Client Confidential & Segregated Matters
Clients share some of their most sensitive and valuable information with outside counsel. Today, news stories about data leakage (e.g. WikiLeaks) and lawyer insider trading have heightened client concerns about how their sensitive business information is treated by outside parties. When this information is misused, or accidents occur, clients and law firms alike risk damage to their reputations, fines and other repercussions.
In response, as reported in multiple Risk Roundtable surveys, 90% of law firms have been asked by clients to take special measures to restrict and track internal firm access to their sensitive information. Clients are routinely asking tough questions about firm information security practices in RFPs and even conducting audits.
In this context, it’s clear that being able to demonstrate effective confidentiality management is critical for both professional compliance and business development.
Client drivers for enhanced confidentiality include:
IP of Utmost Business Value -- Clients from industries such as pharmaceuticals or technology, where the mistreatment of intellectual property such as patents, trade secrets or product plans may have dire consequences
High Profile / PR Sensitivity -- Individuals or organizations concerned about potential press leaks, even revelations that they have solicited legal advice
Regulatory Controls -- Various regulations and statutes such as HIPAA, Sarbanes Oxley, data privacy and consumer regulations driving clients to insist on greater protections by outside counsel
Client Customer Requirements -- Clients' obligations to their customers or partners specifying how data may be handled when communicated to third parties, including outside counsel
To foster collaboration and leverage existing work product, law firms generally provide open internal access to the internal information repositories that store client data. This means that sensitive materials may be viewed by hundreds or even thousands of individuals, particularly given the growing use of search tools that make it easy to surface restricted information (either accidentally or intentionally).
However, in order to serve clients with heightened confidentiality requirements, firms must change their normal operating practices. In the past, it was common practice for firms to lock down access to specific documents or workspaces manually. Unfortunately, manual approaches fall short:
- They create new burdens for lawyers and staff
- They increase the risk of inadvertent human error
- They are challenging to update over time
- They cannot provide the documented audit trail and record of compliance required by clients.
What’s more, manual approaches cannot effectively extend and maintain information security controls across all repositories where client information or descriptive data is stored.
The IntApp Solution – Wall Builder
Wall Builder is specifically designed to address strict client confidentiality requirements. It provides the automated notification, enforcement, audit and reporting capabilities critical to addressing client compliance needs.
Wall Builder is the most-adopted information security management software for law firms. And IntApp works with firms and clients to understand existing and emerging confidentiality mandates, such as ISO 27001 certification, to enhance the product on an ongoing basis.
Wall Builder enables firms to differentiate themselves in market in order to demonstrate the capabilities necessary to win and retain the business of sensitive clients.