Until recently, IG in law firms was primarily focused on chain of custody tracking, securing access to systems, and securing data. Without the external pressure felt in regulated industries, most firms never disposed of electronic documents nor destroyed physical records.
However, now they’re being forced to rapidly enhance IG capabilities to accommodate the distinct and demanding guidelines of individual clients, reduce storage costs, and mitigate litigation risk by eliminating old documents and records.
The IG Revolution is here
(But most firms are not equipped to handle it)
According to the IGI Annual Report, 94% of law firms name Records Management as a key part of IG, ranking higher than eDiscovery (86%), Risk Management (77%) and Compliance (88%)11 .
Yet, it is estimated that over 70% of law firms are currently using records management software that is outdated, unsupported, or sunsetted. And, less than 20% of law firms are using Cloud-based records management.
What’s worse, none of these legacy systems ever included IG functionality — not even the most basic IG function which is application of retention policies against physical records and electronic documents.
In other words, the IG revolution is here, but most firms are not equipped to handle it.
As a result, IG compliance threatens to overwhelm law firms’ resources, massively reduce productivity, negatively impact reputations, and undermine long-term profitability
What’s behind the IG Shift?
Many trends are impacting IG strategy, including the increase in attorney mobility. This includes lateral hires – arriving and leaving – as well as mergers, acquisitions, and even entire practices leaving.
Ultimately, new and evolving industry regulations surrounding healthcare data, financial credit information, know your client/anti-money laundering, and personally identifiable information are behind this IG revolution.
And the situation grows more challenging every year. Law firms with European business were significantly impacted by the 2018 General Data Protection Regulation.
Another factor driving law firms compliance is industry cooperatives, which are insisting on more stringent IG standards and practices. Leaders in regulated industries — like financial services, government agencies, and insurance — are collaborating to identify risks and define policies and practices to address these risks and their interests.
For industries with common risk profiles and regulated or sensitive information, collaboration enables them to pool their experience, identifying risks and share successes reducing these risks. They’re also sharing their lessons from data breaches, which have occurred internally or through vendor or supply chain incidents.
All of this knowledge is being used to create detailed information governance controls that are being adopted by the members of the consortium. These controls are supplied to law firms as Outside Counsel Guidelines (OCG), which are being included as part of engagements and subject to audits.