Law firms are still struggling to adequately deal with the amount of paper documents in their possession
Data breaches are a concern for all organisations. However, law firms are some of the most attractive targets, particularly as they hold a wealth of sensitive data and financial information. According to Kyocera Document Solutions UK, inadequate paper management practices are leaving firms increasingly vulnerable to security breaches and impacting their capacity to remain compliant in today’s GDPR era.
To establish more control over their paper, over the last few years many legal organisations have implemented dedicated document management systems (DMS). Although these tools have helped firms move towards electronic storage, most are still dealing with a large amount of paper documents. This ‘disconnect’ between the paper and electronic realms might lead to, for example, lawyers obtaining scanned versions of paper documents and emailing them to themselves.
Considering that last year, 46 per cent of firms reported a loss or leakage of confidential information caused by one of their own staff, there remains a clear danger that a lack of holistic paper management processes could lead to sensitive information falling into the hands of the wrong people.
Andrew Smith, Group ICT Services Director at Kyocera Documents Solutions UK commented: “The uptake in DMS shows there is a sector-wide interest in strengthening document management practices in law firms. However, truly mastering this process is complex: when looking to implement such systems, organisations first need to review their overall business process and make sure that they won’t be held back by outdated and inefficient legacy technology. If they have to adopt new devices and software, they will need to ensure these are compatible with existing systems so that the entire infrastructure works cohesively and effectively.
The other factor to take into account is how information enters firms in so many forms and from multiple sources, not just electronically. In a typical case, there is a long legal paper chain that requires a lawyer to be instructed about the case history, untangle the details and correspond with the opposing side. As such, there are still plenty of gaps where information isn’t managed as securely as it could be, particularly when you consider that firms are continuing to rely on secretaries and fee earners to manually sort and deliver paper-based documents throughout the office.
“These gaps are leaving legal firms open to compromise, whether this be through a data breach, falling foul of GDPR regulations, or both. For a sector that prides itself on abiding by legal and regulatory frameworks, some firms may not be practicing what they preach.”
Given that current practices are not sufficient to guarantee overall security, the question that remains is: what can legal organisations do to shore things up?
Andrew concluded: “The next step for the sector should be to embrace further innovation and invest in technology that essentially creates a ‘hermetically sealed bubble’ that widens the scope of electronic DMS-style security and control capabilities to cover the wider data management ecosystem. This should incorporate a bottom up review of business process coupled with the correct technology application, enabling law firms to manage and control all the data either entering, created within, or leaving a law firm. Only when this airtight bubble is created can law firms work smarter, faster and, more importantly, in a manner that ensures they stay compliant and client data remains secure.”