Stack of books in library

When building a records information management system, start with the foundation 

by Stephanie Kurtz
Today, attorneys are practicing law in more mobile locations and utilizing more sophisticated equipment that allows them to access, transform and manage information related to their clients and colleagues.

With this level of information, law firms are a gold mine for data security breaches – digital and paper records can be lost, employee and customer trust can be weakened, and productivity and revenue can be threatened severely. 

Law firms are a gold mine for data security breaches – digital and paper records can be lost, employee and customer trust can be weakened, and productivity and revenue can be threatened severely.

Today’s law firms are now managing more and more data daily, and it’s no secret that record keeping security and management must be built properly. It is a complicated process, and having a solid information governance (IG) program is necessary to help address this growing information management challenge.

I see many law firms make the mistake of approaching recordkeeping by making significant investments in Records Information Management (RIM) systems with state-of-the-art technology before reviewing their current IG program. On the surface, buying and deploying technology seems like a logical first step, but is it?

In the legal industry specifically, RIM is an essential component to an IG strategy. In fact, the 2015-2016 IGI Annual Report1 highlights that 94 percent of respondents believe RIM is an important facet of an IG concept – ranking above eDiscovery (86 percent), risk management (77 percent) and compliance (88 percent), to name a few.

This high indicator points to the records inventory as a critical component of knowing what you have, why you have it, who’s responsible for it, and where it’s located. We see many firms attempting to enhance their records programs from traditional, tactical programs based on legacy paper to a more digital capture- and risk-focused strategy. 
Records management infographic
As a Certified Records Manager and Information Governance Professional, I advise many law firms to evaluate and improve their IG policies and procedures prior to implementing any technology via the following initial steps:

1. Begin with a review of current-state information management policies and practices and identify gaps by looking at the firm’s biggest challenges and concerns; assess the risk(s) to the firm and the opportunities for greatest benefit.

2. Identify what the future state may look like – uncover where the firm’s leadership sees it in 2 years or 5 years.

3. Design and recommend an IG solution that incorporates a framework for people, process and technology following a roadmap to successful process improvement within the firm’s practice priorities and firm culture.

4. Implement a process to ensure continuous improvement through routine monitoring and periodic assessments. Audit and adjust as required.

Consider working with a partner certified in IG – a partner with core competencies in RIM, who understands the value of integration among IG processes, technologies, and people across multiple practice groups, locations, departments and functions. 

Information governance is critical to data security 

Discover how to develop a strong information governance strategy today. 
Stephanie Kurtz
Stephanie Kurtz, Senior Manager, Advanced Services Strategy, Ricoh USA, Inc. is a technology innovator and leader with a sophisticated grasp on emerging and existing technology and its application to drive business performance improvement and strategy. Kurtz has over 25 years experience in Information Technology specializing in governance, risk, compliance and information security. She teaches technology, governance and risk courses at the graduate and under graduate level, and has CGEIT, CRISC, ECMp certifications. 
1  "2015-2016 Annual Report." November 11, 2015.