Lisa Burton is a Global Leaders in Law Ambassador and Chief Executive Officer of Legal Data Workspace. Below, Lisa outlines the key mistakes to avoid during crisis management and highlights what every GC should be aware of in 2022. She also shares her insights on executive-level leadership and offers practical advice on data protection management. 

Corporate Counsel Advance: What are some of the key mistakes in-house counsel make when it comes to crisis management? 

Lisa Burton: Counsel often need to rely on data but are often faced with the situation of ‘I don’t know what I don’t know’ in the context of how to use data to inform in a given scenario, for example, a corporate investigation into potential fraud by an employee.  The GC perhaps working closely with Risk Audit and Compliance teams are unable to reach deep within the business.  The bypass that “we have a policy for that” opinion which does not truly reflect the activity means that it is impossible to create a holistic “to-do” list that is authoritative and precise.

Secondly, Legal and IT generally ‘don’t speak the same language’ so it’s hard for GC’s to understand IT and equally, hard for IT to understand legal.  IT are managing networks, users and performance, whilst GCs are managing the challenge of regulatory action and exposure, M&A activities, legal business process and operations.  The two teams tend to overlap when a legal IT or data scenario crops up, for example, a data breach, cyber-attack or the need to search and find data for an employment matter or a regulatory probe.

How can a GC be confident that the data that is identified, extracted via the IT department is the correct data in scope? It is incomplete?  And was the data in scope managed in a legally defensible process that may involve data privacy complexity relating to employees, clients, third parties?