The times they are a-changin’

Tuesday, May 2, 2017

Guest blog by Bryan King, Independent E-Billing Consultant

The legal e-billing market has been dominated for years by the large software vendors emanating from the North American market. Today, following several mergers and take-overs, ownership now concentrates in three or four major players. While these US vendors still have the largest market share and dominate the electronic invoicing of legal services solutions space, the scenario is changing. A variety of new e-billing or legal spend management solutions are entering the market and challenging the status quo.

Why do we need new e-billing solutions?

Some of the criticisms levelled at these older US based e-billing systems, apart from the fact that they do not necessarily appreciate the European cultural, regulatory and tax differences, is that they are very cumbersome, if not “clunky”, and do not sit well with the current trend in IT for software of requiring “no installation”. They require a degree of user set-up, law firm registration, often do not use intelligent defaults; and need regular maintenance of reference data, such as time-keeper details and charge out rates.

Other negative comments often made are that the US based e-billing vendors are too “corporate” and inflexible in their approach. Also, many law firms, especially those not using the large time and billing systems, are not able to produce Legal Electronic Data Exchange Standard (LEDES) files and so the view is that e-billing has not delivered on its promise to clients and law firms.

What do the new e-billing solutions offer?

Over the past few years, new solution providers have come into the market – both in the US and from within the EU. Interestingly, some of these solutions have been founded by lawyers who realised that many clients (and law firms) were resisting the more “traditional” e-billing solutions.

These new solutions bring a fresh perspective to legal spend management and utilise tools and techniques that are breaking ground in the delivery of IT services. For instance:

  • They are easy to configure, and use intelligent defaults and data driven user set-up.

  • They use text recognition software to read/convert the data from the e-bills or from PDF documents.

  • They take advantage of the latest developments in Artificial Intelligence (AI) to automate the bill review process, categorise narratives and provide pricing analytics.

  • Some combine AI with machine learning to enhance the data mining possibilities of the invoice information to enable the client to make better and informed decisions.

  • At least one new e-billing solution is totally “Apps” based – and fits the current trend for mobile working and smart phone access.

  • All claim to offer a low cost of ownership as they require no on-site installation and are delivered as web services.

  • They are easily integrated with other client applications such as document/knowledge management, project management, calendaring and the standard desktop – also reducing IT cost for the client.

  • They cover a wide range of business processes – from requests for proposals, procurement, matter budgeting, resource planning and project management, through to e-billing, reporting and management information – with easy to understand metrics for corporate legal departments and law firms.

  • They facilitate collaborative working between the client and the outside counsel. Among other things, they allow the client to review ‘Work in Progress’ and expenses in the pre-billing stages of each matter.

As a result, these “new kids on the block” are winning and taking customers away from the existing e-billing vendors. There is no doubt that these next generation legal spend management solutions are gaining ground. Many e-billing solutions have been in client organisations for up to 10 years; and like for all software solutions, users will be seeking to replace existing systems for new and current functionality. The new providers are in an excellent position to lure customers away from the existing e-billing solution vendors.

About Bryan King

Bryan King is an independent consultant, advising law firms and in-house legal departments on e-billing issues; and assisting with the successful implementation of legal spend management projects. Prior to this, he has senior IT management positions at Linklaters, Lovells and Clifford Chance. At Clifford Chance, he also held global responsibility for the firm’s electronic invoicing (e-billing) projects.

Tuesday, April 25, 2017

Top Cyber Security Tips for Law Firms

By Roy Russell, CEO, Ascertus Limited

At our recent ‘The Cyber Threat Landscape for Law Firms’ seminar, a number of experts in the industry presented their observations, views and suggestions on how law firms can effectively mitigate the impact of security breaches on their organisations. I thought I’d share some of their top tips with you:

  • Know your people – Hackers manipulate people, so gain an understanding of your employees and the organisational culture so that you can monitor threat activity by exception. This approach will also enable you to ‘grow’ your own social engineers as employees will learn the mindset of hackers to spot potential breaches.

  • Adopt behavioural analytics– Behavioural analytics can help you ‘know’ your employees. This approach provides a ‘finger print’ of each employee’s work practices. Any change in these habits could serve as a good indicator of a potential breach. For instance, a hacker using a, Intellectual Property lawyers ID to access sensitive M&A files on a matter would instantly flag up to the IT department as an anomaly, for appropriate action to be taken.

  • Block all the ways malware can infiltrate your organisation – Email is one of the most common vectors for malware to make its way into the enterprise. Ensure that your email security systems, network protections and web preventions recognise and block ransomware.

  • Play out the attack scenario – Put your systems to the test. In the event of an attack, how quickly will you be able to gain access to back-ups? Will your most business-critical systems continue to function, if hit by ransomware? Ensure that your contingency resources are adequately insulated from live ransomware attacks.

  • Enlist vendor support – Your technology suppliers must be able to support your systems and ensure that they are always current with security updates. Discuss with them where you can harden your systems, be it via application control, whitelisting, continuous endpoint recording, advanced threat protection and so on.

  • Ensure that security, legal, privacy and compliance teams work together – These disciplines are inter-related and a combined approach will ensure that you develop a comprehensive security framework for your firm, especially with the upcoming EU General Data Protection Regulation (GDPR)

  • Adopt intelligence-driven security operations – Go beyond traditional IT security to embrace Adaptive Threat Processing. This will facilitate a big picture of the threat landscape – everything from assessing new threats, adaptive controls, detecting manifesting threats, mitigating the impact as well as monitoring threats and their evolution.

  • Take a long-term view of security – The threat actors are evolving and becoming increasingly sophisticated in the way they operate. They operate differently in different sectors. As you develop your firm’s cyber defences; incorporate future security requirements, looking at the business and threat scenario at least three to five years ahead so that your security measures remain strong and pre-emptive at all times.

Law firms are a major target for all manner of cyber criminals – from Organised Crime Gangs, Hacktivists and perhaps even Nation States. These above tips will help bring together people, processes and technology to shore up your law firm’s cyber defences in a measured and practical manner

This blog includes tips from experts from The Security Alliance, iManage, Mimecast, DocuSign, Jenny Radcliffe and QuoScient.

Monday, June 19, 2017

Law Firms Need a Paper Lifecycle Management Strategy

- Roy Russell, CEO, Ascertus Limited

Ask a law firm if the organisation has a ‘paper to digital’ strategy and the majority will affirm. Then ask if they are seeing a significant reduction in paper in their organisation, and the typical answer is likely to be a resounding “no”. Law firms are investing significantly in digital transformation projects to minimise paper, make cost savings and enhance data security – but without a full paper lifecycle management strategy, their efforts are proving to be ineffective. Furthermore, they are putting their businesses at risk of non-compliance with the upcoming EU General Data Protection Regulation (GDPR).

Research by Docsolid, a provider of Paper2Digital solutions, reveals that 57% of all paper in law firms is a printout of existing electronic files stored in their document management system (DMS). This paper matter file would grow another 39% if all the other DMS-printed paper that is on lawyers’ desks, in filing cabinets, scanning rooms and secretaries’ workstations, is collected. We don’t need or want to file and store these duplicate documents, but we do: we keep filing, re-filing, moving and storing the same paper.

This situation begs the question – if all the documents are stored in the DMS, why are firms printing and storing them in physical paper files? There are two answers – one, that lawyers often like to work off paper (understandable); and two, firms don’t have a process to be a 100% sure that they have the most recent version of the paper documents stored in the DMS and therefore there isn’t a need to retain them. To mitigate the risk of losing matter-related data, they duplicate electronic versions in physical matter files.

The reasons for reducing reliance on paper records include the continuously burgeoning cost of paper storage (which is entirely avoidable), the physical risks of losing critical information (e.g. warehouse fire), the cost of manually managing matter files, and so on. Although these issues are well known, little has been done to alleviate them. However, with new regulations such as GDPR, new answers need to be found and pertinently firms now need to be able to answer the following question, in a fast and effective manner, suitably supported by evidence and audit trails – do we know what personal records we hold?

To take steps towards GDPR compliance, firms need a concerted paper lifecycle management and retirement strategy to fill a gaping hole in their current paper-to-digital methodology. Every firm has some form of casual paper scanning solution and / or a central scanning department, but paper lifecycle management is not purely a paper scanning exercise. The paper lifecycle methodology must be supported by tools designed to ensure that paper is appropriately managed from creation through to de-duplication and retirement.

One such product, which seamlessly supplements the DMS and allows firms to adopt an effective paper lifecycle management strategy is by Postmark from Docsolid. Postmark identifies those paper documents that have been printed from an electronic document that is filed in the DMS, by placing a small bar code in a corner of the printed document. The presence of this bar code on the paper denotes that a corresponding electronic copy is filed in the DMS. After the paper document is used, it can be destroyed instead of being scanned and re-filed. In addition to removing this large segment of the paper burden from a law firm, there are other operational advantages to Postmark. Often, electronically filed documents are printed, and manual notes are made on that paper. The hand notated paper becomes a new document, with new information, and must be filed as the fee earners notes in the related matter file. If a notated document has a Postmark, it can be scanned and auto-filed, because the Postmark bar code is used to automatically link the scanned image to the related client-matter-folder-description without any further data input.

Scanning paper for storage is critical, but only one part of the paper to digital process. Including a paper lifecycle management and retirement strategy within the overall methodology can help firms break the vicious cycle of robotically printing-filing-scanning-electronically storing-physically archiving – regardless of whether it is required or not. Crucially, it will tangibly support GDPR as firms will know exactly what information is stored, where, and in what format.

Such an approach to digital transformation realistically supports a ‘less paper’ strategy as opposed to a ‘paper less’ policy, which as yet, has proven to be unachievable, given lawyers’ affinity to hard copies. With a fully integrated approach to printing, scanning and document management, firms can provide their staff a paper friendly process whilst allowing them to reduce costs and mitigate the risks associated with the ongoing management of paper.