Wednesday, July 23, 2008

Outsourcing legal work

A discussion on litsupport asked a question about the viability and legality of outsourcing of legal work. While the summary of the discussion can be read here, the question itself is a part of a general discussion about the security of outsourcing.

A paper from CDW, which can be obtained here, gives a broader view. Since this paper is somewhat vendor-biased, before you download it (registration for CDW news will be required), here are its main points:
  • Increasingly, high-value intellectual property such as trade secrets and medical records are part of large outsourced IT projects. Legal projects, such as eDiscovery and document review, are not much different;
  • While the cost savings of outsourcing appear to be significant, the complexity of cross-border relationships increases security challenges and as a result, increases project cost. Costs increase again when a company (and its vendor providers) must comply with international breach disclosure, customer privacy or industry-specific laws such as HIPAA and SOX;
  • Decide which IP to outsource. One advice is to outsource non core work, which lowers risk;
  • Intellectual property can be protected with the right combination of network, physical, and contractual protection;
  • Take the time up front to contractually establish effective metrics and clear lines of accountability, and build balanced mechanisms to measure outputs;
  • Adequate levels of security don't happen by accident; they happen because you have given a great deal of that to what you want to protect;
  • Understand all costs.

No comments: