Briefing Magazine's Legal IT Landscapes 2018 report found that law firms are feeling less prepared to "treat personal data the 'correct' way" for compliance with the General Data Protection Regulation (GDPR). In 2016, 43% of people said they were feeling prepared. In December 2017, only 28% said the same. It's an interesting statistic. Why would the legal industry be feeling less prepared for GDPR given that they've had more time to make changes?
The authors of the report felt that the challenges of handling personal data correctly under GDPR were underestimated by firms. Or, perhaps they were pushed to the side as more urgent issues consumed resources. This industry sentiment of feeling worried, unprepared, or resigned to miss the impending deadline, would suggest that firms are only now realizing the complexity of data handling under these tough new rules and regulations.
It could also be the constant flow of data breach stories on our social news feeds. From the Paradise Papers to Facebook's Cambridge Analytica experience, law firms are watching and seeing how easy it is even for companies with the largest of security budgets to fail to protect the personal data they hold.
Maurice Tunney at Keystone Law was quoted in the report, saying "Anyone who isn't taking their information security seriously is playing with fire". Firms would be wise to take note of this advice and start thinking seriously about what needs to change in the way they capture, store and share customer, contact, and employee data. Only then can they feel more prepared to be an industry-leader in data protection in a post-GDPR world.
Melody has more than 15 years' experience in marketing products and services to the legal industry. She spearheads marketing efforts in the EMEA region for DocsCorp, and can be spotted behind the booth at events and conferences across the region. When not working from the London office, Melody enjoys travelling and spending quality time with her family.