We would like to keep you up to date with the latest news from Digitalisation World by sending you push notifications.
Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
The Solicitors Regulation Authority's (SRA) apparent reluctance to provide guidance on new technologies means law firms currently searching for a cloud service provider (CSP) need to take it upon themselves to carry out comprehensive due diligence and in-depth reviews says Peter Groucutt, Managing Director of Databarracks.
A recent report from Databarracks, in collaboration with Frank Jennings, Commercial and Cloud lawyer at DMH Stallard LLP and Chair of the Cloud Industry Forum Code of Practice Board, identified the key challenges and benefits to law firms embracing cloud services. The report highlighted legitimate concerns regarding the SRA’s lack of proactivity in this area, especially in comparison with their counterparts.
Groucutt states that such an approach will only serve to hinder the legal sector during a time when guidance is most needed: “As more and more firms look to embrace cloud services, they will look to the SRA for direction.
"Naturally, as with any new technology, firms will have questions regarding the services available and there may be a lack of understanding as to which path to take when migrating to the cloud, especially in terms of data security. If the SRA continues to remain inactive in this area, confusion, questions and the potential for mistakes will only increase.
“The report showed that senior IT personnel at a range of firms were surprised by the lack of direction given by the SRA for cloud services, considering how concerned it is with data security and client confidentiality. There was debate as to whether the SRA would get more involved at some point or if its commitment to outcomes-focused regulation (OFR) would keep it from giving any meaningful advice.
"Looking across the border, the Law Society of Scotland has acted to address the growth of cloud adoption by developing a guide which does offer practical advice around the risks associated with cloud computing and how these services are best suited to the legal industry.”
Groucutt continues: "While these steps might seem basic, they are certainly effective. A small amount of guidance has a big impact in a field like cloud computing. The SRA should look to follow suit, working with CSPs in order to provide guidance to those considering migration.
"In the meantime, firms actively looking to move to cloud services should carry out full due diligence checks when identifying a potential CSP. Comprehensive SLA’s should be agreed and specific data security and compliance concerns should be addressed at the outset.
Groucutt concluded: "As a starting point, firms should look to the accreditations of the CSP to determine their credibility. Ensuring that providers are compliant to standards such as ISO 27001 for information security, should give some reassurance. Also looking at general cloud industry standards such as the Cloud Industry Forum’s (CIF) Code of Practice, which seeks to assure end-users receive high quality services by providing certification to credible suppliers, will serve as a useful guide to law firms until the SRA decides to act.”
