Tag: law firm

Posted on

Skinny Isn’t Just for Jeans: Lean Business and the Service Sector

Skinny Isn’t Just for Jeans: Lean Business and the Service Sector

elastic-2Doing more with less is the mantra of today’s business.  Hiring more people or throwing money at a problem is almost never the best way to solve it… even if there are people and dollars to throw.  Businesses are feeling the crunch today more than ever, in some part due to advancements in technology and the emergence of retail and “self-service” service. Once upon a time it was OK to be a fat dumb and happy business, but those days are long gone.  With competitive pressures increasing – and emerging from new sources – just about every business is feeling the need to trim some fat – cutting costs and streamlining processes even as customer demand increases.

Lean and efficient business isn’t of concern just to manufacturing sector, even though that is where you most frequently hear about initiatives relating to process improvements tied to quality management. Professional service firms should also seek to identify areas where cost or time efficiencies could be gained while at the same time preserving (or improving?) quality of service delivery.  Price of service isn’t necessarily the largest factor in meeting the competition, but quality of service for the price and delivering on customer expectation are right up there as top priorities for buyers.

Quick: What do legal professionals and assembly-line workers have in common?

More than either one might think, apparently. After all, the “lean” approach to manufacturing—a concept which rolled off the Toyota Production System, only to be delivered to ailing U.S. auto giants in the late 1970’s—wouldn’t immediately seem applicable to workplaces where the heaviest lifting involves leather briefcases. As for paring resources, such as inventory, down to a minimum—it seems like overkill when applied to pens, yellow pads, laptops and file folders.

But the lean concept long ago roared out of manufacturing and parked its principles in service industries: lean accounting, lean healthcare, lean startups.

http://performance.cfo.com/2015/05/11/the-real-skinny-on-lean/

Professional service firms are being compelled to reduce costs just to compete, and are finding that cost-cutting isn’t all that is required.  Rather than doing more with more people, firms have begun to recognize that getting more done with fewer human resources is the goal – a goal which must be achieved without sacrificing quality of service.  In fact, most firms are now actively seeking ways to increase production and improve service levels, and to do it without increasing headcount and cost.  Client needs are changing and demands for higher levels of service continue to increase as society more fully embraces social computing and DIY.  Technology is impacting how businesses do business, and sometimes is the basis for establishing a new standard by which all competitors are then measured.  

Technology advancements are among the primary drivers moving service firms to explore leaner and more efficient ways of working. As more sophisticated tech and the resultant capability it delivers is made available in the market, more businesses begin to recognize that the “traditional” providers of certain services may no longer be the most cost efficient suppliers.  Competition often emerges from some of the most unlikely of sources, and this new reality is impressing itself upon even the sturdiest of professional service firms who find themselves facing new threats to the status quo. 

Like all customers, legal clients seem to have grown fussier than ever. One study estimates that about 60% of large clients replaced one of their top two law firms last year—citing mediocre service. As is true across industries, the cost of acquiring new clients only heightens the appeal of retaining existing ones.

via The Real Skinny on Lean: It’s out of the Factory and into the Service Sector – Performance.

There is much talk among accounting and legal professionals as to what the “firm of the future” might look like.  Are these firms highly efficient producers of service that rival the lean manufacturers, leveraging insight and innovation to deliver more value? Or are they adopting technology simply for the sake of change?  There is a difference between change and improvement, and not all changes result in the desired improvements to operations, efficiency or quality of service.  For the firms seeking to increase their competitiveness in a rapidly changing market, applying measurements to the various processes the business performs can reveal the secrets to improving not only process performance and product quality, but resultant profitabilityhttps://coopermann.com/2013/03/18/philosophy-of-process-improvement-todays-cfo-focusing-on-operations/

jmbunnyfeetMake Sense?

J

Posted on

Servicing Fundamentals: Are Vertical Software Products Becoming Obsolete?

Servicing Fundamentals: Are Vertical Software Products Becoming Obsolete?

As mobility and the Internet continue to drive changes in how people interact with technology and each other, businesses are finding that the compelling arguments presented by many cloud service providers are tough to ignore.  Anytime/anywhere/anymode access to business applications and data, focusing on core business issues and outsourcing non-core processes, streamlining and connecting processes to create efficiency and predictability in operations – these are the benefits which “connected” and cloud technology models are delivering.  Cost efficiencies in supporting business operations are also being experienced, as the outsource IT solution often provides fault tolerance, scalability and performance at cost and service levels difficult to achieve with in-house systems and personnel.  The scale economies of the cloud cannot be argued with, and it is this cost-efficient and effective provisioning of fundamental business services to users that is increasingly pressuring vertical software makers to either address the market with more fundamentally useful tools incorporated into their products or risk losing users to generalized and commonly used solutions.

Consider that many accounting solutions today have introduced the ability to connect document files to transactions.  It makes sense, and provides a basic capability for accounting/bookkeeping which is necessary.  On the other hand, what happens to the rest of the documents used in the business – the ones that aren’t associated with a financial transaction?  And, if there isn’t mobile access to the accounting system, how are those attached documents made available to remote users and mobile devices? Another thing to think about is the fact that users now have the ability to interact with various files and applications natively on mobile devices, as opposed to having specialized applications to access limited data sets.  File sharing applications and productivity tools are widely used by these mobile users, as they provide the flexibility to seamlessly access files regardless of device or location.  This fundamental benefit of simple and affordable information access, storage and sharing is proving the value of a generalized approach to enabling users and helps to explain why the operating and file systems were the previous “killer apps” in computing technology.  The question for vertical software developers now is whether or not they can effectively incorporate these popular services into their solution, or if the solution must limit its focus on addressing only the truly unique elements of the business rather than the general or fundamental ones.

A great discussion on the subject is an article on PrismLegal.com where author Ron Friedmann describes his similar question in the context of Box.com increasing use in law office environments and how this impacts the legal software market.

More generally, it should cause us to question the future of legal market specific software. I understand the need for customized software; for example, I am currently involved with developing and deploying legal project management software (Cael LPM™ by Elevate Services). But the market – both customers and vendors – must balance the need to meet legal specific requirements with economics and scale.

Box and other cloud providers can potentially sell millions of seats to thousands of organizations. Contrast that enormous reach, which spreads development cost over so many users, with legal market scale. The large law firm market has no more than 400 organizations and 500,000 seats. The development and service cost per user is much higher. Nonetheless, many companies have prospered creating highly customized software for the legal market. In the age of cloud and economies of scale, however, will those economics still be so favorable?

There will always be a place for vertical and industry-specific solutions of certain types, but there is an increasingly large population of businesses which have adopted generalized solutions to address fundamental business requirements, and users (and solution providers) are recognizing that these essential solutions are meeting the majority of the business requirement without specialization (and additional cost) required.

jmbunnyfeetMake Sense?

J

Read more about Cloud Computing for Small Business: It’s All About 3 Apps

Read about why Lawyer Immunity from Delivering Customer Value is No More

Read about The Line in the Sand: Your RPO (Recovery Point Objective)

Posted on

Lawyer Immunity from Delivering Customer Value is No More

Lawyer Immunity from Delivering Customer Value is No More

All indications are that business and revenue growth for law firms is no longer a function of head count.  As with other professional service providers, lawyers are experiencing increased competition from a variety of new sources, and client demands and needs are changing as society adopts and embraces technology, social computing, and self-service solutions.  The problem is that many partners and firm leaders don’t really know what do to about it, and are attempting to fuel continued growth of revenues and profitability while essentially maintaining status quo.

Looking to reduce costs and pushing for more billable hours is standard fare among firm managers, yet the results to be gained from these efforts have pretty much reached their maximum potential.  You can only cut so much, and you can only work your people so hard.  Unfortunately, many partners and managers simply look away from the problem and continue along the path that has been successful in the past.  But growth has slowed, revenues have not grown as expected, and firms are literally being forced to adjust to market forces or go out of business.  It’s just too competitive and the pace of change is too rapid.  There is no immunity for lawyers in this changing market – service quality and value must improve.

Instead of taking the legacy approach of hiring more people so they can bill for more hours, successful firms are taking a few queues from other professional service providers and are recognizing that individualized client service, consistently high-quality and timely service, and service priced commensurate with the value delivered are at least parts of the solution.

There is quite a lot that law firms and accounting firms have in common, particularly when it comes to the fact that most of these entities are viewed – perhaps rightly so – as being “old school”, with a managing partner or board with intractable views and grey hair.  Lawyers, like accountants, are inherently wary of new-fangled concepts and wild ideas.  They’re a cautious bunch, and tend to be resistant to change.  Yet accounting professionals are beginning to embrace new tools and new ideas when it comes to delivering service and value, and forward-thinking law firms are following suit.

For successful firms, the focus is on the client and the value delivered – on internal process improvements and a better value proposition for the customer – not on the billable hour.  Yes, there are investments required.  The firm must invest time most of all.  It takes time to get everyone educated about issues the firm is facing in the changing marketplace.  Unless everyone knows what they’re up against, there will be continued resistance to new ideas and concepts.  It also takes time with clients to understand their needs, which is the essential element to delivering service valuable to them.  And it takes time to develop and nurture a long-term vision, recognizing that the vision may change as conditions change, and that regular monitoring and adjustment may be necessary.

Investing time and consideration in these areas is the key to delivering customer (and shareholder) value.  The result is satisfied and loyal clients, repeat business and increased growth and profitability.  Rather than viewing this brave new world as a challenge to the firm’s traditional model, it should be viewed as the opportunity to deliver new and greater value to the firm’s customers.

Make Sense?

J

Posted on

Cloud IT: Hiding Complexity and Risk

jmbunnyfeet

Cloud IT: Hiding Complexity and Risk

Cloud computing and Internet technologies have delivered previously unimagined capability for even the smallest of businesses – capability to compete, build brand recognition, and reach markets in remote geographies.  The mantra for businesses used to be “location, location, location”, but it’s become connectivity – perhaps even more than location – which now delivers business opportunity.  As technology has evolved, allowing businesses and consumers to connect regardless of time or place, the complexity of the systems and networks have also increased dramatically.  Where a business could once easily identify their various vendors or business service providers, the identification of those involved in the service ‘delivery chain’ are no longer so easily recognized.   Among the benefits of cloud computing technologies is the ability to reach beyond traditional boundaries.  The risk for many businesses is in not fully understanding how, and with whom, those boundaries are being crossed.

For many an enterprise, the convenience and efficiency introduced with cloud computing models overshadows the increased risk potential.  Service level agreements and vendor contracts are assumed to be sufficient to protect the business and its information assets, yet recent events (such as the recent reveals of PRISM and the actions of the National Security Agency) should cause businesses to look a little deeper at their entire provider network.  It’s not that the average business should be concerned about government snooping of their emails, but they should be aware of who has access to their systems and data, and which entities are responsible for which parts of the system.  It’s only prudent to know the details, and it is the best first step to mitigate business risk.

Enterprise Clouds are complex, sophisticated entities which invariably rely on a daisy-chain of third parties and contractors to help build, run and maintain their Cloud provider’s systems. The organizational and technical complexities are additive, resulting in increased systemic risk. Systemic risk is the least visible and hardest to eliminate, and those risks become real when the providers’ systemic risks become [yours].

The question is, how well does your Cloud provider manage the ecosystem of contractors and third parties that are farther down the food chain? This is even more relevant in the globalized workforce, where, paradoxically, Cloud and related technologies have greatly facilitated the outsourcing and offshoring of work to low-cost countrieshttp://www3.cfo.com/article/2013/6/data-security_prism-national-security-agency-edward-snowden-cloud-implications-vendor-management

Before executing a service agreement with an outsourced provider, make certain that the details of facility, connectivity, network, equipment, and other elements of the delivery and system are spelled out.  Business subscribers should know where the various points of failure exist, and which company is responsible for dealing with each.  If a carrier fails and connectivity to the data center is lost, the hosting service provider may be powerless to impact the situation, even though access to service is part of the SLA and requirement.  If a hosted software product has a vulnerability or fails to perform, the developer of the product is likely responsible, rather than a hosting service provider.  The point is that there are often multiple players in the delivery chain, and customers should be aware of this reality prior to engaging with the service.

Ultimately, the business with mission critical data in the possession of a 3rd party service provider should have a healthy helping of doubt as to whether the provider has full control over their environment.  Business owners, managers and CFOs should recognize the increased necessity of evaluating risk within their provider systems and in provider/vendor relationships, to keep trade secrets secret and prevent intellectual property from becoming the property of others.

Joanie Mann Bunny Feet

Make Sense?

J

Posted on

HIPAA Privacy and Security and the Cloud

jmbunnyfeet

HIPAA Privacy and Security and the Cloud

Is your cloud solution or hosting service HIPAA compliant?  This is among the most frequently asked questions from professionals shopping for cloud hosting service.  Unfortunately, it is also among the questions most frequently answered with ambiguity, or with naiveté.  The problem is that many businesses dealing with HIPAA compliance responsibilities as it relates to protection and security of personal health information may not fully understand their responsibilities as they extend to outsource IT and other service providers.  In the case of HIPAA compliance, many providers suggest their compliance without truly understanding what it means, and are introducing significant risk to their business and subscribing customers because of it.  With recent changes in rules relating to protection and control of personal health information, it is not just the health care provider, the health plan, 3rd party administrator or others that process health insurance claim information which must agree to provide adequate controls – the requirement may fully extend to business associates of these entities… possibly including their cloud service or hosting solution providers.

Some of the largest breaches reported to HHS have involved business associates. Penalties are increased for noncompliance based on the level of negligence with a maximum penalty of $1.5 million per violation. The changes also strengthen the Health Information Technology for Economic and Clinical Health (HITECH) Breach Notification requirements by clarifying when breaches of unsecured health information must be reported to HHS. http://www.hhs.gov/news/press/2013pres/01/20130117b.html

HIPAA guidelines and rules exist to protect and secure personal health information, a requirement growing in importance with advancements in technology, electronic health records, e-billing solutions, and cloud computing adoption.  Where the regulations were once focused on the entity directly involved in generating or processing the information, the view is now extended not only to 3rd party administrators, but also to the technology solutions and providers involved.  When a “covered entity” (an entity with a responsibility to protect and secure personal health information [PHI]) makes a decision to move this information to the cloud, a number of important and complicated issues must be addressed in the agreements with the service or solution provider.  These issues include security and privacy of information (including providing individuals the right to access and request changes to the stored information), tools which may be provided to allow the customer additional security protection, encryption of data at rest and in transmission (and who holds the keys), data location, return of data, disaster recovery, and service levels.

Cloud provider contracts and business associate agreements with cloud providers are not one-size-fits-all and should be negotiated carefully to protect PHI in a manner that accurately reflects the capabilities of the parties http://www.americanbar.org/content/newsletter/groups/labor_law/ebc_newsletter/12_winter_ebc_news/ebc12winter_cloud.html

The provider delivering cloud hosting services to the business may now be considered to be a “business associate” under HIPAA, meaning that the responsibilities of the Customer (the “covered entity”) also extend to their service provider. For any business operating under a HIPAA compliance requirement, moving to the cloud must necessarily involve a detailed discussion and set of agreements that spell out the “business associate” relationship as well as the details of the service delivery and accepted performance levels.

Joanie Mann Bunny FeetMake Sense?

J

Posted on

Preparing for Disasters of the Legal Kind

Preparing for Disasters of the Legal Kind

As businesses begin to realize the benefits of cloud computing and business data mobility, they may be overlooking one of the most important issues any enterprise can face: information management in the event of litigation.  While the IT department probably has a disaster recovery plan for handling various computer system failures, is there also a plan for managing system data and electronic information in the event of a “legal disaster”?  In the spotlight is e-discovery, which is the requirement of the business to respond to legal requests for electronically stored information, and the issues CIOs and business owners should be paying attention to as computing solutions and technology models continue to change at a rapid pace.

The popularity of BYOD (Bring Your Own Device), data sync solutions, and online collaboration tools has created an environment where business data may exist in various states (meaning as in conditions or status, not as in State, like California) and on a variety of devices and systems, some of which may not be in the direct control of internal IT.  Regardless of where or how the information was delivered to these devices and systems, CIOs and business owners should recognize that the information on those devices is included in discovery requests, and should be prepared with a plan for dealing with the response.

This “e-discovery plan” is the most important thing, and it means not only working through the various aspects of managing the information, but also providing consideration to keeping the plan updated.  As technology changes, and as user behavior changes along with it, businesses must adjust their IT management approaches in kind.  Consider that a user couldn’t store business data on their phone until the phone was able to handle that function.   Now that smartphones are the norm and tablet computers are gaining in popularity, business data is roaming on personal and business devices.  These advancements may introduce productivity and process gains which provide an advantage to businesses, but they also introduce potential risk and certain complexity when it comes to e-discovery.

Litigation is always expensive, but sanctions for slow response or other costs can be avoided if the plan helps the business respond in a timely manner.  For this reason, the plan should include an identification of all sources for information (every location where business information and data is stored), as well as the steps to be taken to preserve this data in the current state.  If the business has systems which regularly purge information (like accounting systems which purge prior period details, email systems which automatically purge old emails, or backup systems which delete old backup files as new ones are made), all of these activities must be halted.  If the company doesn’t have access to control the various devices and systems to prevent these activities (or doesn’t know that they are happening), significant risk is introduced.  In the case of a legal “hold”, all data and metadata and the audit controls and files must be preserved.

The final steps in the plan are the steps to be taken after the litigation is over.  This is often times a forgotten part of the plan, which is the final destruction of the information gathered for discovery.  Not that the original data must be destroyed (consider ALL dependencies), but the “database” of collected information related to the litigation probably should be.  With this data pooled in a single place, it becomes a potentially valuable target for a data breach.  At minimum, the collected information could too-easily be pulled into an entirely new legal case.

IT managers, CIOs and business owners must be realistic about the information their enterprises generate and store, including being realistic about the risk potential that duplicated and mobile data represents.  It is not that the enterprise should be afraid of allowing mobility and providing remote access solutions, but it is essential that the enterprise control the use of these solutions and how they use or interact with business data.   Without a strictly enforced policy of usage and control for all devices, services and solutions “touching” business data, any legal disaster planning falls short.

Joanie Mann Bunny FeetMake Sense?

J

Read More: