Cobra Legal Solutions:



Similar documents
How To Handle A Legal Outsourcing Situation

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

ISO27001 Controls and Objectives

VMware vcloud Air HIPAA Matrix

ISO Controls and Objectives

Cyber Security Best Practices

Freelance Lawyers. The industry's best kept secret. Christopher Kozlowski

Tenth Judicial Circuit of Florida Information Systems Acceptable Use Guidelines Polk, Hardee and Highlands Counties as of January 2014

LAWYERING IN THE CLOUD CRIB NOTES 2012 Charles F. Luce, Jr. coloradolegalethics.com/ (alpha release)

Print4 Solutions fully comply with all HIPAA regulations

BOLDCHAT ARCHITECTURE & APPLICATION CONTROL

RESEARCH SUMMARY: Security and Data Privacy Best Practices in Offshoring By neoit

HIPAA COMPLIANCE AND DATA PROTECTION Page 1

SERVICE ORGANIZATION CONTROL 3 REPORT

White Paper. BD Assurity Linc Software Security. Overview

Xerox Litigation Services. In the Cybersecurity Hot Seat: How Law Firms are Optimizing Security While Reducing Cost and Risk

Supplier Information Security Addendum for GE Restricted Data

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM

IBM Connections Cloud Security

Lauren Hamill, Information Governance Officer. Version Release Author/Reviewer Date Changes (Please identify page no.) 1.0 L.

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

CloudDesk - Security in the Cloud INFORMATION

General Computer Controls

VishaSoft ITES Services

Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc.

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery

Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services

OPINION APPLICABILITY OF RULE 49 TO DISCOVERY SERVICES COMPANIES. Issued January 12, 2012

CONTENTS. Security Policy

Information security controls. Briefing for clients on Experian information security controls

An organization properly establishes and operates its control over risks regarding the information system to fulfill the following objectives:

DATA SECURITY POLICY. Data Security Policy

Built by the clients, for the clients. Utilizing Contract Attorneys for Document Review

The Lien Resource. Why Outsource Medical Liens & Healthcare Reimbursement?

by: Scott Baranowski Community Bank Auditors Group Best Practices in Auditing Record Retention, Safeguarding Paper Documents, GLBA and Privacy

Data Privacy and Security: A Primer for Law Firms

archiving, compliance, and ediscovery solution designed specifically for U.S. financial services companies.

Virtual Data Room. From Deal Making to Due Diligence

An Introduction to HIPAA and how it relates to docstar

white paper Mitigate Risk in Handling ediscovery Data Subject to the U.S. Export Control Laws and Regulations

Ethics in Technology and ediscovery Stuff You Know, But Aren t Thinking About

Cyber Security Pr o t e c t i n g y o u r b a n k a g a i n s t d a t a b r e a c h e s

HIPAA COMPLIANCE AND

Information Technology Security Procedures

Endless opportunities

ETHICS for Lawyers and Law Firms Using Cloud Technology

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10)

Security Control Standard

A Decision Maker s Guide to Securing an IT Infrastructure

WHITE PAPER. Support for the HIPAA Security Rule RadWhere 3.0

Company Overview. History

On-Site Computer Solutions values these technologies as part of an overall security plan:

Estate Agents Authority

Nine Steps to Smart Security for Small Businesses

White Paper. Support for the HIPAA Security Rule PowerScribe 360

Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4

Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services

PCI DSS COMPLIANCE DATA

A Nemaris Company. Formal Privacy & Security Assessment For Surgimap version and higher

Newcastle University Information Security Procedures Version 3

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

Guardian365. Managed IT Support Services Suite

High Availability of VistA EHR in Cloud. ViSolve Inc. White Paper February

CHIS, Inc. Privacy General Guidelines

Veritas AdvisorMail. archiving, compliance, and ediscovery solution designed specifically for U.S. financial services companies

Security Guide for the BD Remote Instrument Support Solution BD Biosciences workstations

Computers and Society: Security and Privacy

Outsourcing Legal Research and Writing Projects

Unit 6 Research Project. Eddie S. Jackson. Kaplan University. IT540: Management of Information Security. Kenneth L. Flick, Ph.D.

Securing Content: The Core Currency of Your Business. Brian Davis President, Net Generation

Ensuring HIPAA Compliance with Computer BYTES Online Backup and Archiving Services

WHITE PAPER. HIPAA-Compliant Data Backup and Disaster Recovery

SNAP WEBHOST SECURITY POLICY

IBX Business Network Platform Information Security Controls Document Classification [Public]

ADEC GROUP INFORMaTiON SecURiTY AND CONTROLS

Security Overview. BlackBerry Corporate Infrastructure

Faster, Smarter, More Secure: IT Services Geared for the Health Care Industry A White Paper by CMIT Solutions

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

Legal Process Outsourcing & Offshore Law Services

Internet Banking Internal Control Questionnaire

Virtual Data Room Security 2. Service 3. Simplicity 4. Speed 5. Cost Certainty

Draft Information Technology Policy

Protection of Computer Data and Software

Policy Document. Communications and Operation Management Policy

THE TRANSFORMATION IN LEGAL MIDDLE OFFICE SERVICES

GREAT EASTERN TECHNOLOGY BPO / ITES

Level I - Public. Technical Portfolio. Revised: July 2015

Security Framework and Best Practices in Offshore Outsourcing

WHY you should. choose a. CERTIFIED FINANCIAL PLANNER TM practitioner

IT OUTSOURCING SECURITY

plantemoran.com What School Personnel Administrators Need to know

This is not your grandfather s litigation. BUT. ediscovery Services are not legal services.

Eliminate the Paper Chase

Cybersecurity Health Check At A Glance

INFORMATION UPDATE: Removable media - Storage and Retention of Data - Research Studies

Preparing for the Outsourcing Challenge: Legal Due Diligence to Ensure a Winning Service Provider Relationship

HIPAA Security. assistance with implementation of the. security standards. This series aims to

TRUSTMAN LEGAL SERVICES PVT. LTD. FIRM PROFILE

Ashley Clarke Hosted Desktop. Business Name

Transcription:

Cobra Legal Solutions: Cobra Legal Solutions response to ABA Commission on Ethics 20/20 Legal Process Outsourcing (Domestic and International) Call for Comments: C. For providers of legal process outsourcing services: 1. Where do your workers work? Cobra Legal Solutions offshore operational facility is located in Chennai, India. Chennai (formerly Madras) is the capital city of the Indian state of Tamil Nadu and is the fifth-largest city in India by population. Chennai has a broad-based economy predominated by the automotive, healthcare, hardware manufacturing, software and financial services industries. Chennai is India's second-largest exporter of software, information technology and IT-enabled services. The city has long been a major center for the outsourcing industry, and Cobra capitalizes on the modern, spacious facilities and proven, state-of-the-art technology and connectivity (telecom and transport) infrastructures that are in place. Numerous universities and educational institutions in Chennai graduate global talent and foster a highly skilled labor pool from which Cobra draws. Our employees work in Ascendas IT Park, in a state-of-the-art facility, which boasts a world class Data Center and up to date audio-video conferencing facilities. Our facilities conform to the highest and most stringent security measures, including ISO 27001 standards, biometric access, access card, CCTV monitoring, and round the clock physical security. 2. Are the workers who perform the outsourced tasks educated and licensed as lawyers somewhere? If some are and some are not educated and licensed as lawyers somewhere, what is the proportion of lawyer to non-lawyer? All employees performing outsourced legal work are Indian educated/licensed attorneys. Our Managing Director Litigation, an attorney trained and licensed in the United States, is on-site for the daily oversight, supervision, and management of Cobra s team of lawyers. He works directly with clients and outside counsel to facilitate the smooth running of a project. 3. What proportion of lawyer workers are educated and licensed in the jurisdiction where they sit, educated and licensed in the jurisdiction whose law governs or educated and licensed in the U.S? All of our reviewing attorneys (currently 54) are educated in India and are licensed to practice throughout the country. Our Managing Director Litigation, Kevin Clark, is a U.S. trained and licensed attorney. Mr. Clark is a member of the Bars of the District of Columbia and the State of Illinois. He is admitted to practice before the United States Supreme

Court, United States Courts of Appeal for the 7th, 10th, Federal, Veterans Claims, and District of Columbia Circuits, and the United States Court of International Trade. Mr. Clark is also a licensed Solicitor before the Supreme Court of England and Wales. 4. For non-u.s. based providers do you have a staffed physical presence in the U.S? Who staffs it (e.g., U.S. licensed lawyers) and what is done there? Cobra maintains its headquarters at 1501 Broadway in New York City. From this strategic location our CEO and Managing Director (both non-lawyers) are best able to manage client relationships with fast and easy access to clients throughout the United States and the United Kingdom. Corporate administration and litigation technology consulting services are also provided from our New York location. Cobra does not have review facilities in the United States. 5. How do you decide which individuals should work on which matters? Cobra Legal Solutions seeks to staff projects with the most appropriate personnel available. Staffing is based on past performance and training evaluations. Cobra s training team provides feedback on each employee, based on evaluative exercises conducted for each activity. This feedback is sent to HR and management on a regular basis. A resulting performance matrix highlights each employee s skill sets. Work is assigned to individuals based on the performance matrix. 6. What do you do to help your employees understand the U.S. rules of professional conduct and who provides this education or training? Cobra has an exclusive training team that educates new recruits on U.S. rules of professional conduct and ethics. A comparative study of Indian laws and U.S. standards on professional conduct and ethics reinforces our Indian attorneys understanding of the U.S. rules on professional responsibility. The main purpose behind our training is to help employees understand the importance of professional conduct and ethics and their role in the context of the LPO industry. Our team of lawyers is kept up-to-date on the latest events in the industry, specifically in reference to views and opinions within the U.S. legal establishment regarding the issues of professional conduct and ethics within the legal outsourcing industry. Additionally, each time an employee is deployed on a project, he or she signs a confidentiality agreement and a conflicts check form which act as constant reminders to an employees adherence to some of the most important rules of professional ethics. The Cobra Training team, along with Kevin Clark, Managing Director - Litigation, provides training to our lawyers. Mr. Clark has extensive experience

as a litigation attorney supervising document reviews and other areas of discovery services. He has developed sophisticated best practices for quality control that have been repeatedly praised by our clients, and allow them, as they attain a comfort level with our work product, to avoid spending unnecessary (and billable) time reviewing and modifying things prior to a document production. 7. How do you do train and assess the competence of your workers and assess and verify the quality of the work done? Our employees undergo an intensive training program during which they are evaluated to determine their competence. Cobra provides both induction training and continual training. Induction training provides our newly hired employees with the knowledge and information required to understand the nature of the document review/research and writing process. Our induction training is a twelve-week course that includes: U.S. Federal Rules of Civil Procedure with a focus on Discovery; E-Discovery basics using the EDRM Model to ensure best practices; Litigation application training (Case Central); Document review training on the dummy database; Introduction to U.S. legal research and writing (Bluebook, citations, sources, and style); and Introduction to the U.K. legal system (focus on laws of England and Wales). Continual training is given to existing employees to address specific client- and project-based requirements (i.e., contracts, intellectual property rights, legal research and writing). In addition, English language training is also provided, covering the basic rules of English, the appropriate usage of the rules, the differences between American and British English, and terms and phrases used in the United States. Our continuing legal education activities include, but are not limited to: Introduction to document review software tools; Dummy database training and simulation of real time scenarios; Intellectual Property training; Contract Management training; Advanced legal research and drafting techniques;

Daily reading and comprehension exercises based on current events in U.S. legal and business fields (Wall Street Journal, New York Times, and Washington Post); and Training in U.S. grammar and idioms. The quality of work performed by our employees is assessed and verified by our Project Management Team, led by the Managing Director Litigation. Error Tracker Reports and additional feedback is sent to them in real time. Cobra also has comprehensive Quality Control and Quality Assurance procedures in place. These procedures are based on Six Sigma principles and refined project management and process management processes. We are currently being certified for ISO 9001 for Quality Management. Assessing and verifying the quality of work is an on-going process that is always being improved upon. 8. What types of security systems to you have in place to ensure data integrity and compliance with confidentiality requirements of those who hire you? At Cobra, we take a holistic approach to security and confidentiality. We address security and confidentiality through network/data security, premises security, and employment policies. In addition, a Business Continuity Plan and Disaster Recovery Plan are in place. Network/Data Security Cobra s operations facility utilizes ISO 27001 compliant information security management systems and practices. Data is delivered to and maintained by a hosting company selected by the client. Data files are never bulk transferred to Cobra. Cobra only sees images of folders and documents. Terminal and Citrix servers are used to connect our U.S. server with the client s server. By this methodology, the client s data is secure and cannot be downloaded to Cobra s local system. We do a full backup and a differential backup daily for all servers and user folders based on the criticality of files being backed up. In case of any failure, the backup will be restored as per the documented procedure. Transmission of data is secured over 128-bit SSL protocols. We use secured VPN connectivity, to encrypt or decrypt data for maximum security. A VLAN is in place to prevent merging one client s information with that of another. All incoming and outgoing data is routed through Antivirus servers. Virus definitions are updated daily.

Upon completion of a project, we use third-party software to securely purge our hard disks of the client s documents and data. All emails are monitored through a third-party application. Emails sent to outside domains are immediately blocked and an alert is sent to the administrator. Application and device control blocks all USB, CD/DVD drives, floppy drives, Bluetooth, and optical devices. Unified theft management devices are used to monitor and track all incoming and outgoing packets. Premises Security Fencing surrounds our tech park with manned gated entry points. ID checks are issued upon entry to the building. Card access is required for building elevator banks. A security guard is present 24/7 at the single entry point to our offices. Group access is restricted. Biometric (thumbprint) access controls entry to our data center. Audits are performed to analyze unauthorized access to the data center. 16 high resolution CCTVs inside the data center monitor unauthorized access. Card access to our separate, secure IT control room is limited to our IT team and senior management. APC UPS with 80 KVA centralized UPS system/30 KVA centralized UPS system for data center. We conduct periodic security workshops and regular internal compliance audits. We have dedicated customer workspace. Our facility has segregated, secure project rooms for specific clients and no information can be taken out of the locked, dedicated rooms. Employment Policies Cobra team members have monitored and restricted Internet access. The Managing Director Litigation, a trained and barred U.S. attorney, handles all email correspondence between clients and Cobra. Copiers and printers are not available to the review staff. Printer rights are limited to the printing of management reports and training materials. Read/write drives are not available on the same machines used for review by the review staff.

We do not create hard copies of review manuals, counsel lists, and other sensitive material. Only a limited number of people who have worked on the live project for a client and have signed the Non-Disclosure Agreement (NDA) have access to the electronic copies of these documents during the project. Access is revoked immediately after the project wraps up. Scheduled and random audits are performed regularly to ensure adherence to all principles and procedures. We do not employ temporary staff. Cobra does not use subcontractors to provide our services. All of our employees are screened as per the BS7858 standards. An independent firm conducts background checks of Cobra s U.S. executives. The results include education verification, past employment verification and references (including gap analysis), character reference checks, financial history (including credit reports), and criminal history checks. The Board of Directors also conduct its own independent background checks and due diligence, by back channels, such as checking their references and making industry inquiries. a. If there is a difference in security systems for work performed inside and work done outside the U.S., please explain. Our U.S. headquarters does not provide legal services. Security measures described above pertain to our offshore facility only. 9. What types of systems do you have in place to avoid conflicts of interest regarding those who hire you? Our employees undergo a series of background checks before and during employment. All Cobra employees and attorneys sign a confidentiality agreement to protect the client s information. Potential conflicts are verified before every engagement by adhering to the ABA Model Rule 1.7. All information regarding parties currently and previously engaged by Cobra review attorneys are continuously updated. If there are potential conflicts based on the ongoing reviews, those potential conflicts are immediately disclosed. In addition, we have a conflicts of interest process we utilize when engaging a new client or a new project with an existing client. This consists of a conflicts check with regards to our other clients and our employees. 10. Are you regulated? In what way and by whom? Are there competing regulations and regulators? Cobra supports the creation a self-regulating body that would work hand-inhand with the ABA to set minimum thresholds for companies in the LPO industry, and provide a set of principles and guidelines to ensure the proper

development of this market. At present the LPO industry does not have a regulatory body. However, in India, LPO industry players are in talks to form an association of LPO companies. Further, the leading LPO companies are in discussion with Nasscom, CII and PHDCCI to form a regulatory body. This would help the LPO industry set up standards as well as win the confidence of clients abroad. The association will work towards creating standards for quality service similar to those adopted by the software industry. It also plans to provide standardized training procedures for lawyers who intend to join LPO companies. Such an institute or industry body would provide basic training to lawyers and would familiarize them with international legal issues. Cobra Legal Solutions, and other LPO companies that only hire lawyers, are educated in international legal issues. We abide by the ethical opinions given by the American Bar Associations on the Ethics of Legal Outsourcing. We, along with the ABA board, would like to take the initiative to formulate a set of common regulations for the LPO industry that would help to create a fair playing field for all LPO service players, stakeholders, and legal departments. We are open to abide by the policies and regulations on legal outsourcing of countries other than the U.S.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information