Nicole Thompson of Onna advises legal departments to understand not only the tools being used across their organizations but also the types of data they are storing.
What should our general counsel and in-house counsel readers know and understand about the data their companies are producing and storing?
Nicole Thompson: In-house counsel and general counsel know better than anyone that data is being produced at exponential rates. Around 90% of companies use some sort of cloud service, and 60% of companies use cloud technology to store confidential data. But that doesn’t even scratch the surface of how much data is in a company’s chat platform, file storage, project management, contract repository and so much more. Rather than fight the proliferation of data and onboarding of beneficial collaboration tools, we should strive to better understand the nature of the tools that our companies are adopting.
The truth is that these new collaboration tools are positive enhancements in technology. They’re filling a gap in organizational productivity and benefitting the teams using them. It’s up to legal and IT to work together and get a handle on data hygiene. What I mean by data hygiene is regularly going through a data inventory exercise, understanding the ins and outs of these platforms and the type of data being created. Doing so will empower in-house counsel to react appropriately when the time to collect from their data sources inevitably comes.
How can corporate legal departments use surveys and interviews to enlist the knowledge of other key stakeholders?
This goes back to simply having good data hygiene. One of the successful techniques that we’ve seen is when legal works with stakeholders cross-functionally. Essentially, legal identifies a point-person from each department in the organization to go to when they need to better understand the tools they’re using. This is an opportunity for businesses to double down on information governance and make finding the right information easier. Building relationships with these stakeholders now will benefit your team for the long-run. If any urgent questions or matters come up down the line, you won’t need to scramble for the right person to talk to.
Explain data inventory. How are you advising clients on how to use it?
A data inventory is simply an evolving record of tools your organization is using. For many companies it looks like a list of data sources across departments, an outline of how they’re used, and what types of data are stored. A data inventory gives legal more control over their organization’s data, and enhances their ability to understand the data being produced. This is especially important because there are regulatory requirements like CCPA and GDPR. Take the below scenario to get started:
Let’s say you want to understand what tools your organization is using. First, list the popular options, whether it’s chat, project management, or a file storage platform, make sure you cover all of your bases. Then, reach out to the stakeholders and typical users — have interviews with those stakeholders to get details around usage, and set regular check-ins to make sure this inventory is up to date. There is a good chance that departments within your organization will be using tools that you’ve never heard of as within the legal environment. Once you better understand the tools that are being used and the type of data stored, you can better assess your level of preparation for different scenarios i.e. – eDiscovery requests, compliance alignment and basic information governance.
There is a base technical language that today’s counsel and legal operations managers should get comfortable with so that when the need arises, you can have more efficient, more effective conversations with IT.
What are some of the best practices on collaborating with IT?
Being a solution in the legal tech space, here at Onna, we frequently see the need for legal and IT departments to meet in the middle. Whether they’re collecting from Slack, Google Drive, or Confluence, legal teams need IT assistance to understand and kick off the process 99% of the time. Having those initial conversations about collaboration is key regardless of the data source.
At Onna, we have a questionnaire to help clients get to know the platforms they need to be collected from to help lay the foundation. We also encourage legal departments to learn more technical terms. There is a base technical language that today’s counsel and legal operations managers should become comfortable with. Whether it be determining user roles, or understanding API connections, we can’t stress asking questions about these topics enough. By doing so, you can have more effective conversations with IT and better understand what to look for in legal tech solutions.
On the flipside, it’s equally as important to help IT understand motives on the legal side. For example, we hear of clients who don’t have data retention policies in place, which poses problems for compliance reasons. It’s critical for legal to not only communicate the need for a data retention policy to their IT team, but also to communicate the why behind it. Understand whether the tools have a native retention policy. If so, are you going to be implementing it? If not, what can be done to respect a retention policy? Asking these questions creates alignment, motivation and a better understanding of the ‘why’ behind your team’s IT requests.
You referenced a questionnaire that corporate legal departments can use. With what frequency should that be used, and how does it relate to data usage?
The questionnaire we provide is to help IT and legal bridge the knowledge gap previously mentioned. The questions are mainly ones that IT would be able to answer and help give legal visibility to better do their job. Frequency of the questionnaire is highly dependent on the size of your organization and the industry you’re in. If you’re a small organization, perhaps you check in quarterly, whereas if you’re a medium to large organization, you check in monthly. We also suggest making sure that legal is part of the onboarding process for new tools from the get-go. Rather than responding to certain inventory questions regularly, advising legal from the start will save both parties time
Any final thoughts?
All legal teams hate getting to the point where they’re told that they need to collect information from tools they don’t understand. When this time comes, it’s important to ask certain questions. How can we get information out of the tool? Does it have native exports? If not, does it have an API that we can collect from?
Onna is a perfect example of a tool that can use API to collect information from data sources. We process and index that information. We extract the metadata so that we create an index that is easily searchable. But then we also help our users export information to review platforms. If sources have an API, these are places that we can collect information from. There are other ways of getting data out of a system, but it is helpful for legal to understand prior to actually having to collect the data how they would do so. It puts everyone in a better place.