Your SlideShare is downloading. ×
0
CLE CODE: 23277

The Winning Case for Online
Document Management
Presented by:
Christopher T. Anderson, Esq.
Product Manag...
Christopher T. Anderson, Esq.

Product Manager, LexisNexis Firm Manager®
The proud father of a six-year old boy, avid pilo...
Dan Barahona

VP, Business Development, WatchDox, Inc.

Dan leads business development for WatchDox and is responsible for...
Clinging to the Past

Resources:
http://www.chubb.com/businesses/csi/chubb4629.pdf
http://www.americanbar.org/groups/profe...
Model Rule of Professional Conduct 1.16: Terminating Representation
Upon termination of representation, a lawyer shall [su...
What Defines Digital Documents?

6
Evolving Customer Expectations

7
8
Cloud Storage:
Is It Safe?

Model Rule of Professional Conduct 1.15:
Safekeeping Property
A lawyer shall hold property of ...
Model Rule of Professional Conduct
1.6: Confidentiality of Information
(a) A lawyer shall not reveal information
relating ...
Data Protection

11
Ensuring Your Online Data is Properly Protected

12
Data Ownership

Above all, your confidential client data belongs to your client.

Questions to ask:
•What are your contrac...
Data Ownership
Actual Terms and Conditions from (non-legal focused) Cloud Vendors…
− BRAND X will have no responsibility f...
Digital Rights Management

What is it? Why should I care?

15
Retrieval: Structured vs. Unstructured Data

16
17
Transmitting Information

18
19
Watchdox: Secure File Sharing and Mobile Productivity
Secure “Dropbox”

Mobile Productivity

Secure File Sharing

Document...
Questions

21
Sources
For Your Reference and Reading Pleasure
A Lawyer’s Guide to Records Management Issues, Chubb Insurance
http://www....
CLE CODES: 23277
43411

Thank You!
The Winning Case for Online
Document Management
Presented by:
Christopher T. Anderson, ...
Upcoming SlideShare
Loading in...5
×

The Winning Case for (Law Firm) Online Document Management

415

Published on

The “management of documents” has been a mainstay of lawyering since its inception. The creation, interpretation, preservation, and destruction of documents have long been the purview of attorneys. While the most important of these have been recorded with the Courts, others, including wills, contracts, indentures, instruments, and evidence have long been safeguarded … more or less effectively, by we, the legal profession.

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
415
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • The “management of documents” has been a mainstay of lawyering since its inception. The creation, interpretation, preservation, and destruction of documents have long been the purview of attorneys. While the most important of these have been recorded with the Courts, others, including wills, contracts, indentures, instruments, and evidence have long been safeguarded … more or less effectively, by we, the legal profession.
    Model Rule of Professional Conduct 1.15: Safekeeping Property:
    A lawyer shall hold property of clients or third persons that is in a lawyer's possession in connection with a representation separate from the lawyer's own property. ... [P]roperty shall be identified as such and appropriately safeguarded. Complete records of [the] property shall be kept by the lawyer and shall be preserved for a period of [five years] after termination of the representation.
    Anecdote – The storage unit of TW&A, and other firms. Unknown destruction of documents by pests, moisture, water, fire, etc.
    For a long time, we have created, stored, shared, and transmitted documents in a variety of ways … many of which date back to much simpler times. Once upon a time it was impractical to safeguard all but the most secure documents, unthinkable to “back-up” boxes and boxes of stuff, and unimagineable to retain control of a document once it left your office. No more.
    Resources:
    http://www.chubb.com/businesses/csi/chubb4629.pdf – Overall gyude to Records Management Issues
    http://www.americanbar.org/groups/professional_responsibility/services/ethicsearch/materials_on_client_file_retention.html - ABA Materials on Client File Retention
    http://www2.nycbar.org/Publications/reports/show_html_new.php?rid=794 – On obligations around Electronic Documents
  • Traditionally, documents started out as paper, were copied onto paper, and were stored as paper. (After stone tablets, of course.)
    Model Rule of Professional Conduct 1.16: Terminating Representation
    Upon termination of representation, a lawyer shall take steps to the extent reasonably practicable to protect a client's interests, such as giving reasonable notice to the client, allowing time for employment of other counsel, surrendering papers and property to which the client is entitled and refunding any advance payment of fee or expense that has not been earned or incurred. The lawyer may retain papers relating to the client to the extent permitted by other law
  • Dan – evolution of digital documents
    Chris – adds flavor legal industry specific
    4 kinds:
    Documents originally on paper – Scanned
    Documents originally on paper – Scanned and OCR’d.
    Documents originally electronic
    Documents originally electronic, and converted to another format
    Consider storage medium, and future accessability
    Not limited to “documents”
    Word
    Excel
    Audio
    Video
    Etc., etc.
  • Chris - With HIPAA laws and customers demanding more transparency, law firms are forced to make changes on how they share information with clients.
    Clients are used to accessing documents where they want, when they want.
    Evolving client expectations vis-à-vis how lawyers are organized (and conduct their business)
    Self-help
    Sophistication
    Anecdotes about banking, Dr. lab reports, etc.
    Dan – Add anything relevant
  • How to minimize risk by going digital
    Chris to take and ask Dan a couple of questions specific to minimizing risk
  • This slide leads to risk management – point out that what they currently have today in the office to include servers is not as safe as some cloud solutions.
    How traditional methods of document storage are actually less safe than online storage
    Risks
    Fire
    Intrusion
    Theft
    Loss/Misfiling
    Mitigation
    Backups
    Security
    Detection/Protection/Expiration
    Search
  • Self assessment
    Client-Lawyer Relationship
Rule 1.6 Confidentiality Of Information
    (a) A lawyer shall not reveal information relating to the representation of a client unless the client gives informed consent, the disclosure is impliedly authorized in order to carry out the representation or the disclosure is permitted by paragraph (b).
    (b) A lawyer may reveal informa tion relating to the representation of a client to the extent the lawyer reasonably believes necessary:
    (1) to prevent reasonably certain death or substantial bodily harm;
    (2) to prevent the client from committing a crime or fraud that is reasonably certain to result in substantial injury to the financial interests or property of another and in furtherance of which the client has used or is using the lawyer's services;
    (3) to prevent, mitigate or rectify substantial injury to the financial interests or property of another that is reasonably certain to result or has resulted from the client's commission of a crime or fraud in furtherance of which the client has used the lawyer's services;
    (4) to secure legal advice about the lawyer's compliance with these Rules;
    (5) to establish a claim or defense on behalf of the lawyer in a controversy between the lawyer and the client, to establish a defense to a criminal charge or civil claim against the lawyer based upon conduct in which the client was involved, or to respond to allegations in any proceeding concerning the lawyer's representation of the client; 
    (6) to comply with other law or a court order; or
    (7) to detect and resolve conflicts of interest arising from the lawyer’s change of employment or from changes in the composition or ownership of a firm, but only if the revealed information would not compromise the attorney-client privilege or otherwise prejudice the client. 
    (c)  A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.
  • “The only truly secure computer is the one unplugged from the wall and locked in a vault.”
    At bare minimum, vendors should provide “better-than-yours” data security. Ask them about:
    Encryption type?
    Environmental security?
    Testing methods?
    Real-time intrusion monitoring?
    Third party certifications?
    Internal controls?
  • Chris takes and Dan adds to it
    There are some standard credentials you should look for when shopping for a reputable vendor.
    You will see reference to SAS 70 type ii attestation. This is a Statement of auditing standards developed by the AICPA, the American Institute of Certified Public Accounts, to audit and examine internal controls of service organizations. SAS70 encompasses a number of data center best practices i.e.:
    Built and Constructed for Ensuring Physical Protection
    Protection of the Physical Grounds
    Provisioning process – someone who checks everyone entering and leaving the building
    Off-boarding process – when an employee leaves – a process for removing any access
    Maintenance of Vegetation – for purposes on not concealing or hiding an intruder
    Security Systems and 24x7 Backup Power
    Electronic Access Control systems
    Alarms, Cameras, Data center security (armed guards)
    Scheduled and unscheduled security inspections by internal and external parties
    These are just a few of the items as must haves for SAS70 compliance
    There was a blog by David Cochran () in mid-May that discussed the importance of making sure you find a provider that is SAS70/SSAE 16 certified, now he was referring to a discovery management provider but it is relevant for any cloud based solution where you have client privileged information. (see below for detailed references in the article). To sum up Mr. Cochran said “Does the provider you are about to select have the SAS70/SSAE 16 certification? If the answer is no, then move on.”
    2) eTrust - An eTrust Privacy Certification indicates that your website has been reviewed by eTrust and has met our stringent privacy and data protection requirements. Having an eTrust Privacy logo on your website or obtaining this certification signifies to customers that any critical data collected, such as home addresses and phone numbers are not exchanged with third parties without their consent. This is vital in having a trustful relationship between you and your customers. eTrust Privacy Certifications need to be renewed each year, however if you change your Privacy Statement we will automatically reassess it (there is no fee for this).
    3) Why should you care about where data centers are located? Not all countries have the same privacy and protection laws that the US enforces when it comes to your data and client privileged information.
    4) Trustwave, TrustE and HIPAA/HiTech are also terms you want to look for. Trustwave is the leading provider of on-demand data security and payment card industry compliance management solutions to businesses and organizations ; TRUSTe ensures compliance with evolving and complex privacy requirements; HIPAA/HiTech – this is mainly meaning that we encrypt information, we secure the data with authentication, we backup the data, we virus scan the data, etc.
    4) I think the other criteria you should consider when selecting a company to trust is their history and reputation in the industry. You want to be assured that the business you trust to lease mission critical software from and house your data is going to be around a year or two from now.
  • Re: Government requests – we have to abide by government requests, however, you own the data, we have to provide you with notice we are being asked for data
    Questions to ask:
    What are your contract terms/conditions?
    Policies on Government requests?
    Data return procedures?
    What happens when you cancel?
    How are third parties vetted?
    Use of my data internally?
    Is any anonymized information used?
  • X is Dropbox
    Y is Google
    More Dropbox:
    You, and not Dropbox, are responsible for maintaining and protecting all of your stuff. Dropbox will not be liable for any loss or corruption of your stuff, or for any costs or expenses associated with backing up or restoring any of your stuff.
    We may disclose to parties outside Dropbox files stored in your Dropbox and information about you that we collect when we have a good faith belief that disclosure is reasonably necessary to (a) comply with a law, regulation or compulsory legal request; (b) protect the safety of any person from death or serious bodily injury; (c) prevent fraud or abuse of Dropbox or its users; or (d) to protect Dropbox’s property rights.
  • Start with Dan –
    Digital Rights management has been around as early as the 1960s when recordings began to be pirated. And when documents went digital, and email became the prevalent way to communicate and send documents, many problems and risks were introduced to the world of Digital Rights Management.
    What it is? What it isn’t
    Hand off to Chris
    The 2012 ABA Legal Technology Survey showed that, although 57% of law firms offered an online (or cloud based) method of document management or storage, and 21% of lawyers use this type of service on a regular basis. It’s important to understand the professional responsibility of a lawyer and the ABA Model rules that focus on client privilege and protecting client information.
    Of the ones who do, only about 1/3 bothered to read corresponding privacy policies or make sure the sites had proper encryption.
  • Search
  • There are powerful and new methods of digital document search that can save hours of wasted time
    Dan talks about the trends in the document industry
    Chris talks about the legal industry specific stuff
  • Dan will talk about encryption
    Chris chimes in with legal specific stuff
  • Chris - How to lead the change for going digital at your firm:
    With Facts and Resources … what you learn here is a good start!
    By Example. Try it, learn it, teach it.
    By Comparison … is it better than what you’re doing today?
  • Here is an example using WatchDox of the type of Saas based solutions that are affordable as they are robust.
  • Transcript of "The Winning Case for (Law Firm) Online Document Management "

    1. 1. CLE CODE: 23277 The Winning Case for Online Document Management Presented by: Christopher T. Anderson, Esq. Product Manager LexisNexis Firm Manager® Dan Barahona VP Business Development WatchDox
    2. 2. Christopher T. Anderson, Esq. Product Manager, LexisNexis Firm Manager® The proud father of a six-year old boy, avid pilot, and lawyer: Christopher is the Product Manager for LexisNexis Firm Manager®, a web-based practice management system that helps attorneys get and stay organized, serve their clients better, work more productively, at any time, from anywhere. Mr. Anderson has authored several articles, and spoken to fellow attorneys on a wide range of topics, including law firm management, the ethics of cloud computing, the future of technology in law firms, etc. Mr. Anderson has presented to Legal Tech New York, ABA TECHSHOW, various State and Local Bar associations, National CLE conferences, etc. Prior to working with LexisNexis, he was the managing partner of fullservice law firm in Georgia. Mr. Anderson practiced in the fields of family law and business litigation, and nurtured his passion for bringing technology to bear to help lawyers work smarter, serve their clients better, and be more profitable. Previously, he also served as an assistant district attorney in New York City, and in Georgia. Mr. Anderson was also Associate General Counsel and Director of Client Services for RealLegal, a legal software company. He is a graduate of Cornell University, and received his Juris Doctorate from the University of Georgia School of Law in 1994. Christopher Anderson is admitted to practice in the federal and state courts of New York and Georgia. 2
    3. 3. Dan Barahona VP, Business Development, WatchDox, Inc. Dan leads business development for WatchDox and is responsible for the company’s strategic partnerships and driving new market opportunities. WatchDox is Before joining WatchDox, Dan was Vice President of Business Development at ArcSight, where he led the company’s technology alliances and partner ecosystem, as well as ArcSight’s integration into HP after its acquisition. Prior to ArcSight, Dan joined Sensage as one of its first 10 employees and drove the company’s transformation into the information security space. As the Vice President of Business Development, Dan led Sensage’s strategic alliances, completing OEM relationships with HP and Cerner, and partnerships with EMC, McAfee and SAP. Dan holds a B.S. degree in Engineering from the Rensselaer Polytechnic Institute, a Master of Engineering degree from Cornell University, and an MBA from the University of Michigan. 3
    4. 4. Clinging to the Past Resources: http://www.chubb.com/businesses/csi/chubb4629.pdf http://www.americanbar.org/groups/professional_responsibility/services/ethicsear ch/materials_on_client_file_retention.html http://www2.nycbar.org/Publications/reports/show_html_new.php?rid=794 4
    5. 5. Model Rule of Professional Conduct 1.16: Terminating Representation Upon termination of representation, a lawyer shall [surrender] papers and property to which the client is entitled… The lawyer may retain papers relating to the client to the extent permitted by other law. 5
    6. 6. What Defines Digital Documents? 6
    7. 7. Evolving Customer Expectations 7
    8. 8. 8
    9. 9. Cloud Storage: Is It Safe? Model Rule of Professional Conduct 1.15: Safekeeping Property A lawyer shall hold property of clients or third persons that is in a lawyer's possession in connection with a representation separate from the lawyer's own property. ... [P]roperty shall be identified as such and appropriately safeguarded. Complete records of [the] property shall be kept by the lawyer and shall be preserved for a period of [five years] after termination of the representation. 9
    10. 10. Model Rule of Professional Conduct 1.6: Confidentiality of Information (a) A lawyer shall not reveal information relating to the representation of a client unless the client gives informed consent… (c) A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client. 10
    11. 11. Data Protection 11
    12. 12. Ensuring Your Online Data is Properly Protected 12
    13. 13. Data Ownership Above all, your confidential client data belongs to your client. Questions to ask: •What are your contract terms/conditions? •Policies on Government requests? •Data return procedures? •What happens when you cancel? •How are third parties vetted? •Use of my data internally? •Is any anonymized information used? 13
    14. 14. Data Ownership Actual Terms and Conditions from (non-legal focused) Cloud Vendors… − BRAND X will have no responsibility for any harm to your computer system, loss or corruption of data, or other harm that results from your access to or use of the Services or Software − BRAND X: If you add a file to your [Brand X] that has been previously uploaded by you or another user, we may associate all or a portion of the previous file with your account rather than storing a duplicate − BRAND Y: When you upload … content to our Services, you give Brand Y (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works … communicate, publish, publicly perform, publicly display and distribute such content. − BRAND Y: Your domain administrator may be able to … access or retain information stored as part of your account [and]restrict your ability to delete or edit information… or privacy settings. 14
    15. 15. Digital Rights Management What is it? Why should I care? 15
    16. 16. Retrieval: Structured vs. Unstructured Data 16
    17. 17. 17
    18. 18. Transmitting Information 18
    19. 19. 19
    20. 20. Watchdox: Secure File Sharing and Mobile Productivity Secure “Dropbox” Mobile Productivity Secure File Sharing Document Control Track and Revoke
    21. 21. Questions 21
    22. 22. Sources For Your Reference and Reading Pleasure A Lawyer’s Guide to Records Management Issues, Chubb Insurance http://www.chubb.com/businesses/csi/chubb4629.pdf (Overall guideto Records Management Issues) Materials On Client File Retention, American Bar Association http://www.americanbar.org/groups/professional_responsibility/services/ethicsearch/materi als_on_client_file_retention.html THE ASSOCIATION OF THE BAR OF THE CITY OF NEW YORK COMMITTEE ON PROFESSIONAL AND JUDICIAL ETHICS, Formal Opinion 2008-1: A LAWYER’S ETHICAL OBLIGATIONS TO RETAIN AND TO PROVIDE A CLIENT WITH ELECTRONIC DOCUMENTS RELATING TO A REPRESENTATION http://www2.nycbar.org/Publications/reports/show_html_new.php?rid=794 22
    23. 23. CLE CODES: 23277 43411 Thank You! The Winning Case for Online Document Management Presented by: Christopher T. Anderson, Esq. Product Manager LexisNexis Firm Manager® Dan Barahona VP Business Development WatchDox
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×