By Tim Rollins
This article originally appeared in the December 2022 edition of Today's General Counsel, authored by Exterro Technology Counsel Don McLaughlin.
Anyone who has spent time managing e-discovery projects knows document review is the most expensive phase of the process. They also know that just because review is expensive doesn’t mean it’s exciting or glamorous. It’s time-consuming, repetitive work–exactly the type of work that law firms can and should optimize for efficiency and accuracy.
But many law firms have struggled with justifying the investments required to advance their internal business process optimization around document review. Add to that the fact that law firms have traditionally been reluctant to share information about their operations, and you can see why legal professionals lack the insight they need to improve their practices.
That’s no longer the case.
Exterro recently partnered with Today’s General Counsel to survey legal professionals at law firms on their document review practices; the result of that survey is our 2022 Law Firm Benchmarking Report: Trends in Document Review Services. Document review as a service offering is clearly at an inflection point.
Law firms must demonstrate the value they provide with document review services or risk losing out on a growing market. Law firms and ALSPs must recognize the trends making this a critical moment to adapt their practices and remain relevant. Let’s dig into the data to see why..
There are more use cases for document review than ever. In addition to civil litigation, privacy regulations and cybercrime have combined to increase the need for data breach reviews–and there’s no sign of either regulatory enforcement or hacking slowing down. Civil litigation is still the number one reason why corporate clients seek document review services, according to 77% of respondents.
But other use cases are becoming more prevalent–and also offer more opportunity for growth. In looking to the future, law firms recognize that both internal investigations and data breach reviews are becoming more commonplace. Sixty-eight percent ranked internal investigations as the most or second-most likely type of document review cases to increase in frequency in the future, compared to 61% ranking civil litigation first or second. (Data breaches came in third with 36%.)
However, corporate clients see these trends as well, and in response, are increasing their capabilities to conduct reviews in-house–or at least inside technology platforms they license directly. Seventy-five percent of in-house teams reported that they are completing the majority of their legal services in-house and 69% of in-house teams reported using their designated document review software in our 2022 Pre-Litigation Readiness Benchmarking Report. Law firms and LSPs that can’t adapt to meet these new needs risk losing business in these potential growth markets.
Percentage of Law Firms Taking a Variety of Security Measures
Ransomware attacks, malware incidents, and data breaches happen every day—and cybercriminals are increasingly targeting law firms. As caretakers of their clients’ sensitive data, there’s no excuse for law firms being unprepared to respond to a data breach.
While law firms are taking more measures to secure data during document review, there’s still more that can and should be done. The surest means to avoid compromising client data is to conduct reviews inside their own secure platform–a measure that almost half (49%) of the in-house legal professionals responding to our pre-litigation survey (linked above) said they took.
What are the steps law firms and LSPs should consider taking? I would suggest three.
First, start treating document review like a business process. Start by creating standardized workflows and templates to ensure key issues are addressed consistently early in the process. Use metrics like review accuracy and cost per document to measure performance and drive optimization initiatives. In our survey, clients’ top three priorities were communication, transparency, and quality. Develop and stick to timelines and budgets for document review projects–and communicate them clearly to clients.
Second, develop processes and expertise in other types of document review. Internal investigations often precede litigation, but with exploding data volumes and data sources, what’s needed are fast, effective reviews. Data breach reviews focus on identifying compromised personally identifiable information (PII), tying it to the appropriate data subjects, and notifying them within tight regulatory timeframes–often within 30 to 60 days of a data breach. These developments underscore a need to develop processes and workflows before a new matter surfaces.
Third, evaluate and improve your security posture–and that means more than just maintaining a cyberinsurance policy. Invest in secure document review technology. Minimize process handoffs and data transfers between software suites–or learn to work in your clients’ platforms. Consider adding even more security measures or hiring in-house or contract cybersecurity professionals. The reputational costs of a breach can be severe, and that’s not even considering potential regulatory consequences. Embracing these recommendations can ensure law firms and LSPs are providing true value to their clients–and that’s always the surest path to long-term business success.
Don McLaughlin serves as Technology Counsel at Exterro. Following years of work as a trial lawyer and corporate lawyer at a Fortune 500 company, Don founded Falcon Discovery, offering an innovative technology managed service solution for Fortune 500 legal departments. After Falcon’s acquisition by DTI/Epiq, Don and his team nearly tripled managed services revenue, serving clients including UnitedHealthcare, CenturyLink, Fiat-Chrysler, Sony, Liberty Media and DISH Network.