it comes to creating software for law firms there is no such thing as ‘one size fits all.’ “When we started this business we wanted to offer flexible and intuitive software that is excellent value for money with outstanding support. We are still true to those values today. When a client or prospective client comes to us with a sensible functionality request we are more than happy to work through this with them. We have had the privilege of working with some of the best legal minds in the industry over the years. It is this kind of development partnership approach that has led to our suite of software becoming recognised as amongst the best available,” he explained. Select Legal says that Lawfusion is legal case management software that has been designed to significantly increase the volume of work a law firm can handle. Streamlining all business processes and capturing all billable time, the software is designed to improve profitability considerably whilst also improving the quality of the service to clients. LAWTECH October 2014
25
CASESTUDY
“I have found the Lawfusion case management system very easy to teach. It is pretty intuitive - for example, one of the other systems I looked at listed its procedures in alphabetical order - which was quite difficult to get your head around,” she said, adding that Lawfusion is much more user friendly, as there is no brain-racking and scanning the alphabet to work out the next step. If you are missing something in the process, she says, Lawfusion prompts you with green and blue questions to help you move the case on.”
Cloud or on-premise options
Training
Being a franchise operation it made sense for Carol Sullivan to incorporate the software training within her overall training programme for new franchisees coming on board. Working with the training team at Select, she developed a series of courses that enable her to quickly and efficiently bring her new franchisees up to speed so they can hit the ground running. 26
LAWTECH October 2014
Select Legal offers both cloud and on-premise options with Divorce Negotiator. The company says that it has hundreds of satisfied users in both camps relying on Lawfusion in all its versions, to run and grow their businesses. Carol opted for the cloud option - Lawfusion Direct. This means that, in return for a competitive monthly fee, Divorce Negotiator franchisees gets the full suite of practice management software, as well as fully integrated Microsoft Office and Exchange products - all hosted on the Lawfusion cloud. Select says it is continually enhancing Lawfusion and is currently planning `App’ functionality for tablets and mobile phones. According to Carol Sullivan, she uses Lawfusion on her iPad and my iPhone whenever she needs to do something remotely and is keen to make good use of the texting facilities within the system, as she is sure this will be popular and convenient for Divorce Negotiator clients. We asked Carol what she would say to other firms looking for flexible legal case management software and she said: “I would
CASESTUDY
definitely recommend LAWFUSION. It is good value for money, my franchisees love it and the support is great! I cannot fault it. “As I look ahead and plan further growth for my business, I am very pleased I went with Lawfusion. It was definitely the right decision.”
Isokon
Next steps for Divorce Negotiator
Carol Sullivan said: “With my own personal divorce, we each spent £6,000 on solicitors fees and it made an acrimonious situation much worse and divided the family for many years. What people don’t always realise is the law already gives us guidance on the three processes involved - the divorce itself, the arrangement for the children and the financial settlement.” “There is no need to complicate matters. The court is only necessary when parties cannot agree. Fair negotiation is at the heart of our service, we understand the process and what the Judge requires but more importantly we care about the family and our aim is to make this unpleasant process as pain free as possible for all,” she explained. Carol concluded by saying that the Lawfusion legal software is at the heart of the service and because it has been so flexible to tailor it is proving to be a real growth enabler for the business facilitating her expansion plans. “Having Lawfusion means we can replicate the high levels of customer service we have developed at headquarters right across the Divorce Negotiator franchise network. We have trademarked the franchise for Great Britain and plans are afoot to launch in Ireland, Scotland and then it’s Europe and America next,” she said.
Software
Isokon is the primary supplier of software for private client work Isokon is used by 36% of firms who do private client work Isokon is the most sophisticated software for probate work - with no significant competitors in this area of legal work
Please contact Peregrine Coysh for more information or a demonstration
Email: perry.coysh@isokon.com Tel: 020 7482 6555 Web: www.isokon.com
www.selectlegal.co.uk LAWTECH October 2014
27
BETTERBUSINESS
UNDERSTANDING THE IMPORTANCE OF
LEGAL MANAGEMENT SOFTWARE Why case management software and other forms of law firm automation applications are now a must-have in the modern legal world By Darren Gower, Marketing Director, Eclipse Legal
The world of case management in law firms is changing, with a number of legal firms choosing to diversify away from their core services, into new market sectors and service streams. In some examples, this diversification is no longer as easy as it once was, (e.g. as witnessed by the removal / reduction of legal aid for certain types of work, which led to increased competition within various sectors as more and more firms began to take on a broader workload). Our observations suggest that the use of the correct case and matter management software solutions provides the core framework required to move more readily into new service areas. Importantly, it also lets lawyers get on with doing the `lawyering’. In many ways, this is why Eclipse – now part of Capita Plc - has developed a range of legal management applications and has allowed us to become the leading provider of case management, practice management, matter management and process management software in the industry, Today, our Proclaim system is in use by over 20,000 professionals in a vast range of sectors, including legal; alternative business structures; in28
LAWTECH October 2014
house commercial; insurance and claims management; charitable; medical and government. We currently employ over 160 staff at our West Yorkshire HQ and provide a ‘full service’ offering, from initial needs analysis right through to implementation and aftercare support. Our clients range from household name commercial organisations and heavyweight law firms, through to niche market operators and sole practitioners. Proclaim users include: Eversheds, Carillion Plc, Co-operative Legal Services, Helphire (part of Redde Plc) and The Howard League for Penal Reform, and span multiple countries around the world.
Case study: Advantage Property Lawyers
In 2013 Advantage Property Lawyers (APL) - with the assistance of a Proclaim Practice Management Solution, won 3 major awards: Large Conveyancer of the Year (silver) Sunday Times Estate Agency of the Year; Yorkshire & North East Conveyancing Firm of the Year (gold) - LFS Conveyancing Awards; and Conveyancing Firm of the Year (silver) - LFS Conveyancing Awards. Back in 2009, as a new start-up, APL
needed a Practice Management solution that focused specifically on residential conveyancing. Software was needed that would allow the firm to offer its clients and introducers an outstanding level of service and customer care, whilst maintaining best practice at all times. The solution would also have to be reliable and offer easy scalability in line with APL’s aspirations to become one of the UK’s biggest and best conveyancers. Eclipse’s Proclaim Practice Management solution was implemented at APL’s inception as it provided a centralised, secure desktop toolkit for every property transaction - utilised by all staff. Proclaim was also chosen for its out-of-the box conveyancing focus and ease of integration with third party complementary software - as most work came from large corporates and major estate agents. Proclaim has proved to be an essential ‘enabler’ for providing a superb client experience and reducing turnaround times. The software has enabled APL to achieve over 4,000 completions and increase turnover by 40 per cent in 2013. The financial and reporting toolset is
BETTERBUSINESS
We saw Proclaim as the market leader. It has given us clear operational advantages, putting us ahead of our business plan aims Chris Fry, Managing Partner, Unity Law
used to provide instant data retrieval with on-going monitoring and analysis of KPIs assisting with the management of systems, processes and risk calculations. APL is using Proclaim to automate a vast number of administrative processes including document production and hopes to move towards a paperless office soon. Since implementing Proclaim, APL has grown rapidly requiring an increase in staff numbers by over 200 per cent from 15 to over 50. The firm is now represented on the management board of The Conveyancing Association and was the first conveyancing firm to receive the ‘Legal Eye’ quality standard.
Case study: Lees Solicitors LLP
Established in 1889, Merseyside-based Lees Solicitors is a full-service practice committed to delivering excellent customer service. The firm employs over 100 staff across its 3 offices in Birkenhead, Heswall and West Kirby. In preparation for competitive and legislative changes to the legal markets, the law firm embarked upon a new business strategy focusing on direct client acquisition - reducing a reliance on third party introducers. To achieve this new goal, investment in technology was required to ensure operational processes were optimised and service delivery became the prime focus of the practice’s activities. A Proclaim Practice Management solution was implemented across the firm’s real estate to provide an efficient and consistent approach to multiple practice areas. The software’s integrated financial platform enabled a complete reporting base and a seamless approach to billing and practice management. Eclipse says the firm was impressed with its ability to be accessed from anywhere at any time - a vital requirement for Lees as it would enhance the firm’s flexibility and service proactiveness.
Lees set out its stall to be the go-to law firm in the region for a broad range of legal services. Critical to this was fast, transparent service delivery. Using Proclaim’s Process Management capabilities, Lees has been able to build a complete client journey - from initial inception right through to cross-selling and upselling opportunities at file conclusion. The management board at Lees now has access to real-time information courtesy of Proclaim’s integrated reporting suite - providing both broad and granular data analysis. In terms of marketing and business development, Proclaim provides a core platform from which to service clients and ensure that loyalty and recommendation levels are at an all-time high. LAWTECH October 2014
29
BETTERBUSINESS
Case study: Unity Law
South Yorkshire based Unity Law was formed by litigation expert Chris Fry back in November 2010, with six staff providing a specialist service for victims of industrial disease, clinical negligence and work-related injuries. The practice has since won numerous high-profile awards for its service and now has over 25 staff. As a new start-up business, Unity Law needed to differentiate itself from more established competitors by providing a higher level of service and a unified approach to client care - “clients not numbers”. To achieve this, a Practice Management Software solution was needed that would free up fee earners to maximise quality time spent on each client case by automating administrative tasks. A Proclaim Practice Management system was implemented throughout the practice to create a seamlessly integrated system providing an efficient and consistent approach to each case. The inherent flexibility of Proclaim would also allow for straightforward integration with productivity solutions such as document scanning, and expansion into new work areas in line with the practice’s strategy for growth. 30
LAWTECH October 2014
The result of implementing the software practice-wise is that time-stealing tasks have been eradicated, with Proclaim automating non-value adding tasks to enable fee earners to focus on the complex litigation cases taken on by the firm. Integration with document scanning now means that Unity Law’s ‘document inception’ processes are seamless and enable fee earners to access all client and case related information digitally, onscreen. Compliance is assured thanks to Proclaim’s controlled workflow processes, which ensure that no action is missed, and timely reminders are issued around legislative requirements. Proclaim’s flexibility has allowed Unity Law to electronically exchange data with its costs drafting firm, Compass Costs, removing the delays inherent in postal transit of bundled documentation. Unity Law is looking to continue its growth with ambitious marketing plans, the goal being to become the UK’s leading disability discrimination law firm.
Futures
Even with 160 staff at our West Yorkshire headquarters, it is important for any
legal software company not to rest on its laurels. Put simply, evolution is now part of the lifeblood of legal IT solutions, meaning that closer integration with third-party systems is now a must-have. In July of this year, this evolution allowed to announce integration with a new-to-market ID and Anti Money Laundering (AML) service. Eclipse was the very first software vendor to have partnered with CRIF Decision Solutions Ltd and its new online ID Check and AML Check services. CRIF is well known for its work in the insurance industry, with a long pedigree of providing decision-making and fraud prevention systems. Projects with the UK insurance industry such as integration with the Claims and Underwriting Exchange Register (CUE) and the Injury Claims Portals (RTA and EL / PL) have positioned CRIF as the leading developer in its field. This new integration between Eclipse’s Proclaim Case, Matter, Practice and Process Management systems will enable users to request ‘one click’ ID and AML checks, directly from the Proclaim user desktop. Users can select the type of search required (ID or AML) and upon entering details of the subject on a single screen, search results are returned directly to Proclaim - embedded within relevant client fields and the file history. It is evolutionary moves like this that allow Eclipse to stay one step ahead of the rest of the legal software industry. As the industry shifts towards new business models and service delivery channels, is clear that clients will increasingly seek out better value for money from their law firms, introducing more price and service competition in the industry. By using legal management software to automate the more mechanical aspects of lawyering, Eclipse believes that a `full service’ approach to law can be provided whilst at the same time offering a competitive range of solutions. www.eclipselegal.co.uk
Work faster, smarter and more efficiently with Eclipse Eclipse is the leading provider of Case Management, Practice Management, Matter Management and Process Management Software in the UK. So if you want to make your practice more effective,
let’s talk.
Matter Management Software Stay in control of your practice’s non-prescriptive, complex and bespoke work areas, with client and matter inception, document production and data storage all in one place.
Practice Management Software Keep finances running smoothly by organising everything from individual to practice-level data… take advantage of comprehensive reports and real-time management information.
Case Management Software Manage active cases, streamline processes and deliver a superb experience to clients, with Case Management Software that can be tailored to the individual needs of your business.
Process Management Software Streamline business processes by automating time-consuming administrative tasks, with easy document production, in-depth reporting and full workflow functionality.
Eclipse’s Proclaim solution is in use by 20,000 legal professionals in over 700 organisations.
To find out more
Call 01274 704 100 visit eclipselegal.co.uk email info@eclipselegal.co.uk
LAWTECH October 2014
31
BETTERBUSINESS
CONTROLLING ACCESS TO
COMPANY/CLIENT DATA HELD IN THE CLOUD Robert Cruz discusses the legal issues with storing client and/or company data in a cloud-computing environment‌ By Robert Cruz, eDiscovery & Information Governance Senior Director, Proofpoint
32 32
LAWTECH October 2014 LAWTECH October 2014
BETTERBUSINESS
Introduction
Cloud computing is clearly one of today’s most lucrative new technology areas. It provides businesses with huge benefits - including cost-efficiencies and flexibility. However, despite the benefits, there are still a number of significant security concerns, which deter many organisations - especially those in the legal space - from migrating their data to the cloud. As most legal professionals will attest, data security today continues to be the number one concern for C level executives considering moving information to the cloud. And for very good reason – cloud computing vendors are by no means consistent in how they can enable the secure movement, storage, and retrieval of important information. While basic encryption is a start, the recent news around PRISM and the Foreign Intelligence Surveillance Act has ignited a whole new set of questions with regard to information access. And this, remember, is before we even begin to consider the legal and regulatory issues with client data in law firms. In addition to these issues, questions over information access to data held in the cloud are on the increase due to a surge in media reports around well-known technology companies being served with court orders. Microsoft, for example, recently refused to comply with a US government request to turn over data stored in their servers in Ireland. The software giant argued that doing so would violate Irish data privacy law. However, the US government argued back that Microsoft controls the information as it resides on Microsoft-owned servers, and location of servers is not relevant. Because of Microsoft refusing to comply, the US government has ruled the software giant to be in contempt of court, which will likely result in the case being elevated in the US legal system. This elevates the notion of information control as central in determining whether US corporations should be required to produce information stored outside of the US.
Further pressure
Further pressure has been added to executives considering migrating to the cloud by the pending EU Data Privacy Directive, which contains provisions that would attempt to override the rights of any data controller to request information that would violate EU policy. This potential legal impasse is currently unresolved, but will likely be further refined due to the pressure from US-headquartered multi-national firms and their ability to address cross-border eDisclosure. This has undoubtedly raised a number of questions for CIOs considering moving to the cloud – who controls the data in the cloud and what laws is the data applicable to? In addition to this, executives also want to know how will any cloud provider
respond to a government or other third party request for their information, how common data requests are, and what protections are offered to prevent the inadvertent disclosure of information when another company’s data is requested? Recent news of government information requests, data breaches, and inadvertent disclosure of information from multitenant cloud vendors have all raised visibility to the issues of cloud data privacy. Basic encryption provides a starting point to protect data security, but organizations are increasingly focused on how they can maintain control over information in the cloud. Security is without a doubt one of the key concerns for organisations as they want to maintain control over access to data. The cloud creates new complexity for law firms and allied organisations with regards to ownership vs. possession. This is one of the major issues affecting cloud-hosting companies and organisations today as the laws the data is subject to are inconsistent. As demonstrated by the Microsoft case, organisations are in disagreements with governments over what laws data residing in different nations is subject to. Organisations and cloud hosting providers are being faced with search warrants from governments, which is turn is creating concerns for organisations over the privacy of their data stored in the cloud. Data requests are very common and they are becoming more frequent. In September 2014 file-sharing service, Dropbox reported that the number of government requests for user data was on the increase. The company received 268 requests total for user information during the first half of 2014, representing a tiny proportion of its 300 million users. However, Dropbox revealed that the number of requests received grew proportionately to the company’s user base. The 268 data requests Dropbox received included warrants, subpoenas, court orders and non-US requests—each typically seeking different types of data. LAWTECH October 2014
33
BETTERBUSINESS
Data security today continues to be the number one concern for C level executives considering moving information to the cloud
Google, on the other hand received 20,938 information requests in the first half of 2012 – and it responded to 89 per cent of those. In contrast, Microsoft has responded to only 79 per cent of those requests, but more from Foreign Governments. When you add information requests from state and local law enforcement agencies, it is clear that government requests for citizen’s information are on the rise. With regard to incidents of data breaches and inadvertent disclosure, stories are in the news almost daily. This undoubtedly highlights just how serious the problem of data breaches has become. Against this backdrop, it is clear that all companies - and not just in the legal space - must consider themselves as a target and should therefore take appropriate steps to ensure their data is safe.
Risks of the cloud
Technologies that leverage the cloud provide a number of advantages to organisations in the legal space - including lower cost and improved manageability. This is a key advantage in the law firm arena, given the downward pressure on prices in the wake of the constant erosion of legal aid. Lower costs are achieved by the sharing of resources that enable economies of scale that can be passed on to customers, make software updates and provisioning easier, and provide individual functionalities that are easier to optimise for performance, redundancy and availability. But these services are also typically delivered in a multi-tenancy environment, where account information is tied to a unique customer ID, which are separated only by logical partition. In comparison to single tenant environments that maintain unique databases and infrastructure, multi-tenant cloud environments can create unique exposure that can impact data privacy, such as application faults or configuration issues in software that can impact authentication and access for cloud tenants, in some cases exposing data from one tenant to others. Secondly, through the use of basic encryption technology, cloud providers can protect potential exposure of customer information by generating unique customer encryption keys and storing those keys within the cloud provider’s infrastructure. As the astute LawTech reader will have realised here, whilst the technology is undoubtedly highly cost-effective and leading edge in nature, there are a number of governance and regulatory issues that need to be addresses by any law firm or 34
LAWTECH October 2014
similar company operating in the legal industry, not the least of which involves the confidentiality of client data files. While the use of encryption enables protection of data at rest, potential areas of exposure remain. Firstly, cloud vendor practices vary with respect to key management and the storage of user login information, as examples. Most importantly, as the cloud vendor possesses both the customer data and encryption keys to that data, risks are heightened in that readable, customer-specific information is now accessible to the cloud vendor and its employees, as well as to those with intent to do harm. In the case of a government or other legal action seeking readable, company-specific information, cloud archiving providers will need to comply with the order by turning over both the data and the encryption keys that they possess or control, at times without notice to the company if the legal order so mandates. Both cases reinforce what some have been emphasizing about data protection in the cloud for years.
So how can we overcome concerns related to data requests?
The current situation with regards to ownership of cloud data is unresolved. This is largely because it is a new technology and organisations and governments are still in a process regulating the environment. This unfortunately means there is currently no consistency in the way specific disputes have been resolved. However, despite the challenges with data requests, there are a number of steps organisations can take to minimise their disruptiveness, so as not to put their customers’ data in jeopardy. These include the use of an archive that never leaves information in the clear - i.e. encrypt information in transit and at rest while in possession of a cloud storage provider, as well as working with providers that allow you to maintain exclusive control over your encryption keys - exclusive key control is a function of 1) the technologies used by the provider, 2) the processes documented with SSAE-16 certification, and 3) the contractual provisions outlining the rights of the provider to obtain readable access to customer-specific information. All these points are very necessary. It is important to emphasise that working with a provider that has open access to information not only creates risks stemming from the provider’s access to your information for litigation purposes that can be justified - it also makes data more accessible to third parties and the provider’s employees whose intent may be to do harm. www.proofpoint.com
Now is the time for... Integrated practice management software for modern law firms
Your people work better together... shouldn’t your software? Case Management
Legal Accounts Workflow Client Web Services
Digital Dictation
Find out more
ITSYSTEMS
UNDERSTANDING THE BENEFITS OF
CLOUD COMPUTING IN THE LEGAL SPACE Karl Robinson explains the strategies that IT management professionals in the legal profession can employ when developing a cloud computing master plan By Karl Robinson, Chief Commercial Officer, StratoGen
Introduction
As an outsourced IT option for the legal profession, cloud computing has an economic imperative that is second to none, with cost savings of between 40 and 85 per cent when compared to conventional `bricks and mortar’ data centres. The actual cost saving, of course, is dependant on a number of issues, including whether you want a dedicated (private) cloud resource or are happy to use a shared (public) cloud system. Other factors that influence the price - and therefore the cost savings - include the level and speed of access to the cloud resource, as well as the required `up time’ of the service. The key advantage of storing your organisation’s data in the cloud, however, is that your law firm can then pay for the facilities it actually uses - rather than paying for the cost of data centre resources, whether or not you use them to their fullest extent. No small wonder a growing number of firms are moving their data and IT resources over to the cloud. The planning process with cloud computing, however, is the icing on the cake in terms of cost savings. If well executed, a well-planned cloud migration/implementation can mean the difference from truly saving money on the project in its first year, and only breaking even during the same period. And these cost advantages are not just a one-off, as they are recurring. 36
LAWTECH October 2014
If you have carried out your groundwork - and other areas of due diligence – with regards to cloud computing, you will almost certainly have realised there are large differences in the cost of the various cloud facilities that are available. These differences are not simply market-driven, but a reflection of the relative lack of maturity of the business models operated by many cloud computing service companies. This is not a criticism, by the way, merely an observation - it is also a market differentiator that allows the clients of cloud services - that’s you and your company - to select only those services they truly need, and to pay a fair price for those facilities. It’s worth noting that, when it comes to price differential factors, that criteria such as the ease (and speed) of access to your data - as well as where the data is physically stored - come into play here, as data protection laws and Law Society rules often mandate that your firm’s data must be stored within the confines of the European Union countries. There is a degree of pragmatism at work here, as whilst it is perfectly possible to host your firm’s cloudbased data outside of the European Union, there are regulatory issues associated with this option. Increasingly, for example, many companies are discovering that legal issues such as the US PATRIOT Act come into play.
The PATRIOT Act is an Act of the US Congress that was signed into law by President George Bush in 2001. The stands for Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001. Critics of the legislation in the IT sector point to the fact that the Act allows the US government and its many agencies easy access - without a court order - to data held on a IT resource that can be operated anywhere in the world, as long as the owning entity is a US company. This means that, whilst your cloud data may be held in a data centre in Dublin, if the owning company is based in the US, then the US government can request direct access to that data – try explaining that nuance to your legal clients. Assuming that you have a cloud project in mind, the time then comes to complete the due diligence stage of the planning process, which typically involves scoping out your potential cloud service suppliers. This can range from discussing the suppliers with your colleagues at other companies, all the way through to requesting references from the supplier’s existing clients. This step is actually more complex than it initially appears, as there are a number of security and allied requirements that cloud service providers choose to meet, in order to better satisfy their client’s needs. These range from ISO 27001 compliance all the way through to compliance
ITSYSTEMS
with PCI-DSS rules, a set of security standards that are mandated by credit card companies before a company is allowed to process credit and debit card transactions.
Where is your data located?
The most fundamental question that potential clients ask their could service providers (CSPs) is whether their data is physically located. This can be a more complex issue than it first appears, as many CSPs choose to mirror (back up) client data across multiple data centres, except where the client has expressly elected to store their data in a specific territory. Other questions that require asking include the speed of recovering data and the latency of the cloud service itself. It is no good relaying on a low-cost cloud resource if the latency is such that it takes several minutes to start downloading a given set of files or folders, and several days to download all of your data in its entirety. Discussing this issue with your potential CSP will also reveal what levels of redundancy that the CSP’s data centre resources actually offer. This is an important issue, as a partially used CSP resource is usually a lot more responsive to data download requests than a data centre that is almost completely filled with data. There may well be an argument to operate a cloud resource on a pooled or
shared basis, since any resources that your organisation does not use, can then be resourced by other users of the cloud facility. This is a traditional cloud computing approach, and differs from the so-called `private cloud’ facilities that a growing number of major companies now operate. A private cloud resource is where the company concerned have full access - and control - over the cloud computing data centre, meaning that third parties are not involved. Generally speaking, the larger a cloud computing data centre operation is, the better, as is the issue of whether the resource has a global portfolio of customers, as this strengthens the need for 24x7 active customer support. hitiae volor repe illatem. There is also the issue ofmolorem effective rem SLAs Itatumet - Service Level Agreements. These are esti omnis ea nam, minimum set of service levels which commod ma to quation the cloud service provider agreeslaccum to, but culloressita si omnis quae omnit are oftenpelit drawn up before a given cloud et hicae ulparum quunt eat quodi service operational. od ut ingoes cullibus, quatiam es et repedi In our experience very careful attention consequi dolore dolupta turiae incto is needs to beBor given to SLAs, assithere are doluptiae. sinimus dolor blandit signs that few short-sighted CSPsidtry to estrum intaquisciti nectatem quas ullaut include a number of limitations their digenduciat rem volor ate volor in renihilist standard client hoping that aut mi, cum nemagreements, videstis a venduciet this forbid - allowdolutatem them to sideliquewill que- God voluptat veliquia re step their responsibilities if something pa acerion sectiscil ma nostrum quatini goes wrong. inctibus. This is a notiliquatum a criticism of CSPs Ut eumqui eicima quiscitis generally, as it is important to understand magni deleseq uuntiam excearum volorep that the nature of cloud computing elenduciust, et enecaborro isti cus sed service is such that it iseum perfectly possible modis excea voloriam voloribus,
W
to provide multiple redundancies for a given service with only a modest increase in costs. Put simply, this means that the economic imperative of moving to cloud services is rarely affected to any major degree by pricing, so cost cutting is - usually - not an issue for most CSPs, except perhaps those providers operating at the lowest end of the price spectrum. SLAs are also important, however, when it comes to dealing with what happens to the client’s data at the end of the service contract or in the event that the CSP - for whatever reason - ceases operations, or curtails its services when (and if) it is acquired by a third-party company. This leads us neatly into the questions that the diligent would-be cloud client in the legal space should be asking of their CSP. These questions are broadly in line with the due diligence questions that a company should be asking of all its IT systems suppliers, and centre on what type/quality of hardware the CSP uses - a growing number of service providers, we have observed, are opting for premium hardware systems for their cloud infrastructure, so reducing the MTBF (mean time between failure) of their systems, and helping to ensure that a given service is as close to 100 per cent uptime as possible. It’s worth noting at this point that StratoGen elects to use high-end - and known - vendor IT systems to maximise systems reliability and ensure the highest levels of support possible.
Conclusions
The old adage that you get what you pay for applies in the cloud computing space. As with the provision of IT services in the legal profession generally, there is a fine line between operating a cloud services business profitably and at a break-even/ loss-making level. This is because profit margins in the CSP world are reflective of the growing maturity of the industry - as with the IT hardware industry of around a decade ago, profit margins are becoming commoditised to the point where a profitable CSP of today may find its service platform disrupted by new technology players in the future. www.stratogen.net LAWTECH October 2014
37
OPINION
THE DIGITAL CHALLENGE
OF DEALING WITH DOMESTIC VIOLENCE
Harry Fletcher explains the process behind what will be the UK’s first Domestic Violence Bill...
By Harry Fletcher, Director, The Digital Trust
38
LAWTECH October 2014
OPINION Introduction
I’m Harry Fletcher, Director of The Digital-Trust and together with Elfyn Lwyd MP, we are championing the UK’s first Domestic Violence Bill. The new law will specifically deal with coercive control. This is when someone makes a person do what they want through intimidation, isolation, threats, violence or financial control. The current legislation is inadequate in dealing with the psychological and coercive nature of domestic violence. This is a major contributory factor into the low charging and conviction rates on domestic abuse in England, Wales and Northern Ireland, which in 2011 stood at just 6.5 per cent. It is also, we believe why murder or suicide rates amongst victims of domestic violence remains far too high. According to the Home Office, two women are killed every week in England and Wales through domestic abuse. 500 women, meanwhile, who have experienced domestic abuse in the last six months go on to commit suicide every year. Of these cases, fewer than 200 attended hospital for domestic abuse on the day they died. But what is coercive control and what does it have to do with digital? It helps to understand how abusive men think and act. An abusive man creates a world where the victim is constantly monitored, criticised, where everything they do is checked against an unpredictable, every changing ‘rule book’. This unrealistic world is all based on what he thinks a wife, cook, mother, housekeeper, lover should do. He expects, no demands, she does everything his way. Digital technology, we have observed, makes it easier to abuse someone; it allows him to exert more control. The wave of cheap, accessible, easy to use surveillance, geo-location and spy technology is now available from online retailers. Through these devices, it has become commonplace for abusers and criminals to use such products to access computers, mobile phones and online accounts. Let me give you an example. A man buys his wife a smartphone. He sets-up the cloud account. He then adds spyware. The cloud account allows him to lock the phone, see or delete contacts. He will be able to see the phone’s exact location. If it is also set-up to automatically back-up to the cloud account he can see all the pictures taken and texts sent. The spyware allows him to turn on the mobile’s microphone and listen to any conversations taking place. He can also put spyware on a computer or tablet, to monitor his entire partner’s activity, who she is talking to, and he could turn on her Webcam to watch and listen to her. He will get her username and passwords. He will see what Web sites she visits –
if she is looking up advice on domestic violence? Intimidation and threats are part of coercive control. He may force her into making intimate digital photos or videos. He then threatens to send them to the children, family, or post it online if she doesn’t comply with what he wants her to do. Social media is another tool. It allows him to embarrass, humiliate or undermine his partner. He can paint a picture to cover or justify his abusive behaviour. “She is so clumsy, stupid, a terrible cook – she is lucky to have me LOL”.
Ugly
It also sounds ugly. It is. Does it sound far-fetched? Statistics from the National Stalking Helpline shows that digital abuse has overtaken offline abuse amongst talking victims. A survey carried by the Digital Trust also showed the same results. Unfortunately, spyware, GPS tracking and listening devices are easy to find, cheap and irresistible for an abuser. It gives them power and control. An abuser will say they have to right to put a GPS tracker onto his car or spyware on a household computer. The current law simply does not cover this type of abuse. It surprises many people that the UK doesn’t have a domestic violence law. A man may be charged with criminal damage, assault, grievous bodily harm, rape or attempted murder. The law doesn’t address psychological terrorism that is endured by many women who may never be hit, punched or kicked. That is why we need a Bill on coercive control. The Bill will be tabled as an amendment to the Serious Crime Bill this autumn. As well as criminalising abusers behaviour the Bill also proposes mandatory training for criminal justice workers including the police.
Cross-party support
There is cross party support and I am confident we will get a domestic violence bill. I will continue to campaign to make sure that it is robust. But the law is only as good as the implementation. We still have a long way to go in changing public and criminal justice professional’s perceptions of domestic violence. It is an even bigger challenge to bring the criminal justice system into the digital era. That is the work of the Digital Trust a new project to get digital abuse onto the criminal justice radar and help develop resources and tools to help victims of digital abuse. We want the IT community to support our new initiative. If you want to know more, or to help, contact me at the Digital Trust. www.digital-trust.org
Digital technology makes it easier to abuse someone; it allows him to exert more control LAWTECH October 2014
39
LEGALTECHNOLOGY
PROBATE SOFTWARE -
FOUR KEY CONSIDERATIONS
40 40
LAWTECH October 2014 LAWTECH October 2014
LEGALTECHNOLOGY
Gregory van Dyk Watson explains the complexities of probate software…
By Gregory van Dyk Watson, Managing Director, Isokon Limited
Introduction
The subject of software for probate work is fraught with assumptions and misunderstanding. This article deals with four specific areas: • • • •
Accounting versus Case Management The Myth of Integration Pay-per-Probate Comparison Training and Leadership
Accounting versus Case Management
Many probate professionals refer to probate software as ‘probate case management,’ whereas the bulk of probate work is very clearly an accounting function. Many practitioners use spreadsheets for their probate financial accounting. Spreadsheets are useful but an inherently high-risk tool, in contrast with a probate specific accounting system. Probate accounting involves a plethora of financial details, such as logging the assets and liabilities, separating capital and income, paying the gas bill and funeral expenses, listing the market value of shares and their dividends, calculating the cash value to the beneficiary who does not want shares, listing the foreign shares and calculating the tax due under the double taxation agreement, net or gross, and constantly recalculating the money due to the residuary beneficiaries. These accounting functions cannot easily be performed by case management software. Case management is concerned with workflows, mail merging and task management. Its importance should not be underrated. Case management is certainly a useful tool in the day-to-day administration of the estate, particularly if used in conjunction with an accounting system.
“The case management function is at best about 20% of the estate administration, the bulk of which is financial accounting.” The fundamental question to ask is: how useful is case management without an accounting system from which it can suck financial data. One discerning solicitor likened it to “trying to catch fish without bait.” An effective solution needs both, working in harmony with each other. The result is a profitable private client department. A number of probate managers have reported achieving gross profits in excess of 70% for their department as a direct consequence of using an accounting system combined with case management.
The Myth of Integration
The buzzword used out by many law firms is integration, usually without properly evaluating the actual benefits. It sounds neat, such as saying that all members of the firm should only buy the same model of car. But what does it mean, and how practical is it, when we all have different requirements? The work of estate administration is largely self-contained. It requires minimal interaction with your practice management system other than to reconcile the two client ledgers. Your cashier/accounts department is primarily concerned with registering in your practice management system (PMS) client account money in and money out. They are only marginally concerned with the actual breakdown of the funds received. By contrast your probate team will want to know the detail for example of a cheque or a money transfer from the stockbroker, the value of each share (how else will you know how much to pay the one beneficiary who wants cash for a particular equity) and the distinction between capital and dividend income. Or
Spreadsheets are useful but an inherently high-risk tool, in contrast with a probate specific accounting system LAWTECH October 2014 41 LAWTECH October 2014 41
LEGALTECHNOLOGY the payment from the deceased’s bank account that includes both pre and post death interest, date of death balance and post death transactions, especially when the statement arrives three weeks later. Your cashier is not fundamentally concerned with these distinctions, but you will need to record and track the financial breakdown of each transaction - ideally in a dedicated accounting system that allows you the flexibility that is not available in the firm’s accounting system. It is redundant for your practice management system (PMS) to contain a click and pick list of probate registries or funeral directors or a list of stock exchange shares with correct SEDOL and ISIN numbers. Or even to maintain a profit and loss account for each of 30 plus properties for example owned by the deceased, some with mortgages, and some lease owned, each with various charges. These features are of little relevance to the other departments in the firm. Your PMS client account is not designed for the financial complexity that is an intrinsic part of estate administration. Will your PMS enable you to make the further distinction from a single transfer between the capital amount and interest earned on assets? “There is a plethora of detail that you will need to record in your probate accounting system that has no place in your PMS client account, and which is of minimal concern to your cashier. “ You will of course need to reconcile the totals of the two client accounts from time to time, but trying to integrate the two makes no sense whatsoever. Any such attempt belongs to the realm of IT mythology.
Pay-per-Probate Comparison
Pay-per-Probate, sometimes referred to as Pay-as-you-Go, might at first glance seem to make good financial sense. For the smaller practice with few estate matters that is certainly the case. Let’s consider the costs over 5 years for a case management system without the benefit of a full accounting system charging £60 per probate matter for a firm receiving an average of 10 matters per month, which equals 120 matters x £60. Your annual costs in this example would be £7,200. Over a five year period your total spend would be £36,000. By contrast your capital spend on a system with three fee earners (who with effective software could easily handle 120 cases annually) would be £7,850 plus five years support at £1,570 per annum over five years would equal a total spend of £15,700 a difference of more than £20,000. This represents a massive saving compared with the payper-probate model. The PPP model only begins to compete financially if your intake of estate matters is approximately four per month. On this basis of four probates a month, you would clearly not require as many fee earners. Consequently your capital spend on a capital purchase including support would be reduced to £12,800 over the five year period. For your PPP model to compare with this figure, you would need to be receiving fewer than 3.5 new cases per month. Any additional cases will leave you out of pocket using PPP. Let’s not forget that after 5 years your costs on the PPP model 42
LAWTECH October 2014
will continue at a significantly higher rate than the capital spend model. Using this model your ongoing spend for support for three users will be £1,570 per annum. By contrast any more than 2 cases per month using the PPP alternative will be akin to throwing your money away. “Most important of all, the capital purchase model will provide you with a complete accounting system combined with integrated case management, whereas the PPP model will only provide case management. “ The conclusion is that in the examples above the capital spend model provides more software for less money.
Training and Leadership
Charles Christian in his chapter on training in the ‘Probate Practitioner’s Handbook’ Section 18.5.5 (The Law Society, 2006) writes, ‘left to their own devices, fee earners will often claim that they are ‘far too busy’ to attend training and then complain that the software is ‘hopeless’ when they later discover that they do not know how to use it.’ Training to use software is much underrated by most firms. It is an area where many firms try to make savings. By doing so, they risk shooting themselves in the foot. Trying to save money on training is a false economy. The result is that fee earners and support staff will not be able to use the software properly. The consequent risk to the firm is a wasted investment. This however is only half the story. Even more important than training is for fee earners to actively use the software after training. Becoming familiar with the software is as important as the initial training. In a regime with weak or laissez-faire leadership, fee earners will often be tempted to go back to their old and inherently inefficient ways of dealing with estate administration, and ignore the benefits of a dedicated probate system. Most of us enjoy the easy familiar routines. Learning a new software system is a nuisance, no matter what the potential benefits might be. It is even worse when we are obliged to suffer a temporary decline in our productivity until we are familiar with the new system. History is littered with the detritus of the failures who refused to learn and adapt to the new because it was too much trouble. “However the long term gain of implementing a sophisticated accounting system far outweighs the short term pain.” Strong departmental leadership would insist on fee earners enduring the learning curve, which could in some instances take one or two months. Many people don’t expect it to take as long as it often does. It is nevertheless the only way to ensure the success of a new system. The alternative is to risk failure and a waste of the money that you have spent. Your probate team who fail to learn the software will of course blame the software. I have observed this phenomenon like watching a car crash in slow motion, while the head of department ignored all the warnings. Fortunately most firms are blessed with strong and responsible leadership. The more usual refrain in this instance is, “We don’t know how we managed before we got the new probate system.” www.isokon.com
In the next issue of LAWTECH…
We hope you’ve enjoyed this first issue of LawTech magazine, but the good news is that we’re working on the second issue as you read the first. Features already lined up for the second issue include: • Looking at the next generation of IT threats to your systems… • How to choose a legal PR company – and not waste your budget… • The new EU general data protection regulations explained… • Understanding the cyber threat landscape… • Developing a secure cloud system for your law practice… • Document archiving systems in the spotlight… • Why your network infrastructure is critical to your future… • How security and cloud are natural partners… • First steps in IT business continuity for legal professionals…
As you may have noticed, cloud computing and security feature highly in this issue of LawTech magazine. This will continue in Issue 2 and beyond, as these two topics come up time and again when discussing IT matters with the legal professionals featured in this publication. Cloud computing, we have observed, is important owing to the cost efficiencies it generates – upwards of 60 per cent cost savings are possible with the right system. Effective IT security, meanwhile, is also top of the legal agenda, owing to the draconian penalties that various bodies can impose if your security is breached. And this is before we even begin to discuss the effect on your reputation… Issue 2 of LawTech magazine will be published in early 2015 – in the meantime, please check out our Web site – www.lawtechmagazine.com for an informative mix of topical news stories and other information.
LAWTECH LAWTECH October 2014
43
Lawyers under pressure? Technology to the rescue.
LexisNexis® Enterprise Solutions LexisNexis Enterprise Solutions delivers proven software solutions that help legal service providers drive profitable business relationships and growth. From identifying new opportunities to building client loyalty, from streamlining service delivery to measuring profitability, our solutions help you work as one firm to exceed client expectations and achieve competitive advantage. LexisOne™
Lexis® InterAction®
Lexis® Visualfiles™
The enterprise-grade system powered by Microsoft Dynamics that harmonises financial, productivity, performance and human resource management in one integrated business management solution that adapts as your business evolves.
The market leading client relationship management system for law firms, designed to uncover powerful relationship intelligence to drive client loyalty and business development.
The powerful legal workflow and case management solution that increases productivity and client satisfaction through the automation and streamlining of processes and tasks.
“We are excited to be building our future operations around LexisOne. Already we can see the benefits of this single business management system approach and are more convinced than ever that this investment has positioned us well for the future”
“InterAction is the de-facto enterprise CRM solution for legal firms”
“The solution needed to offer the flexibility to build in new capabilities in tune with changing business requirements. The fact that the planned development of the product closely matches our identified business needs in the foreseeable future gives us great confidence in the solution”
Russ Newton, Finance Director, Collas Crill.
Vikki Whittemore, Director of Business Development, Wright Hassall LLP.
“We evaluated several CRM systems designed for law firms. It became clear that LexisNexis’ InterAction was in a league of its own when it comes to relationship management. ” Harri Lindroth, Knowledge Manager, Attorneys at law Borenius.
For more information For more information on LexisNexis Enterprise Solutions, please contact salesinfo@lexisnexis.co.uk | +44 (0) 113 226 2065
Partner, Digby Brown.
Follow Us
@LexisNexisES
www.lexisnexis.co.uk/enterprisesolutions
Enterprise Solutions A division of Reed Elsevier (UK) Ltd. Registered office 1-3 Strand London WC2N 5JR Registered in England number 2746621 VAT Registered No. GB 730 8595 20. LexisNexis and the Knowledge Burst logo are trademarks of Reed Elsevier Properties Inc. © LexisNexis 2014 A2980. The information in this advert is current as of 0314 and is subject to change without notice.