When building a records information management system, start with the foundation
How to build a secure information management strategy for your law firm
Time: 2 minute read
Today, attorneys are practicing law in more mobile locations and utilizing more sophisticated equipment that allows them to access, transform and manage information related to their clients and colleagues.
With this level of information, law firms are a gold mine for data security breaches – digital and paper records can be lost, employee and customer trust can be weakened, and productivity and revenue can be threatened severely.
Today’s law firms are now managing more and more data daily, and it’s no secret that record keeping security and management must be built properly. It is a complicated process, and having a solid information governance (IG) program is necessary to help address this growing information management challenge.
I see many law firms make the mistake of approaching recordkeeping by making significant investments in Records Information Management (RIM) systems with state-of-the-art technology before reviewing their current IG program. On the surface, buying and deploying technology seems like a logical first step, but is it?
In the legal industry specifically, RIM is an essential component to an IG strategy. In fact, the 2015-2016 IGI Annual Report¹ highlights that 94 percent of respondents believe RIM is an important facet of an IG concept – ranking above eDiscovery (86 percent), risk management (77 percent) and compliance (88 percent), to name a few.
This high indicator points to the records inventory as a critical component of knowing what you have, why you have it, who’s responsible for it, and where it’s located. We see many firms attempting to enhance their records programs from traditional, tactical programs based on legacy paper to a more digital capture- and risk-focused strategy.
As a Certified Records Manager and Information Governance Professional, I advise many law firms to evaluate and improve their IG policies and procedures prior to implementing any technology via the following initial steps:
1. Begin with a review of current-state information management policies and practices and identify gaps by looking at the firm’s biggest challenges and concerns; assess the risk(s) to the firm and the opportunities for greatest benefit.
2. Identify what the future state may look like – uncover where the firm’s leadership sees it in 2 years or 5 years.
3. Design and recommend an IG solution that incorporates a framework for people, process and technology following a roadmap to successful process improvement within the firm’s practice priorities and firm culture.
4. Implement a process to ensure continuous improvement through routine monitoring and periodic assessments. Audit and adjust as required.
Consider working with a partner certified in IG – a partner with core competencies in RIM, who understands the value of integration among IG processes, technologies, and people across multiple practice groups, locations, departments and functions.
Information governance- critical to data security
- ¹ "2015-2016 Annual Report." http://iginitiative.com. November 11, 2015. http://iginitiative.com/tag/2015-2016-igi-annual-report/
Recommended for you
Four steps to improve digital data security at law firms
Learn how your law firm can build a better defense against breaches to better protect your data, your clients and your reputation.
Information governance through records management
Records management should always be a critical component of your integrated information governance and enterprise content management strategies.
BLG law firm outsources administrative services management to Ricoh
See how Ricoh administrative services management improved mail solutions, copy and print services and facilities management at Canadian law firm BLG.