Melody Easton explains how one law firm went about trialing metadata management and recipient checking.

Are you considering cleanDocs as a way to manage data in email content and attachments? More businesses than ever are using it to minimize the risk of human error when working with emails. Over the last 12 months, an additional 20,000 users have started using cleanDocs to prevent misaddressed emails and to remove document metadata. Some of those users are at Winckworth Sherwood, a UK-based law firm that added cleanDocs to their data management strategy early in 2017.

Winckworth Sherwood is a UK top 100 firm and dates its history as far back as 1777. The firm was already using pdfDocs as early as 2009 for PDF creation and editing, and compareDocs for document comparison. When cleanDocs was updated to include email recipient checking, the firm decided to run a pilot program for metadata management and recipient checking in Outlook. We checked in with them to see how it went.

Why did Winckworth Sherwood need cleanDocs?

Human error has been one of the leading sources of data breaches in every quarterly report issued by the Information Commissioner’s Office (ICO) since the GDPR became enforceable in May 2018. Christel Aguila, Head of IT at Winckworth Sherwood, agreed that “it is probably one of the most dangerous, if not the most common cause of data leaks,” and so the wrong email in the wrong hands has the potential to cost the firm thousands in fines and reputational damage.

How did the firm establish the requirements of yet another email add-in?

Christel described how the firm felt the need to implement a better approach to keeping sensitive client information protected from accidental leaks – particularly for teams regularly dealing with highly sensitive cases. She explained how the IT department needed something more than the delay-on-send approach in Outlook since it wasn’t that effective. “Even if you do remember you made a mistake, it might be too late, and there’s nothing you or IT staff can do,” she said.

How did the firm run the pilot?

Christel knew that for cleanDocs to meet the above requirements, an appreciation of its value was important. The team embarked on a pilot program and used employee advocacy to achieve this. “A big challenge is often having to explain metadata and why it’s necessary to have a metadata cleaning tool. Key to overcoming this was showing users the data contained within their documents before and after cleanDocs, and how easy it was to leak sensitive information without cleaning it first.”

Christel described the pilot process:

"cleanDocs was first tested by the IT Trainers to see how it worked and to make sure it didn’t slow down Microsoft Outlook. IT needed to know the add-in wouldn’t cause more issues than it solved. The IT Trainers also tested the various settings and configured it in a way that was least intrusive to users but provided them with the right flexibility when it came to acting on attachments or email recipients at the point of sending. The tool was then given to a pilot group of partners and lawyers. These were volunteers who wanted to use the product because they are genuinely concerned about the type of emails they send – most of which could cause huge embarrassment or damage should they end up with the wrong recipient.”

With cleanDocs, the pilot group could check the recipient list for external or blacklisted email domains, Reply All, and Forward actions, and confirm that they were all as intended. At the same time, users actioned metadata cleaning to remove hidden information.

Christel found that “no one from the pilot group complained about the prompts. In fact, users have said to me that ‘these prompts have saved my bacon.”

Ultimately, cleanDocs turned out to be a no-brainer for the firm. “Although some products are more sophisticated with AI and machine learning embedded, our users find cleanDocs is as effective and in stopping you at the point of sending an email to the wrong person,” said Christel. “It has definitely reduced the number of emails ending up in the wrong hands. It’s just one of those tools in our suite of tools to protect client data, and protecting client data is a must for law firms regardless of GDPR.”

About the author

Melody has more than 15 years' experience in marketing products and services to the legal industry. She spearheads marketing efforts in the EMEA region for DocsCorp, and can be spotted behind the booth at events and conferences across the region. When not working from the London office, Melody enjoys travelling and spending quality time with her family.