Win Outside Counsel for an Insurance Giant

Winning Large Clients

When your firm handles insurance defense, you receive, send, and store highly sensitive materials. Wise law firms understand that security and compliance are critical because of the growing threat to cybersecurity. Without the proper safeguards in place, you put clients’ information at risk and jeopardize your reputation. And large insurance companies simply won’t hire you if you don’t apply the right controls and protocols to keep their data safe.

They’re right to be cautious: 80% of the largest 100 law firms have been hacked since 2011, according to the American Bar Association in 2015. Law firms are a prime target for hackers because they store large amounts of high-value, confidential data. In The Security Vulnerabilities Law Firm Hacks Create for Corporations,” which appeared in Inside Counsel in June of this year, Amanda Ciccatelli writes, “IT capability is often viewed as an administrative function, not an integrated business capability, and as a result, information security has suffered.”

The rewards of working with large corporate clients are sizeable. To get your foot in the door, you need to be aware of vulnerabilities, be able to bolster security, and meet insurance companies’ compliance requirements.

What You Can Do to Win Outside Counsel

There are ways to determine what holes you have in your security controls and how to patch them. You should, for example:

Protect and back up data and plan for recovery.

Data encryption, dual-authentication, administrative policies, firewalls, and intrusion detection systems can help protect data. Secure off-site back-ups are another key component to data security. If a breach still occurs, know how you’ll respond—and how quickly you can be back up and running. The American Bar Association article, Facing the Cybersecurity Threat to Your Firm, experts say that “[a]dvance planning is critical for effectively responding to a data breach, and that includes an incident response plan.”

Perform a tech review and assessment.

Since new cyberthreats emerge regularly, you should routinely assess and patch your vulnerabilities. Pay attention to audit logs, so you know who accesses what files and can see if something unusual happens.

Understand what devices attorneys and other staff use to work.

Are they using their personal Smartphones and laptops to work outside the office? Are they carrying client information on flash drives? What kinds of safeguards are in place on those devices?

Control access to information.

If an attorney isn’t working on a particular case, there’s no reason for him/her to have access to it. This precaution isn’t about attorney ethics—client confidentiality is paramount to lawyers. Rather, it’s about decreasing the number of ways that hackers can access information. Train employees and attorneys to follow security protocols. As Chris Pogue, CISO of Nuix Solutions writes, “Protecting your information is a battle that is fought by every member of your organization, from the most senior partner to the newest intern, who has access to any data of value.”

These recommendations can be used by law firms looking to increase security in order to be more attractive to any large corporation, but there are also “insurance-specific uses of technology, internal and external research capabilities, and client support databases that should be a part of a law firm’s technology resources,” according to an article written by Bob Dolinsky, CIO of Sutherland Asbill & Brennan.

Crafting a strategy and executing its steps may seem like expensive, time-consuming, and technical work. But it all depends on the avenue you take. Working with an IT firm on a project like this can end up costing tens of thousands of dollars, and the process can last months.

Faster and Less Expensive Solution

Legal Workspace can take a project like this off your hands and deliver it more quickly than you might expect. Depending on the size of your firm, it could take only a week for Legal Workspace to perform a cybersecurity audit and apply the appropriate controls for compliance with large insurance companies’ standards and with government regulations.

And, if you’re considering getting into the insurance defense game, but you’re concerned about the upfront costs of upgrading your IT to handle compliance requirements, Legal Workspace’s fees are only a fraction of the cost of working with an IT firm.

The other upshot of selecting Legal Workspace to help you get compliant is that as new threats emerge and security standards evolve, you don’t need to worry about shelling out more money: Maintenance and updates are automatically included.

There are usually a lot of hurdles a law firm has to jump in order to win the business of a large insurance company. The security and compliance hurdle doesn’t have to be the most difficult and expensive one to clear.

 

 

Joe Kelly, Founder and CEO of Legal Workspace, to Speak at the 2015 Colorado Legal and Technology Expo

Legal Workspace, a leading provider of cloud-based work environments designed specifically for law firms, today announced that its founder and CEO Joe Kelly will be a featured presenter at the Colorado Legal and Technology Expo in Denver, Colo., on Aug. 21.

The expo, presented by the Colorado Bar Association, shares the latest in trends, legal services and technology that can help attorneys improve their law firms’ efficiencies. A resource for solos, small firms, larger firms, and legal departments, it provides hands-on practical information that can result in an increase in billings, greater operational flexibility and cost savings. The program also offers CLE presentations on key technology topics presented by leading attorneys who live and breathe technology in their practice.

Kelly’s presentation, scheduled for Aug. 21 at 3 p.m. MT, will focus on the convergence of the cloud and security. He will discuss how the expectations are changing for attorneys when it comes to keeping their clients’ data confidential. This includes explaining key security concepts such as physical and technical security, disaster recovery, firewalls, Intrusion Detection and Prevention systems, compliance, encryption and more.

What: Cloud and security presentation by Joe Kelly at the Colorado Legal and Technology Expo
When: Aug. 21, 2015
Time: 3-3:30 p.m. MT
Where: Warwick Hotel, 1776 Grant Street, Denver, CO 80203
RSVP:

HIPAA Compliance For Lawyers As Business Associates

lockThe rising number of data breaches and storage practices have opened the demands for heightened security that is often beyond the specifications of your IT infrastructure. With Legal Workspace’s HIPAA Compliant Edition (HCE), law firms as business associates can comply with the mandated security regulations of HIPAA. These regulations require that entities and their business associates have appropriate safeguards for protected health information (PHI). These safeguard responsibilities are broken down into three categories administrative, physical and technical.

Law Technology Today an ABA publication recently published an article by our CEO explaning what HIPAA compliance means for lawyers as business associates.

“As a business associate, law firms need to physically secure their offices, networks and data. This involves controlling facilities and electronic information to limit access to those who have the necessary authorizations. Law firms must also secure the area where computers are kept, as well as the computers themselves.”

– Joe Kelly

To read the full article click here

 

Legal Workspace is the only cloud-based solution exclusively for law firms that is HIPAA Compliant.

Find the Right Cloud Computing Solution for Your Law Firm

The Unexpected Cost of Free Cloud Document Management Services

As many law firms are discovering, the cloud can be an amazing asset for their businesses. It offers scalability, flexibility and mobility, and often with a lower price tag and more convenience than traditional, in-house hardware and software.

Yet as tempting as iCloud, Google Drive, Dropbox or other sites may be, lawyers need to do their research first before uploading their important, confidential or privileged information to these non-legal-specific types of free or low-cost services.

Many of these sites are geared towards consumers – not law firms – and could have notable limitations when it comes to important security provisions. Users may even surrender their ownership rights to information in that particular cloud.

While free or cheap cloud providers may seem like a bargain in the short term, they can be very costly in the long run if data is left vulnerable or attorneys have unwittingly surrendered their ownership rights to their own information.

This security infographic illustrates the costs and consequences associated with a cybersecurity breach. When attorneys work with any medical information or records, the firm will be responsible for fines up to $250,000 as a penalty for failing to comply with strict HIPAA security standards.

Law firms would be better off paying a little more for legal-specific cloud providers to get the security and peace of mind they need.

Key Questions to Ask When Vetting Cloud Services

When looking at different cloud providers, there are several things to consider.

  1. Do they have thorough security protocols?

While free and low-cost services certainly try to keep data secure, it may be difficult for attorneys, or any user, to find out exactly what protocols, firewalls and operating systems are in place to protect information.

It may also be difficult for users to find out which employees have physical and virtual access to their data and what background checks have been performed on those employees.

  1. Do they have a legal-specific software and infrastructure?

While many of these cloud services are easy to use, they may not integrate well with the other tools and software the firm uses. This means that data may be difficult to access and merge with the other technology.

  1. Do they have a legal software certified and vetted staff?

When lawyers using free cloud storage have questions, they may not know who to contact for information. It may also be difficult to determine the level of training and expertise of those they do speak with. If an attorney has trouble getting data in the cloud, finding someone to help could be a serious issue. There may also be little recourse if the data cannot be recovered.

 

Is your law firm considering the cloud? For more information about data storage when using a cloud provider check out this article by our CEO.

Setting the Standards for Security for the Legal Industry

Here is a great infographic our team at Legal Workspace came up with that shows why our new HIPAA Compliant Edition makes sense for so many law firms. Legal Workspace is the industry leader as the only cloud-based solution exclusively for law firms that is HIPAA compliant.

hipaa_-security_offering_web