Monday, September 30, 2013

Risk Roundtables Set for Los Angeles & San Francisco


We're pleased to announce two more Risk Roundtables.  
 
We're delighted to feature guest speaker John Steele (publisher of the Legal Ethics Forum blog and legal ethics expert recently named “Lawyer of the Year – 2013,” Ethics and Professional Responsibility category, Northern California’s Best Lawyers). John will discuss client-driven compliance pressures including advanced waivers for conflicts, information security and other terms of business agreements.
  • The Los Angeles event is set for Wednesday, October 23rd at the offices of Cox, Castle & Nicholson LLP. Charles Noneman (Risk Management Partner at Cox Castle will co-present).
  • The San Francisco session will take place on Thursday, October 24th at the offices of Sedgwick LLP. Michael Guernon (Director, New Business & Conflicts, Orrick, Herrington & Sutcliffe LLP) will co-present.
Intapp experts will also discuss trends and challenges facing business intake and conflicts teams, and how technology can simplify this critical business process.
 
These events always provide a forum for IT, risk and management professionals to connect in a collaborative environment.

Attendance is by invitation only and is limited to qualified law firms and personnel. Please contact info@riskroundtable.com for more details.

Tuesday, September 24, 2013

Risk Roundtable Meeting Set for Chicago


We're pleased to announce another upcoming Risk Roundtable,  scheduled for Tuesday, October 22nd, in Chicago office of Kirkland & Ellis.
 
At this session, guest speaker Anthony Davis (Partner, Hinshaw & Culbertson LLP) will discuss recent opinions affecting advanced waivers for conflicts and strategies to manage conflicts of interest effectively.
 
Intapp experts will also discuss trends and challenges facing business intake and conflicts teams, and how technology can simplify this critical business process.
 
These events always provide a forum for IT, risk and management professionals to connect in a collaborative environment.

Attendance is by invitation only and is limited to qualified law firms and personnel. Please contact info@riskroundtable.com for more details.

Monday, September 23, 2013

Law Firm HIPAA Compliance Survey Report Now Available

 
Today is the enforcement deadline for compliance with the new HIPAA Omnibus Rule, which mandates new standards for law firms to actively safeguard client protected health information in their role as Business Associates. Law firms are now directly liable for compliance with the HIPAA Security Rule and Privacy Rule.

The 2013 Law Firm HIPAA Compliance Survey Report presents information gathered from over 70 organizations, measuring attitudes, priorities and response strategies.

Summary of Key Findings:
  1. Interest in and responsibility for HIPAA compliance spans departments and stakeholder roles – survey participants include firm management, risk management, heads of IT, information security managers and practice group leaders.
  2. Firms report that protected health information subject to HIPAA protections often appears in matters from firm healthcare, litigation, labor & employment, insurance, and medical/life science practice areas.
  3. Firms see reputational harm as the key risk and impact of a breach or compliance failure.
  4. Firms are actively pursuing compliance with new HIPAA regulations, employing measures including undertaking internal assessments and review of business associate agreements, implementing new policies and training and adopting security and monitoring controls.
  5. In many instances, compliance measures are spearheaded by IT, often working cross-functionally with risk and practice stakeholders.
  6. To manage future compliance, firms overwhelmingly plan to modify business intake procedures to identify and flag HIPAA-related matters at the point of inception.
  7. Many firms are discussing HIPAA compliance with their insurance brokers or underwriters to assess the applicability of current malpractice and cyber insurance policies or expand coverage.

Pat Archbold, head of Intapp's Risk Practice Group notes:
  • "We sponsored this survey to provide our customers and partners with insight into how the legal industry is responding to the new HIPAA Omnibus Rule, which affects a significant number of organizations. We’re working closely with many firms to help them respond, supporting their efforts to safeguard and monitor the treatment of sensitive information and meet their compliance objectives."
Thank you to the many who participated in the survey (your report copies are in the mail). For others interested in acquiring a copy of the report, contact: info@riskroundtable.com.

Thursday, September 19, 2013

Disqualification Discussions Making News

A few interesting disqualification-related stories in the news:

Judge expands independent review involving BP claims, threatens to disqualify lawyers --
  • "The federal judge overseeing a multi-billion-dollar BP claims settlement program has ordered former senior claims program attorneys and law firms they were connected with to explain why one law firm's $7.9 million claim shouldn't be disallowed."
  • "U.S. District Judge Carl Barbier also wants to know why the attorneys and associated law firms shouldn't be disqualified from representing claimants and collecting fees from those claimants."
  • "The order, issued Friday, followed Barbier's receipt of a report from former FBI Director Louis Freeh that said former senior claims office attorney Lionel Sutton expedited a claim on behalf of attorneys Glen Lerner and John Andry for their law firm. Sutton's wife, Christine Reitano, who also was a lawyer for the claims program, also is targeted by the order."
Move afoot to remove former Hawaii PUC Chairman Caliboso's law firm from Lanai wind farm case --
  • "Just two weeks after former Hawaii Public Utilities Commission Chairman and Honolulu attorney Carlito Caliboso recused himself from working on Castle & Cooke Inc.'s proposed 200-megawatt Lanai wind farm project, there’s now an effort to remove his entire law firm from the case, according to a filing with the PUC."
  • "Castle & Cooke said that both Caliboso and his firm are in compliance with “Hawaii Rules of Professional Conduct” because the current case involves a new matter that is separate and distinct from other dockets in which Caliboso took part in when he was the chairman of the PUC."

Wednesday, September 18, 2013

ILTA Conference: Ethical Walls/Screens & Information Security Session

From the recent ILTA conference: "Erecting Ethical Walls...Then What?" -- Culture, budget, technology, policy, process and staffing are all influencers in the development of an ethical wall initiative. With perspectives from small, medium and large firms, attendees will gain a greater understanding of what issues must be considered in all firms, as well as those of different sizes and cultures. Learn about common challenges, areas of focus and strategies to attack them. Our panel will share varied experiences in how to manage, staff and execute these initiatives; how to define success; and how long it takes to achieve success. Attendees will also hear about such topics as issues associated with lateral attorneys, new clients and existing clients/new matters where conflicts of interest exist. [Slides] [Session Recording]

The panel was moderated by Eric Mosca from InOutsource and featured speakers from Wiley Rein LLP (Doug Smith), Lewis Roca Rothgerber LLP (Eric W. Carpenter) and Orrick, Herrington & Sutcliffe LLP (Leigh Isaacs).

  • Eric Carpenter (Lewis Roca):
    • "Over time what has happened is that as more and more information got recorded in systems where we tagged it with client and matter information and we knew the users that were accessing that information , we needed...  something that’s put in place using the architecture of the systems that manage your information... because of the volume of information and because the movement of laterals that has increased so dramatically in the last few years, there’s such an increase in the need for screens to be set up."
    • "But I just want you to think about how that’s evolved in your own firm to be much more of a job to keep up with – with segregating all of this information, and the fact that today you can’t just rely on attorneys to do the right thing. You have to prove to clients, you have to certify to outside auditors and insurance companies, so it’s really a very different dynamic."
    • "I think client requirements and client audits that we're increasingly seeing also lends itself to this. You know, we need to be able to show that 'yes, we’re able to do this, we’re able to do it effectively.'"
  • Doug Smith(Wiley Rein):
    • "I think one of the other problems I've seen happen... is screens because of mergers and acquisitions in the marketplace. We had a client, not a major client, but a client that had a significant presence who was purchased by a competitor and that competitor had a major conflict with us; now not a conflict per se, or else we'd have to discharge the client, but it was significant enough that we had to put up a screen – within the practice group, basically screening off a segment of that group from this other client... So again that’s just one of those things. It’s not that the conflicts process created this, or that an intake process created it, it’s just that the market itself created it. So there’s a lot of good reasons these screens have been evolving now. "
    • "You’ve got so many disparate systems and you have to secure across all the systems at the same time, not just DM, not just Time Billing, but those File Shares – you know, you have to be able to secure the file shares too... When we were looking at solutions we found a couple that could do one or the other. We were struggling to find ones that could do both."
  • Eric Mosca (Inoutsource):
    • "... we have dozens of clients that have used screens to take on business that they couldn’t have taken on otherwise. So they’ve done the most important thing and made money as a result of setting up these screens. So it’s kind of used in a different way – not as defense, but as an offensive maneuver, and it’s worked out incredibly well for a lot of firms."

Tuesday, September 17, 2013

Risk Roundtable Meeting Set for Washington, DC


Traveling in packs, we're pleased to announce another upcoming Risk Roundtable. Scheduled for Tuesday, October 15th, in Washington DC office of Sterne, Kessler, Goldstein & Fox.
 
At this Roundtable, guest speaker Anthony Davis (Partner, Hinshaw & Culbertson LLP) will discuss recent opinions affecting advanced waivers for conflicts and strategies to manage conflicts of interest effectively.
 
Intapp experts will also discuss trends and challenges facing business intake and conflicts teams, and how technology can simplify this critical business process.
 
These events always provide a forum for IT, risk and management professionals to connect in a collaborative environment.

Attendance is by invitation only and is limited to qualified law firms and personnel. Please contact info@riskroundtable.com for more details.

Monday, September 16, 2013

Webinar: Client Audits – Understanding Current Trends, Responding Effectively

Our next webinar features a panel comprising speakers from Liberty Mutual, Security GRC², Bradley Arant and Intapp and will explore client priorities and expectations around information security, standard audit procedures and protocols, common pitfalls to responding, and technologies and policies firms can leverage to achieve repeatable success. 

Regulatory developments, new technologies and increasingly sophisticated threats are currently leading most clients to examine and audit the information security frameworks adopted by their law firms. To retain key clients and stay competitive, law firms must revisit their information security practices, often pursuing a standard security framework to negotiate client demands.
This webinar presents key client priorities and strategies for effective response. Topics will include:
  • Analysis of how the changing regulatory landscape is impacting client expectations
  • Overview of top client information security priorities
  • Explanation of client audit questionnaires, reviews and processes
  • Criticism of common mistakes
  • Best practices and reference information security frameworks
  • Demonstration of technologies available to remediate compliance gaps

Date: Wednesday, September 25
Time: 10 am Pacific / 1 pm Eastern
Duration: 75 minutes

CLE CREDIT: As a certified as a CLE approved educator by the State Bar of California, we are able to provide California certificates to attendees upon request. (Attendees are responsible for confirming CLE reciprocity in their particular jurisdiction. We are happy to provide additional information required to receive credit outside of California, attendees are responsible for researching and identifying information for their local jurisdictions and filing any necessary paperwork.)

Attendance is by invitation only. For more information, please contact: info@riskroundtable.com.

Wednesday, September 11, 2013

ILTA Webinar on Law Firm HIPAA Compliance

The International Legal Technology Association (ILTA) is presenting a webinar on Wednesday, September 18th: "HIPAA Compliance: What it is, what it means, and what to do about it." Set for 10am PST / 1pm EST, the session is free to existing ILTA members (visit iltanet.org to see if you qualify) and for a small fee for non-members. Contact Kristy Costello at kristina@iltanet.org or (512) 795-4674 for more information or register via this link.

Session Details:
The Health Information Portability and Accountability Act (HIPAA) was recently amended to impose a number of privacy and security requirements directly on law firms which handle certain types of health information. Failure to comply with the HIPAA requirements by the September 23, 2013 enforcement deadline may lead to a variety of regulatory penalties including mandatory compliance reviews or multi-million dollar fines. 

This presentation provides law firm personnel with a review of the recent changes and a brief overview of the HIPAA requirements. Some HIPAA compliance challenges unique to the legal environment will be discussed and advice for building an effective compliance program will be provided.

Speaker:
Adam Carlson (M.S.,CISM) is a security solutions consultant at Intapp, where he focuses on helping law firms achieve their information security and privacy objectives. He has over 12 years of experience in IT operations and security management.

Tuesday, September 10, 2013

Risk Roundtable Meeting Set for New York


We're pleased to announce another upcoming Risk Roundtable. Scheduled for Thursday, October 3rd, in New York at the offices of Cravath Swaine & Moore LLP.
 
At this Roundtable, guest speakers Anthony Davis (Partner, Hinshaw & Culbertson LLP) and Roy Simon (Distinguished Professor of Legal Ethics, Hofstra University) will discuss recent opinions affecting advanced waivers for conflicts and strategies to manage conflicts of interest effectively.
 
Intapp experts will also discuss trends and challenges facing business intake and conflicts teams, and how technology can simplify this critical business process.
 
These events always provide a forum for IT, risk and management professionals to connect in a collaborative environment.

Attendance is by invitation only and is limited to qualified law firms and personnel. Please contact info@riskroundtable.com for more details.

Monday, September 9, 2013

ILTA Conference: Information Security & Data Privacy Sessions

Here are most sessions of interest from the recent International Legal Technology Association conference. The organizers very graciously post both slides and recordings of many of the sessions. This update focuses on information security.

Develop and Run Effective Security Awareness Training
A security consultant (Intapp's Adam Carlson), a CIO and a security officer will share what they've done to implement  security awareness programs. What should you do to educate users on the behaviors they should avoid and those they should embrace to make their firms more secure? Return home with some practical steps to implement your own security awareness training program.
[Slides] [Session Recording]

The FBI and Experts Present Security Updates and Strategies for Firms of All Sizes 
As business entities become more security-savvy, hackers look for easier avenues to steal intellectual property and disrupt business deals. Law firms have become a hacker's target of choice, and hundreds of attacks and infiltrations of law firm networks have been uncovered. Our discussion will focus on the impact of user behavior on security, including noncompliance with security measures, BYOD expectations, IT consumerization, wireless access and more. Firms of all sizes will take away practical risk mitigation strategies for immediate and future use, so you can make the case for implementation to your executive management.
[Slides]

Security? What's the Big Deal? Law Firm Security Basics for Non-Security People
Law firms all have the same security issues, but not all firms have a security manager/department. In the absence of security personnel, whose job is it? What do litigation support, HR, attorneys, records and other non-security personnel need to know in order to begin the process of improving their firm security posture? What are the basic security issues/topics for law firms? What are the basic tenets of security, and how do they impact your job? We are only as strong as our weakest link. Come learn how to build a stronger chain.
[Slides] [Session Recording]

Responding to a Security Breach
You think you’ve been hacked. But are you sure? How do you know? What do you do next? Our panel of experts will share their knowledge and first-hand experience of network investigations and show you how the attackers got in, how they could have been stopped, and what you need to know in case it happens to you.
[Slides] [Session Recording]


Thursday, September 5, 2013

ILTA Conference: Risk Management Sessions

With the conclusion of its annual industry conference, the International Legal Technology Association has posted several session presentations and recordings. We'll be highlighting several of potential interest to our readers.

IT and Firm Risk Management: The Crucible
IT professionals calculate risk every waking moment. They work to quantify and manage it. In many ways, lawyers are professional risk managers for their clients. However, the way lawyers practice law and otherwise behave can pose risks to their clients and their firms, potentially culminating in lawyers’ professional liability, management liability and/or an employment practices liability claim against the firm. Despite these exposures, it remains a significant challenge for IT professionals in law firms to have meaningful discussions with their lawyers about risk and to develop a more integrated approach to risk within their firms. Let's examine the approaches and methods IT professionals can use to quantify risk metrics to advance their efforts. [Slides] [Assessment Framework] [Session Recording]

Data Preservation and Legal Hold Notice Programs
Learn from an experienced panel about the why and how of preserving data and issuing and managing legal hold notices. Following a review of case law, our panel will discuss the benefits and challenges of different options for preserving data: systemic preservation, user-driven preservation and collection to preserve. Requirements for the content of preservation notices based on rules and case law will also be provided. Come learn about the tips and tricks for successful implementation of a data preservation and legal hold notice program. [Slides] [Handout] [Session Recording]

Wednesday, September 4, 2013

Risk Roundtable Set for New Orleans


We're please to announce our upcoming Risk Roundtable. Scheduled for Friday, September 20th, in New Orleans at the offices of Phelps Dunbar LLP in New Orleans.
 
We’ll be discussing current trends and challenges facing business intake and conflicts teams. Topics will include:
  • Overview of business intake and conflicts management challenges facing law firms
  • Discussion of new approaches to streamlining business acceptance
  • Demonstration of Intapp Open
These events always provide a forum for IT, risk and management professionals to connect in a collaborative environment.

Attendance is by invitation only and is limited to qualified law firms and personnel. Please contact info@riskroundtable.com for more details.

Tuesday, September 3, 2013

Law Firm Conflicts Management - SJ Berwin Chooses Intapp Open

 
SJ Berwin, an international firm with more than 160 partners and over 1,100 employees, has selected Intapp Open to enhance firm conflicts management.

Said the Firm's IT Director, Simon Kosminsky:
  • "We’ve worked very closely with Intapp through the early adopter programme for this new product initiative. Intapp have worked hard to understand our specific documented requirements and factor these into the design of their new conflicts product."
  • "We know we set the bar high in this area – our requirements have been honed through many years of developing and using our own in-house conflicts product. I think it’s fair to say the team are very impressed with the progress Intapp is making."
Today, multiple market trends are putting new pressures on law firms to transform the way they evaluate and engage new business. These include clients with increasing service expectations, and a risk landscape with evolving regulatory rules, compliance requirements and professional standards. In response, firms are looking to increase the sophistication, efficiency and agility of their conflicts management processes to enhance internal efficiency, reduce risk and improve lawyer productivity.

Intapp Open delivers a fresh approach to conflicts. It offers unique features, including a flexible business rules engine that enables effective management of practice-specific matter evaluation procedures as well as conflicts clearance practices that may be centralised, distributed among lawyers and practice heads, or both, depending on firm preferences.

Commenting on SJ Berwin's Decision, UK Managing Director Kaye Sycamore added:
  • "We’re delighted to add SJ Berwin to the growing roster of firms adopting Intapp Open to enhance their business acceptance practices. We welcome the opportunity to address the real-world requirements and benefit from the insights provided by our diverse customer community as we continue to extend the unique capabilities of the product."
Visit Intapp.com for more information on how Intapp Open enhances law firm conflicts management and to request more information or a demonstration.