“An October 2018 decision issued by the Maryland State Bar Association’s Committee on Ethics was the first of its kind in the US. While the bar did not seek to opine on the obligations of law firms under the EU General Data Protection Regulation (GDPR), it provided an interesting glimpse into how US-based bar associations, and law firms, will need to be mindful of the regulation.”
“For years, the perception has been that old-school records managers attended the MER Conference. In fact, attendance this year covered the entire spectrum from corporate to legal and government. Yes, there were records folks, but there were also many people from the C-suite, information technology, privacy, and security. Were it my place to do so, I would re-cast the MER Conference as an information governance event.”
“Information governance and the protection of corporate data are top concerns for law firms. To ensure standards are met, some clients are now tying payment to compliance with Outside Counsel Guidelines (OCG). OCG have moved from guidelines to actual contracts that provide for indemnification of the client for cyberbreach and violation of privacy laws, and require firms to explicitly secure the client’s data.