Follow us on Twitter
Ethical Walls, aka Information Barriers, are increasingly critical to the livelihood of every major law firm, as firms want to more effectively secure sensitive information and comply with regulatory requirements. Choosing the right technology for the job is only half the battle. The other half is ensuring a successful implementation.
Most of us have been around for a long long time and have been implementing and installing software at law firms for years, even decades. So, what’s the catch with installing ethical walls applications? Or for that matter, any business-related system that is inherently based on some business process? The secret is in the pudding. More accurately, the magic is in the understanding of all the moving parts as it relates to business applications. And it’s in establishing the balance, coordination and cooperation between IT and business folks at the firm.
At Frayman Group, we have done quite a few of these implementations and happy to report, all to the clients’ satisfaction. And so, I hereby disclose the 6 lessons learned from these successful implementations:
1. Comprehensive scoping equals smooth implementation.
I don’t need to educate the professionals out there that a solid and successful implementation is all about planning. And we all do that well. Where some of us fall short is in the gathering and capturing of all the details required to successfully execute the implementation in a timely manner. Project managers: dedicate time and pay attention to details on what it is that you are trying to do. How many systems are you trying to lock down? In multiple phases or in one shot? Where are the various servers, data centers, what is the network speed and topology? How many document management libraries with how many documents? How many ethical walls are you trying to get live from day one? A comprehensive scoping exercise for the specific implementation will allow the implementation team to uncover potential pitfalls and challenges, and allow them to plan for them in advance, allocation the necessary time and resources in the project plan, determining the dependencies up front. The result: one step closer to a timely and within budget deployment.
2. Who is your business sponsor?
Let me make it clear. No business sponsor? Shelve the project until you find one. Can a process driven application be installed without a business sponsor? Sure. Will it be configured to address the business needs, gain traction and get a thumbs up from the business and be inline with their expectations? Absolutely not! Would the deployment be on time and within budget guidelines? Highly unlikely. Business process driven applications, including all risk management software implementations such as information barriers and ethical walls _must_ have an identified business sponsor who has a vested interest in the successful and timely deployment of the ethical walls system.
3. There will be conflicts. Establish a process on how to resolve them up front.
If you are like most firms, you are already managing ethical walls either manually by relying on application administrators to set security on a per application basis, or in some other manual fashion. While these approaches are OK, they leave too much room for inconsistencies and are prone to human error. As you review your existing walls across multiple systems, you will discover there are secretaries who are on multiple sides of ethical walls, or uncover that there are some lateral hires that have access to client/matter folders and they should not. This is expected and OK. The important thing is to plan ahead, and come up with conflict resolution models that you follow systematically across the board. E.g. secretaries can be allowed to be on multiple sides of the wall for a certain period of time, until reassignments can be established. Enumerate through all possible scenarios and have a plan in place on how to address them. This will help greatly towards the later stages of the deployment cycle when you’re about to go live and know exactly how to handle these situations.
4. Assign project managers on both firm and vendor side.
Most firms make the mistake of assuming that there should only be one project manager that manages the entire project, either vendor or firm based. This is a big mistake. There are a substantial number of moving parts in an ethical walls implementation. The law firm PM needs to manage expectations on the law firm side, orchestrate coordination between business and IT, and take the lead to coordinate all product and implementation related activity with the vendor. The vendor’s PM is the lead on the implementation and is solely focused on delivering the project to completion by providing all the necessary moving parts, at the right place and the right time to the law firm. Together, the two PMs ensure each party is working hard towards the common goal. Eliminate one of these two resources, and you tip the balance. Do not make the mistake of going with just one PM to save on cost associated with resources. In the grand scheme of things, the extra cost and resource is immaterial compared to the total cost of the project.
5. Define everyone’s roles and responsibilities, clearly, up front.
Start with a proven project template that has worked before. Ask your vendor for references on successful deployments based on their proposed implementation project plan. Or propose one that the law firm has had success with to the vendor, as long it’s well documented and proven. Assign dedicated resources, and define roles and responsibilities for all personnel from the law firm as well as the vendor and assign them to the various deliverables and milestones in the project plan. Any ambiguity in role assignments and responsibilities will lead to confusion, chaos and delays.
6. Build a bridge between risk department (business people) and IT.
Ensure there are dedicated IT resources and business resources assigned to the project specifically. Build a structured communication, reporting and status update model to ensure Risk and IT are in sync, have a clear understanding of how they need to work together, and understand the division of labour as well as the “command structure”. And last but not least, define the roles and responsibilities of IT and Business for when the application is already in place.
For an ethical walls implementation at your law firm, choosing the right vendor and the right technology fit is important. Equally important is the vendor’s ability and proven track record on working with IT and Business to successfully install, implement and deploy business process driven applications. Ask for references!
