Reframing GDPR Compliance as a Business Opportunity
GDPR compliance can represent a quantifiable benefit that can make firms stand out against the competition, identifying and connecting efforts to clear ROI for the investment.
October 09, 2018 at 07:00 AM
8 minute read
Competition for legal business is growing, and finding ways to strengthen your firm's competitive position, client roster, and profitability are vital to your success. Something as simple as changing the way your firm chooses to view a new challenge can be the key to re-framing it as competitive opportunity.
Imagine a workflow solution that can help your firm connect critical information with the right people quickly. Effective information governance solution can do this and it's just one of its ancillary benefits to a regulatory compliance initiative. For too long, law firms have seen regulations involving content security to be a burden but only a few have recognized that information governance can represent a shift toward faster access to pivotal, path altering information.
Regulations like GDPR are changing the way firms are expected to handle and secure protected information and while its origin is the EU, GDPR is global in reach and U.S. law firms are no exception.
The swell of conversations around the General Data Protection Regulation (GDPR) have pegged the new regulation as a burdensome challenge to organizations of all shapes and sizes, one that involves a significant monetary and time commitment. And U.S. businesses that come in contact with protected PII in the course of business may have liability, even if they were not the initiators of collecting it.
According to a recent study conducted by the Ponemon Institute (sponsored by McDermott, Will and Emery), on average, companies are spending a whopping $13 million to meet compliance standards and many indefinitely plan to include a line item in future budgets to maintain compliance. Meeting GDPR standards can be complicated or require more manpower than anticipated, so it's no surprise that the same study found that 40 percent of organizations didn't expect to be compliant by the May 25 deadline and some weren't sure when compliance would be met for their organization.
While we can't deny the seismic change that the GDPR presents now and the work ahead, legal professionals can change their perspective and look at it another way: as an opportunity.
Exceptional information governance—the ability to manage data and information effectively within an organization—is a potential competitive advantage for law firms of all shapes and sizes. GDPR compliance can represent a quantifiable benefit that can make firms stand out against the competition, identifying and connecting efforts to clear ROI for the investment. Making a shift in perception from 'overwhelming challenge' to 'competitive opportunity' offers firm administrators a tangible and valuable business case connected directly to core law firm motivations; competitive position and profitability. There is a wealth of valuable, diverse, and often, confidential information passing through law firms every day, and embracing the GDPR can allow firms to improve data hygiene, collection and management and bring vital information to the surface quickly.
Implementing the right technology can be a significant portion of the investment and can be critical in not only helping with a firm's compliance efforts, but also improving a firm's ability to collect, access, and manage data.
Based on the current trends and typical characteristics, there are specific opportunities for law firms of all sizes to help them stand out from the competition with GDPR efforts. Identifying these as opportunities can make the business justification much more palatable and compelling when the concept meets the budget committee.
Add structure to the agile environment of a small firm
A small law firm's greatest strength can be its independent and agile nature, allowing for increased flexibility for employees and clients of the firm. With each technological step forward, firms can be inadvertently creating new security threat vectors.
Focusing on information governance can not only introduce a strong foundation for a firm, but it can also increase productivity and better automate administrative workflows.
Content connectors and integrated document processing platforms can help firms streamline document workflow and data management with added security features. Additionally, workflow platforms with trending technologies like artificial intelligence and machine learning as a standard can help to automate these manual processes and improve accuracy.
Organize information sharing during M&A between medium-sized firms
There is a trend of small and medium-sized firms merging in the industry in order to compete with their larger competition. However, when bringing together two firms—that often mirror the characteristics of a small organization mentioned above—the collection, consolidation and organization of data and information can be messy. Firms with volumes of unstructured data risk losing valuable time, productivity and institutional knowledge when pressed to merge workflows.
The first step to remediation is, often, an honest self-evaluation that maps workflows involving sensitive information and classify the content by value and potential risk. Prioritizing the organization of data before a merger can help firms take on the task of content management in small, manageable 'bites'. Prioritization can also help ease through the transition with fewer 'unknown' variables and clarity of focus knowing what needs the highest level of attention.
Consider reputable information governance software and solutions that prioritize security, data value and automation. Leveraging advances in content automation can help decrease high cost low value rote work and improve visibility and contextual value represented in the sensitive content firms handle on a daily basis. Remediating unstructured data is a step in a firm's compliance efforts that can also help firms reduce workflow bottlenecks, decrease storage costs and provide quicker access to vital information that could prove to be pivotal to their success. Additionally, consider seeking services from professionals who can help classify, cull and analyze data, as well as implement information governance, during a transitional period.
Protect against the high-visibility of a large firm
Large firms typically need not worry about a lack of structure or access to resources; however, they do face a different challenge of exposure and high visibility. Law firms have already been the target of hackers who have identified the target rich cache of valuable information. This can make large firms susceptible to breaches and security threats and media attention on any mistakes or mishaps.
Welcoming added compliance and security efforts can fare well for large firms who are looking to improve their measures against these vulnerabilities. Law firms and general counsel for large organizations can also be under pressure to reduce liabilities while also managing costs. While cyber-security insurance is becoming a pervasive reality, premiums can be directly correlated with a firm's ability to demonstrate good information governance and content security.
While established organizations may already have the technology to manage data and information, consider updating to software and products that boast the latest security features that can touch every bit of information from digital to printed files.
Match client's compliance and gain more business as outside counsel
Lastly, general counsel of large organizations are under growing pressure to secure sensitive content and insist that the law firms bidding on projects share their level of vested interest in content security. As more and more potential clients upgrade their organizations' infrastructure in order to be GDPR compliant, they will expect that all third parties that work for them do the same – and many may require it.
To boost an outside counsel's résumé even further, consider investing in technologies that will not only help you with your GDPR compliance efforts, but also improve productivity and data management.
With a proactive attitude and by working with experienced and reputable partners in all facets of the business companies can not only improve their GDPR compliance efforts, but also enhance their marketable value in a highly competitive industry simply by re-framing how they perceive the value of information governance.
Tracie Sokol is vice president and general manager, Marketing, Business Imaging Solutions Group, Canon U.S.A., Inc. In this role, she oversees all marketing operations for the Company's dealer-facing business including programs, vertical marketing, major trade show initiatives, sales training and advertising. Canon U.S.A. does not provide legal counsel or regulatory compliance consultancy, including without limitation, Sarbanes-Oxley, HIPAA, or the GDPR. Each customer must have its own qualified counsel determine the advisability of a particular solution as it relates to regulatory and statutory compliance.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllTrending Stories
- 1Friday Newspaper
- 2Judge Denies Sean Combs Third Bail Bid, Citing Community Safety
- 3Republican FTC Commissioner: 'The Time for Rulemaking by the Biden-Harris FTC Is Over'
- 4NY Appellate Panel Cites Student's Disciplinary History While Sending Negligence Claim Against School District to Trial
- 5A Meta DIG and Its Nvidia Implications
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
