In 2017, the Federal Trade Commission overhauled its litigation support infrastructure and pushed all its data into a FedRAMP authorized cloud. At the time, there was a profound need for an eDiscovery solution that met the workflow of the FTC attorneys, but there was also a greater need for data security to protect sensitive and private information.
The Association of Corporate Counsel recognized the need for greater data security in the legal sector and saw real value in creating a standardized framework for assessing, scoring, validating and accrediting a law firm’s client data security posture. The ACC promotes the professional and business interests of in-house counsel at corporations and predicted that a framework for security would both level the playing field and provide corporations with standardized metrics for all law firms with which they do business.
The ACC began working with the consultants from the FTC project to create its framework. The first step was to establish the Data Steward Program In-House Advisory Board, a Working Group and a Controls Committee. These panels included industry leaders, including the ETRM Group general counsel Kenya Parrish-Dixon, the former FTC supervisory attorney, director of White House information governance and technologist in the litigation support, cybersecurity and information governance space. The other members were from Fortune 500 corporations, Am Law 100 firms and specialty industries.
The mission was to mirror the security protocols the federal government and other industries used to secure data, in a reasonably priced, defensible and efficient process. The goals for the program included:
- Creating an exacting and thorough data security assessment
- Delivering real value to all participants
- Providing a secure platform
- Using an open standard for benchmarking
- Accommodating legal practice diversity
- Offering neutrality from independent investigators
After careful planning and laying the groundwork, the ACC Data Steward Program was formally launched in December 2020. And it could not have come at a better time: the COVID-19 pandemic was raging across the U.S., and an unprecedented number of law firms and corporations were experiencing data breaches.
Anticipating that there would be a rush of companies wanting to participate in this program, the ACC began the process of recruiting top-notch data cybersecurity firms to become ACC Accredited Recommended Service Providers. ETRM Group is the first ACC ARSP offering service to corporations, law firms and government agencies.
In the coming weeks, we’ll post more blogs about how the program works for law firms and corporations, expected outcomes and how to get involved. Check back often!
Learn more about the ACC’s Data Steward Program from our white paper. Click here to download.