There is digital information: case files, emails, pleadings and other documents and shared files, even instant messages everyone in the firm generates each day. And then there's information governance: the rules and framework for managing all of a law firm's electronic data and documents, including material produced in discovery, as well as legal files and correspondence.
"It's an umbrella, the biggest picture there is," says Steven Meyers, director of business development at Innovative Computing Systems; he advises law firms and corporate legal departments on technology solutions.
The field is so new that only this year did practitioners and vendors form a professional association, the Information Governance Initiative. The discipline encompasses traditional records management, data storage, metadata management, and storing and finding digital information. It also involves setting up rules for finding, safeguarding, and - later - destroying unneeded documents, especially those gathered during discovery. Holding onto information longer than is necessary or legally required opens the risk it could be lost or stolen or otherwise exposed if it falls into the wrong hands, according to Michael Shufeldt, global director of digital for Recall, which sells information governance products. Solid information governance is clearly crucial for legal professionals, but consultants say law firms are struggling to adopt it.
The Human Element
Information governance software manages and archives records, documents, and email, and it can analyze and classify files, says Debra Logan, a research vice president at the industry analyst firm Gartner. Vendors include Recall, Nuix, IBM, and HP. (Please see next month's Tech column for tips on storage options.) Successful information governance can also overcome a bottleneck created in some firms when a records manager must wrangle digital information that's officially under the tech staff's control, Shufeldt says. But it's people who must choose the rules the technology will follow. "Software can provide the framework and automation, but at the end of the day, you still need the human element setting and executing on the policies," says Meyers.
Reducing the amount of digital data that a firm stores isn't the primary goal of information governance, but it's often a significant benefit. And reducing the amount of data that needs to be searched lowers costs and increases efficiency. Logan says attorneys know that if they stored less information, and if it were better organized - or if they could simply find out whether
certain information existed - their lives would be less complicated. But they still keep too much.
"Almost every lawyer I've ever met has said, 'Just keep everything. It seems like the right thing to do to avoid risk. If we can find it, we're safe,' " Logan says.
Unfortunately, as digital info increases exponentially, the "just keep it" approach leads to higher storage costs and lower efficiency in finding whatever information actually is needed.
As for safety, any lawyer adept at e-discovery knows that risk goes up in proportion to the amount of information you keep, Logan says.
Leigh Isaacs, director of records and information governance for Orrick, Herrington & Sutcliffe and vice president of the International Legal Technology Association's Information Governance Peer Group, agrees. "It's a balance," she says.
Lawyers often feel they must keep documents for reference or "just in case" a clients needs them, and it seems safe to store them on an offline server. But documents a law firm has stored remain discoverable in future litigation, and that can increase a client's liability - even if the client has destroyed its copies of the same information under its policies.
The Long View
Logan cites three reasons most law firms are not governing their information yet. First, no one saw this problem coming because the amount of information being generated is unprecedented. Second, law firms don't perceive their information overload happening because they don't physically see all the data accumulating. Finally, most law firms' staffers would prefer to focus on short-term goals, such as getting work done, and in that context information governance can seem like a waste of time.
Most firms put 12 to 18 months of effort into establishing a system before they see some payback, according to Logan. And that sometimes leads firms to push the process onto the information technology department, even though staffers there aren't as likely to know what's strategically important.
Champions of information governance are starting to emerge from different areas of law firms, says Orrick's Isaacs: support staffers, the records department, new-business executives, or attorneys. "There has to be somebody getting in there, getting hands on, learning, socializing it, and starting to introduce the concepts and benefits that it brings."
Emphasize the Positive
Isaacs says staffers charged with instituting information governance will have better success if they emphasize the upside: Greater efficiency puts more money in pockets.
"Especially as records folks, we've led with the big stick. But ... the more you take the big-stick approach, the less often you get invited to the party," she says.
The word governance
can be unhelpful, and the cost of risk is hard to quantify, she adds.
"If I'm sitting down to talk to practice group leaders and open the discussion with risk, they'll walk out in five minutes," Isaacs says. "If I say I have a proposal for a few ideas that could potentially make you some extra money ... everybody wants to know how to do that."
The Way it Works
Effective governance makes information easier to store and find. It also reduces the risks that data is leaked or client confidentiality is ruptured.
By Controlling Proliferation
A variety of laws, court rules, or internal policies may determine how long a record or document should be kept. Information governance incorporates these into a process for systematically deactivating matters at their conclusion, as well as for managing information during a matter's active phases. Software can automatically notify staff when information is scheduled for deletion because it's at the end of its lifecycle-or software can block deletion if the information should be kept.
By Controlling Access
Policies carried out by software can reduce the risk of breaches of ethical walls because they automatically bar staffers, attorneys, or anyone else who's not authorized from opening or seeing specified documents or files. These controls also allow the firm to demonstrate that it has met its legal and ethical requirements to safeguard the confidentiality of a client's documents and correspondence.
Susan Kuchinskas covers business and the business of technology for publications including Scientific American
, Portada, and