Please enter your details to access the webinar password
In an increasingly competitive marketplace, law firms are under pressure to continually improve their operations and deliver an enhanced experience for clients. While firms can leverage technology to do this, it’s vital that they are investing wisely, intentionally and with purpose – especially given the current commercial landscape of the Covid-19 pandemic.
Before responding to requests for new tech or cutting edge IT solutions, law firm business and IT leaders must understand and plan for change. There must be an IT strategy in place, which aligns with the business’s direction and overall growth strategy, which will enable strategic decision making
In this webinar, Chris White, Head of Consultancy, and Robert Rutherford, Chief Executive Officer, will give an introduction to IT strategy for law firms. They will discuss the strategic importance of IT for law firms and how they should organise it.
The legal business landscape is still changing at pace and thus the firms within it need to change to protect their client base, their staff, their brand and their margins. IT systems and platforms now sit at the heart of every firm and are key to supporting these important areas.
Within the IT estate, the practice management system is king and generally includes other important solutions, such as case management, document management and CRM. There’s certainly a renewed vigour in the legal sector around technology and the practice management system is the place where most firms are looking for an advantage.
There are however several common mistakes which all sizes firm continue to make time after time when it comes to choosing a practice management system.
1. Following the herd
The legal sector is notorious for having a herd mentality, particularly around IT. It’s common to see firms choosing the same practice management system based solely on another firm’s decision. And sometimes, before that firm has even implemented it!
It’s a dated strategy, basing decisions on what others are doing rather than being driven by specific strategic objectives. Whilst 10 or 20 years ago, in a smaller, less competitive market, there may have been some merit from being in the same boat. However, in an ever-increasing competitive market, this is no longer a sound strategy.
It’s important firms choose new business systems on their own strategic objectives and/or operational requirements. And to do this properly they must understand what’s available in the market and what’s possible; however, this needs to be a continual process, not just a something done once every 5 to 7 years.
To achieve a competitive advantage and increased margins, you must map the right technologies to specific and documented requirements, both operational and strategic. This doesn’t mean ticking off a features list – it’s about being in control of the sale and having a concrete understanding of the desired business outcomes before even looking at software products. If a firm just follows the herd, they aren’t generally in control of their firm’s direction and the move to a new practice management system is often unstrategic. This will significantly impact a firm in a rapidly changing landscape.
Many firms choose new practice management systems for a variety of reasons:
Their old system is going end of life;
Other firms (the herd) are moving to a new system or
They’ve seen a shiny presentation that promises buckets of gold.
These are fundamentally the wrong reasons to be choosing new software and will often lead to failed projects – at least in terms of a return on investment or getting any sort of competitive advantage.
New software purchases should be driven by the business need, defined by the business strategically and led by the business board. Strategic objectives should drive the decision-making process and it’s important to define the objectives you wish to achieve post-implementation. It’s therefore essential to analyse and define the real business requirements upfront to ensure the right business outcomes are delivered.
Many firms also don’t know where they stand in terms of the maturity of their IT systems and capabilities, particularly how they use their systems. It’s essential to do work upfront and baseline where they are now across areas of the business and defining the key project success factors on a departmental and firm-wide basis. It’s also critical not to simply focus on the fee-earning side of the firm. Marketing, business development and back-office functions are more critical than ever when looking at a practice management system.
3. Looking at one solution to fit all IT requirements
It’s common for firms to believe that using a single IT solution to deliver multiple functions is a sensible move. This (with the exception of the smallest of firms) is a significant mistake.
Practice management, case management, CRM and the like are important business functions and you will struggle to find a package which delivers great functionality in every area. Whilst one may deliver great case management and finance functions, you’ll often find other areas are mediocre. This leads to frustration in some departments and missing out on critical features that can deliver a significant business advantage.
Typically, firms should be looking at solutions to deliver for specific business needs. They need best-of-breed (balanced against budget and ROI) and shouldn’t be afraid to purchase new systems and integrate them the core line of business applications, i.e. their financial and case management systems.
There’s no harm in having in-built time recording or CRM but not using it and choosing a best of breed add-on solution if there’s a clear business case or return. Too many firms also end up changing their operations negatively to fit into a system, rather than choosing a solution that moulds to exactly what they require. This is quite possibly the worst thing you can do as it hampers growth, flexibility and innovation.
4. Viewing IT related projects as the IT team’s responsibility
Most IT projects these days are business improvement and change projects; practice management systems’ probably being the biggest business change project most firms undertake. Although a practice management system may be software-based and run on an IT platform, the outcomes are definitely business ones, be it generally operational or departmental. To push these projects to the IT team is therefore negligent at best.
IT or course plays their part, but often, particularly around Practice Management, they shouldn’t be leading the project. They have their responsibilities, but generally, they shouldn’t be solely accountable for the business results.
If a firm has a CIO, they’ll typically be the link that bridges the ‘business side’ of a firm and the ‘IT side’. Ultimately they’ll take overall accountability for successful project delivery. However, most mid-sized firms don’t have the luxury of a CIO.
With that in mind, it’s often sensible to build project teams and boards to own the delivery of a project, such as including key stakeholders, relative partners, departmental representatives along with IT. This way everyone has buy-in, rather than pointing fingers, shrugging shoulders and saying the change was forced upon them.
5. Not checking the contractual details and deliverables
Lawyers, of course, pay attention to the contractual details around the general terms of business when engaging with a software vendor. However, they often forget to ensure that the contract factors in successful project delivery, in terms of clearly defining the deliverables at various stages of the project life cycle.
It’s critical to define the stages and key milestones of the delivery, typically alongside staged payments. This certainly helps focus the mind of the vendor and ensures that expectations are managed on both sides.
Vendors will often link payments to key stages of project delivery. However, these staged payments are not typically in place for the firm’s benefit, but rather simply to ensure the vendor is paid. It’s, therefore, a good idea that a firm leads in defining project deliverables and what the measurements of success are prior to signing any deal.
These need to be documented clearly, agreed by both parties and then form part of the contractual terms. Too often are firms left with a solution that doesn’t provide any advantages over the one previously in place, because they did not define ‘success’ at the outset.
Firms need to understand that they are entering into a long-term partnership with the software vendor when they select a practice management system. Contracts are typically multi-year so pay attention to the vendor’s obligations, the service level agreements and where additional costs may come from. This is more critical now that many vendors are delivering their services via the cloud and thus firms are getting multiple services from traditional software vendors, not just software licensing and software support.
I understand that firms do not change their practice management system very often but, when they do, see it as an exciting stage of transformation. It’s a big business change project and the risks are significant. However, the advantages are also significant if managed and implemented correctly.
With less than 10 months to go until the General Data Protection Regulation (GDPR) officially comes into force firms should certainly be starting their preparations to ensure they meet compliance requirements as soon as possible – if they haven’t already begun.
The implementation of GDPR is likely to have far-reaching consequences. It will standardise data protection regulations across Europe and introduce strict financial penalties for those who do not comply. Far greater than any which we have seen before. For law firms who are responsible for a wealth of sensitive client data, such as those who handle high net worth individuals or who share personal data with third parties under lasting powers of attorney, this is likely to be a challenging time as they strive to get ready for the new restrictions enforced by the GDPR.
However, GDPR is not just another tick-box exercise which can be set aside once compliance is achieved. Not only are there actions firms will need to carry out regularly to ensure they remain in line, there are also future risks to consider. The cyber security landscape is ever-changing and the risks are only increasing, as demonstrated by the global WannaCry and “Petya” attacks earlier this year. As GDPR further widens the definition of personal data and places an even greater monetary value upon it, this makes it an even more attractive target for cybercriminals and, by extension, potentially increases the risk of cyberattacks against law firms.
The future for law firms
You can certainly expect to see indemnity insurance premiums ramp up considerably, as potential compliance-related fines go from tens of thousands of pounds into potentially millions. The penalties for data breaches are going to be high. Fines for non-compliance will reach €20 million or 4% of global turnover, whichever is greater.
Traditionally firms may have tried to kept any data breaches under wraps, however now with GDPR they will have to report the breach to the Information Commissioner’s Office (ICO) or the relevant supervisory authority (for example if the breach occurred outside of the UK), as well as notifying those individuals who have been affected. Under GDPR firms must report the data breach within 72 hours of discovery, and failure to do so will lead to significant fines on top of any applicable fines for the breach. As data is often stolen during a breach this could have a significant reputational impact, along with compensation claims from those affected. Hackers could also use that stolen data to hold the firm to ransom.
GDPR will further fuel the rise of ransomware attacks as the impact to the target is now so much greater. Right now, and previously, attacks were mainly an inconvenience for the majority, you typically reverted to the last backup. It would be painful but the damage was often contained. With the GDPR, the impact will be higher as the party held to ransom will want more than just the return of their data. They will want to prevent that data from being leaked due to the potential fines. It’s common for ransomware creators to now build in “datanapping” technologies that steal information before locking a business out. With the introduction of GDPR, “datanapping” will be just as effective as the traditional encryption payload incorporated into ransomware.
Phishing attacks are also likely to increase. I would expect to see the complexity and sophistication of these attacks to increase, alongside the rise in ransomware. The potential earning for the fraudsters has now begun a “global arms race”. Initially, attacks have been widespread and not necessarily focused on the legal market. However, a number of significant breaches alongside their reluctance to invest in appropriate security by large swathes of small and mid-market firms will make these organisations an attractive target.
The risks to law firms are real and should be addressed through a standard risk register, with applicable controls applied. In reality, many firms will need to invest in improving their security systems, alongside ensuring they are compliant with GDPR. This is completely essential and cannot be ignored, some firms are simply fortunate that they haven’t been breached. At the end of the day if there is a risk of burglaries it makes sense to put in an alarm.
“The rise in targeted email attacks against solicitors and their clients continues to dominate the headlines, with one couple recently losing a £45,000 deposit after succumbing to an email from a hacker claiming to be their solicitor. These attacks are clearly dangerous in their current form, but the increased frequency and intelligence behind the attacks means that solicitors will need to become increasingly vigilant in this area, not only for their clients but for the sake of their reputation as well.”
This article was originally published in Property Law Journal (February 2016) and is also available at www.lawjournals.co.uk
As we all know, the legal sector is changing and changing fast. Several emerging challenges in the sector are driving this change, namely: globalisation, shrinking margins and innovation. But whilst change can be uncomfortable, failing to adapt means you die.
This may seem like a scary prospect (and it is) but the legal sector has the advantage of not being the first to go through these challenges. The world of manufacturing has suffered from the exact same problems of globalisation, shrinking margins and innovation and what separated the winners from the losers in that sector was their ability to leverage a set of principles known as Lean.
Manufacturers who both used technology to provide a competitive advantage and understood and implemented the principles of Lean become experts at adjusting to rapid change – something that law firms have traditionally resisted. However, as the pace of change increases in the legal sector, it’s something you will need to start doing.
So, to keep you interested, how will Lean help your legal firm? In short, you’d use proven business tools and strategies to allow you to survive and thrive in shifting sands, by:
Improving delivery times
Increasing client satisfaction
Pricing work more accurately
Freeing up resources across your firm
Making lawyers more efficient
What is Lean?
Lean was born in manufacturing and was originally developed and used by Toyota engineers in the ’40s. Now, as you’d expect with continual improvement Lean has changed and matured. Generally, today when most people talk about Lean they are talking about Lean Six Sigma. This process was developed by Motorola in the late ’80s and is still widely used by all sectors, from finance through to retail. You’ll know that it’s not common in the legal space, very bizarre.
In short, Lean was born for the ‘systematic’ elimination of waste (“known as Muda”) in a process. Lean also seeks to identify and eliminate waste through overburden (“Muri”) and waste created through unevenness (varying) workloads. There is also a focus on the client who consumes a particular product or service around “value”. So it’s about reducing waste internally and increasing value for the client.
Now, if the potential here isn’t exciting you, you may be in trouble. If you also think you are already all over these elements, then I’ll almost guarantee that you aren’t. There is always room for improvement, everything can be improved. It’s about prioritisation. Prioritising what improvements deliver the greatest gain to the firm and ultimately the client. I’m a big believer in win-win relationships and that means the client has to be your partner, not simply a bill payer.
How does lean deliver improvements?
Lean uses the acronym DMAIC to structure improvement, generally continuous improvement, which is of course absolutely essential in a law firm in this day and age. DMAIC is always applied in the order shown below and stands for:
Identify the business/process issue
Record the requirements of the client and the firm
Finalise the project focus
Define the project scope
Collect the required business data
Determine the performance of the process
Clarify the business opportunity
Identify quick wins where possible
Undertake root cause analysis
Quantify the opportunity for gain
Prioritise root causes
Understand and develop potential solutions
Develop and select evaluation method and criteria
Monitor and adjust
Ensure desired gains are delivered and sustained
Standardise gains through standardisation
The above obviously goes around and around in a continual cycle. It’s surprising how many firms don’t have live documented processes and procedures. If you don’t have SOP (Standard Operating Procedures) then you are going to have to start. If you don’t have processes defined, how can you evaluate them and improve them?
Why is Lean particularly relevant in law firms?
This is the biggest issue – legal firms, in essence, are simply a business, predominately a service business and a consulting firm. Individually, they aren’t particularly different in what they do (although the individuals inside a firm of course have their specialisms). This means that a client choosing between one firm which hasn’t adopted Lean and still has a lot of waste (and thus, higher costs) and another firm that has adopted Lean, the client will choose the Lean firm every time.
A significant number of law firms have been way behind the curve in innovation for a long time and some who believe they are innovative are not. Not when you look at the advanced systems, processes and structures in other sectors. To begin making some real forward change, law firms need to start at the beginning and audit their existing systems to identify waste.
For Lean to be effective, firm leadership must embrace the principles. You can’t delegate and forget – leadership must be responsible, passionate and championing the reduction of waste and continual improvement in a firm. If you don’t do this then your competition will be, or an entity that isn’t even a competitor right now will be. Change in the legal sector isn’t a threat to those who embrace Lean – it’s an enormous opportunity and one you’re missing out on right now.
This plan to move the justice system from a paper-based system to an online one has actually been in the pipeline for several years but has only now received the investment it needs to roll out the process. In the Autumn Statement, a huge investment of £1.8bn was pledged to introduce new technology across a range of functions, including an allocation of £700m to digitise the justice system in the UK.
A number of factors will need to be addressed for the courtrooms to prepare for large-scale digitisation, however. The foundations for a digitised court system will require full system integration, a continuous (private or public) level of network access and a means of displaying evidence to the court digitally. This is just the base level of digitisation requiring investment. The government will also need to invest in robust IT platforms to ensure resilience, availability and performance. The sheer size of the deployment means that top-tier architecture and expertise are required.
Digitisation will simplify the document management process and reduce many time-consuming often duplicative tasks. Some tasks will even be completely eliminated. Automated processes will also reduce the exposure to human error, helping to protect document security. As a result, the time and resources dedicated to basic administrative tasks may also decrease.
Of course, many are also wondering whether law firms themselves are ready for such a major change. Without a doubt, firms that have yet to embrace digital are likely to encounter a number of knock-on effects.
Digitisation could quite easily become a security risk if some lawyers are not fully competent with digital technology. Data could be accidentally shared with the wrong people due to confusion about the correct processes to follow. In order for law firms to adapt to digitisation, it is therefore of the highest importance that all employees are thoroughly trained from the outset. This is easier said than done, so automatic controls and protection will need to be built in. Particularly in areas such as authorisation and encryption of data and communications.
Data protection will also continue to be a key concern for law firms; even after digitisation, law firms will still be responsible for the security of their own files and data. Questions are already being raised about what will happen after files are sent outside of a firm digitally. For example, to the courtroom or any third parties also working on a case?
It is crucial that the security of any data will be guaranteed by the government and the justice system, once it has been released for third party viewing. As it stands, law firms cannot be certain as to how this will happen. After a case is finished, the courts will, therefore, need to guarantee that any data provided will be securely destroyed once it is no longer needed.
Security must also be considered in terms of appropriate access rights for all individuals involved in a case. It is vital for the right people to have the correct level of access to any documents and files. Utilising solutions such as 2-factor authentication will be an essential process for law firms, ensuring that data can only be accessed by individuals with a suitable permission level. In this new digital landscape, the days of passwords are numbered.
As long as these security measures are implemented correctly, digitisation could arguably offer greater security protection to law firms. Due to the highly sensitive nature of client data, digitised courtrooms will still need to maintain robust security processes. Even if firms are no longer transporting physical files between locations.
As it stands, it is still unclear which specific processes the Government will use to digitise the court system. Which means that law firms may find it difficult to prepare for these changes. However, the move to digital will ultimately be a positive development for the legal sector. It will offer a greater level of control and a more systemised process, and make the UK justice system more economically efficient. Law firms that have yet to embrace digital technology must, therefore, take steps to seek expert guidance now in order to keep up with their competitors, remain secure and thrive under the new system.
Comment by Andrea Beech, Business Solutions Manager at QuoStar
In this case, the hacker monitored emails between the buyer and solicitor. Then sent a fraudulent email from the solicitor’s address asking the deposit to be paid into an alternative account. It was only when the solicitor said the money had not arrived that the scam was revealed.
According to the Solicitors Regulation Authority, around four companies a month are being targeted by fraudsters.
Digital was a key focus of the Autumn Statement this year, with a total of £1.8 billion in planned investments listed by the Chancellor at the end of November. Part of this embrace of digital included an allocation of £700 million to fully digitise the courtrooms, moving from the current paper-based system to an online one, which looks to revolutionise the processes within the justice system once rolled out.
According to the Statement, not only will over 500,000 pre-trial hearings in the criminal courts no longer be necessary, but this digitisation will also significantly reduce the amount of time spent conducting court hearings, ultimately generating taxpayer savings of approximately £200 million per year from 2020.
A digitised justice system has been in the pipeline for several years but is only being implemented now. For law firms who have yet to embrace digital, there could be knock-on effects that will need to be addressed. However, there are certainly many positives to this tech-focused change as well.
What if law firms have yet to go digital?
At the moment, there is definitely a question of whether law firms are ready for this digital change. Unless all lawyers within a firm are fully competent with digital technology, digitisation will almost certainly become a security risk. Private data could be, for example, sent to the wrong person due to confusion about the correct processes to follow. It is, therefore, critical that all individuals are thoroughly trained on the new system from the outset.
Are the courts themselves ready?
The courts will also need to prepare for this large-scale digitisation. Full system integration, continuous network (private or public) access throughout the courtrooms and a means of displaying evidence digitally will lay the foundations for a digitised court system. The level of data required within the courtrooms for each active case also means that the government will need to invest in robust IT platforms to ensure resilience, availability and performance on scale. This is simple enough in many ways, but the size of the deployment will require top-tier architecture and expertise.
Is security an issue?
Law firms will continue to be responsible for their data security in the new digitised system. What remains to be seen, however, is what happens after files are sent outside of a particular law firm. Whether this to the courtroom or to any third parties also working on a particular case.
It is vital that the government and the justice system as a whole can guarantee that the security of any data will be maintained outside the confines of each individual law firm. However, as it stands, law firms cannot yet be certain as to how data will remain secure once released for third-party viewing. At the end of a case, the courts will need to guarantee that the data provided is secure. Also that they will securely destroy the data once no longer required for evidence.
Once risks like these have been addressed, digitisation could arguably offer greater protection from a security standpoint. Due to the highly confidential nature of client information, digital courtrooms would need to have strong security systems. Even if firms are no longer transporting physical files between locations.
It is therefore crucial that the appropriate access rights are determined for all individuals involved with these documents. Solutions such as 2-factor authentication will be essential to ensure that data is only accessed by the right people. The days of passwords are over.
At the moment, it’s still unclear which processes will be introduced to digitise the courts. This makes it difficult for law firms to prepare for these upcoming changes. However, the move to digital in the legal sector will ultimately be a positive one. It will offer more control, a systemised process and better security, in addition to increasing the economic efficiency of the justice system. Law firms must, therefore, take steps to embrace technology. It’s important to seek expert guidance now, so you can compete and thrive during this digital roll-out in the future.
We’re excited to announce the launch of Legal Ignite – our new cloud platform, designed specifically for small to mid-sized law firms. Backed by our ten years’ of experience in cloud and our in-depth knowledge of the legal industry, Legal Ignite is designed to help law firms benefit from the security, scalability and convenience that cloud computing can provide.
Combining a robust mix of best-of-breed hardware and legal software, Legal Ignite has been built specifically with the legal sector in mind and can be adjusted to fit each firm’s exact requirements. It can even be delivered onsite for those firms which are wary of moving to the cloud.
Firms can use their existing software or opt for our chosen partners, for everything from time recording and practice management systems, through to CRM, email security, document management and case workflow. Other hardware and other IT related services can be delivered on a simple operating expense model.
The new cloud platform has been built to boost efficiency by being simple to use. It’s completely customisable and scalable, without compromising on security. Legal Ignite is hosted in the UK’s most secure data centres, which are operated to military standards. They also have ISO 27001 and other security accreditations and come with 100% uptime guarantee.
Legal Ignite also offers a built-in IT manager-on-demand and CIO-on-demand services to provide law firms with board level expertise to help them make business-focused decisions that support continual business improvements. Helping your law firm make the best business decisions as new issues, priorities and challenges arise in this rapidly changing sector.
“With competition in the legal sector more fierce than ever before, firms need to employ IT systems that help them work faster, smarter and more efficiently. Cloud computing can offer all of these benefits and more – but it’s vital that firms choose a mature, custom-built cloud solution that has been developed with the specific needs of the legal sector in mind,” comments QuoStar CEO, Robert Rutherford.
“Legal Ignite ticks all of these boxes by offering an easy-to-use solution that helps firms to compete more effectively, without compromising on security. We run a 24x7x365 operation, manned by seasoned and qualified engineers, to ensure constant uptime and availability. This way, firms not only benefit from having a modern flexible IT system that can help boost productivity, but also a strong support network of industry-focused experts.”