Summary of Significant Updates

Some of the major updates to the Technology Baselines cover the significant changes in the way legal services are delivered because of the COVID-19 pandemic as well as the growth in cybersecurity threats since the Technology Baselines were previously updated in 2015. These include remote/hybrid work environments, cloud computing and policies, new security baselines for networks and data, document management strategies, social media policy, and the use of web and video conferencing systems. The most significant updates are summarized by section below: 

  • Overall Program Capacity:
    • Programs should include staff input as a part of technology planning. This may include forming a technology committee and using staff technology surveys.  
    • Budgeting for technology should reflect the importance of implementing robust security practices and systems in the face of increased cybersecurity threats to legal aid organizations. 
    • Programs should shift from on-premise data storage and servers to more reliable and accessible cloud-based solutions.
  • Sustainability:
    • Budgeting for technology projects should reflect ongoing maintenance costs. Considerations for related budgeting and planning are provided. 
  • Security: 
    • This section includes new additions and updated baseline recommendations regarding Security Policies & Procedures, Multifactor Authentication ("MFA"), Cloud Computing and Policies, Password Management, Mobile Equipment for Staff Use, Mobile Device Management, Security Awareness Training, Disaster Recovery Plan, Incident Response Plan, Endpoint Detection and Response ("EDR"), Email Security, and Cyber Insurance. 
    • New security considerations, best practices, and resources have been added, including that programs develop an acceptable use policy that covers the use of generative artificial intelligence systems in the delivery of legal services. 
  • Remote/Hybrid Work – Policies and Procedures:
    • Programs should evaluate the lessons learned from the COVID-19 pandemic and develop a policy to account for remote work and hybrid (e.g., remote/onsite) service delivery models. 
  • Management of Client and Case Data - Case Management System:
    • Multifactor Authentication ("MFA") should be enabled across all systems, where applicable, especially on critical applications, such as a case management system, to protect client information or utilize a single sign-on service ("SSO") / identity management solution that integrates cloud-based services under one MFA system. 
  • Management of Client and Case Data – Document Management:
    • Programs should have a centralized approach to document management. New baselines and considerations were added to address the need for improvement in document management across an organization.  
    • Programs may need to evaluate the need for a document management system ("DMS"), which can provide organizations with tools to better organize and search data, reduce duplication of files, comply with retention policies, and provide tools to automate processes and electronic forms.  
  • Production and Supervision of Legal Work - Case Management System & Document Production:
    • Programs should deploy technology, develop policies, and train staff on how to effectively provide legal services and supervise remote work in a fully remote and hybrid remote/onsite context. 
  • Advanced Editing for Appellate Brief and Major Litigation:
    • A new section was added with baselines and considerations regarding essential technology tools, training, and software needed to conduct large projects, such as appellate briefs and major litigation. 
  • Intake and Telephone Advice - Telephone Systems: 
    • Programs should adopt hosted telephone systems as their telephone solutions to permit advanced functionality, provide more security, reduce administrative overhead, and make remote work possible (except for offices in locations with limited internet connectivity available). 
  • Legal Information for Low-Income Persons:
    • This section was revised to provide updated baselines and considerations for providing legal information via websites and social media, including Web Content Accessibility Guidelines (“WCAG”) standards, and triaging to help users identify their legal issues or effectively routing users when needed. 
    • Programs should provide and use appropriate tools and technologies that meet the needs of relevant client populations and contribute to addressing the digital divide. 
    • A new section on the configuration and maintenance of self-service tools like kiosks or triage systems was added and includes discussion of the use of artificial intelligence in such tools. 
  • Communication and Collaboration:  
    • Programs should streamline their applications in use for collaboration by establishing standard collaboration tools organization-wide and developing clear internal policies for staff.       
    • Programs should develop and use collaborative work environment tools (e.g., Microsoft Teams and Word Online) and should encourage real-time collaboration among staff.  
  • Training and Technology:
    • This section has been updated for programs to ensure adequate internal capacity or outsourced support to provide onboarding and ongoing technology-related training. New important considerations have been added to assist programs with conducting training and developing training materials.  
  • Administration:
    • This section has been revised to include ticketing systems and communication strategies on after-hours support, essential HRIS software and functionalities, and updates to accounting functions. 
  • Development/Fundraising:
    • The Fundraising and Marketing section has new important considerations around Customer Relationship Management ("CRM") systems and revised needed capacities and functions for fundraising and marketing management.