Digital Transformation And Data Security: A Matter of Law

Patrice Cappello

When it comes to data security, most people think of hacking or viruses. But law firms have additional concerns. Are spreadsheets being traded? What must appear in billing while maintaining client confidentiality? Who gets to see those bills, and how do you ensure that no one else has access? How do you collaborate without leaving yourself open to a data breach? Though law firms are beginning to use more modern technology to secure client information, they still have a long way to go. Fortunately, we have the opportunity to work with experts like Ahmed Shaaban. He’s a founding member of Fulcrum Global Technologies. Here’s why it’s time for legal businesses to go through digital transformation.

Failing to plan is planning to fail

Did you know half of all attorneys have no plan for a data breach? A recent Law 360 article points out this fact, while mentioning 25% of all law firms have had a data breach. Obviously, security is an important part of legal data management. Mobile and cloud computing creates friction, as many law firms strictly limit what information can be used in the cloud while ignoring more important data security aspects. Security measures are getting better, as Mr. Shaaban points out. “Law firms today have impressive options when it comes to the availability of modern software. You’re talking about the battle tested software and systems and architecture. The kind of software that runs banks, that runs governments. It’s very, very well secured. I’m talking about segregation of duties, responsibilities, and internal controls that govern who can see what.”

Borrowing solutions from banks and governments

Mr. Shaaban recommends putting similar internal controls in place. Going to a role-based system creates segregation of duties. Many legal enterprises have responded to data breaches by overly tightening network security and access. Creating a role-based system allows levels of access, rather than leaving a system completely bound or completely open. Many data security professionals have horror stories about shared or poorly protected passwords in response to tightly controlled networks. He notes that law firms are often at the top, “when it comes the concept of the confidential information, more so than anybody.”

The high cost of data breaches

Many law firms are global, which brings up more issues as many countries have strict laws about data security. If these laws are broken, whether intentionally or unintentionally, the resulting fines are high enough to put many law firms out of business. Even when all the laws have been followed, Mr. Shaaban says, a breach is “probably going to be the beginning of a death sentence for them, because they really can’t afford to have that perspective from the outside.” The publicity alone will finish off many law firms, due to the lack of trust their clients may feel following the breach. A 2013 study by a legal insurance group found that the average cost per record in a data breach was $188. It also found that only 24% of data breaches were caused by hackers with malicious intent, while 40% were caused by human error. Another 36% were system glitches that unintentionally revealed sensitive information. That means over three-quarters of all legal data breaches arguably could be preventable.

Automation provides protection and saves labor

Good digitization processes automate aspects of activity based on the roles involved. Accountability is another area, with tracing available to audit the movement of information. That directly lends itself to better digital security while providing a seamless, more responsive system. Using a more centralized approach, rather than a more separated one, ensures better digital security across the board. It covers everything from contact management and billing to intellectual property and confidential client information. From a central database to calendar events on a wearable device, the entire system is seamless and secured. At the same time, automation removes human error and excess labor costs to move information from one system to another. Instead, activities are automatically done by the central system in response to a user action. For example, logging time from a court hearing automatically generates a bill without accidentally transferring sensitive information. This allows human assets to be leveraged to maximize your legal service’s production while lowering overhead and labor costs.

Data security is a serious topic, and legal services can no longer wait to start digitization. Approximately 90% of business executives recognize that disruption can have a serious impact on their business. Yet only 25% are making plans to make the change. Even worse, only 15% are funding and acting on those plans. Is your business one of that 15%, or will it be left behind?

Visit our online resource center and download a copy of our new white paper, Legal 3.0: Navigating the Trends Driving Changes in an Increasingly Digital Legal Industry. While there, explore a host of resources to help you re-imagine your legal business in an age of digital transformation.


Patrice Cappello

About Patrice Cappello

Patrice Cappello is the North America Industry Lead, Professional Services, at SAP. She is responsible for creating annual business plan and execution strategy to achieve revenue targets; develop marketing strategy and tactical plan to drive pipeline growth; participate on sales teams as Industry executive advisor; and create relationships with and enable partners to ensure revenue stream through indirect channel.