Staying Ahead in a Post-GDPR World: Why Data Processing Agreements Are Critical For Business

By Judi Crimmins

The GDPR is the most significant data protection shake-up in 25 years. What has become evident in the almost 2 years since it came into force, however, is that many businesses are still struggling to understand and implement it.

Many of the headlines have been security-focused or riddled with consternation and the burden for businesses. But there have been benefits, too.

The Impact of Data Protection Laws

The new regulations have had a monumental effect on the awareness and tackling of privacy issues in both the public eye and senior management level.

The GDPR and California’s landmark privacy law, CCPA, can function as a roadmap for businesses to establish a strong data governance program. Critically, they bring regulation into the modern age with respect to the evolving digital economy and trigger exciting new opportunities and long-term benefits for businesses.

These benefits include greater agility and innovation. According to Cisco’s latest data privacy study, 42% of the companies surveyed said that meeting the GDPR is helping them to broaden innovation thanks to the right data controls being in place. Other benefits are reduced reputational risk and improved cyber resilience.

Companies are beginning to understanding that good information handling equals good business sense, and it’s difficult to argue with that.

The Dawn of Data Processing Agreements

One of the consequences of GDPR is that companies are undertaking a significant redevelopment of their data handling capabilities in order to comply. Businesses are increasingly looking at the way that they handle the personal data of their customers and putting an action plan in place to safeguard their privacy.

The change to the law regarding data controllers and data processors, in particular, has significant implications for businesses. Under the GDPR, it is essential for organizations involved in the processing of personal data to determine whether they are acting as a data controller or as a data processor in respect of the processing.

This is especially important in the case of a data breach, where it is necessary to determine which entity has overarching responsibility for data protection.

Data Processing Agreements (DPAs) are designed to satisfy that obligation, and failure to have one in place is a breach of the law under GDPR.

DPAs Are Critical For Business Deals

The DPA regulates the scope and purpose of data processing, and specifies the rights and obligations of your organization and your data processors.

It provides the peace of mind and assurance that your data processor, and any third party subcontractor they might use, perform adequate due diligence to protect the privacy of the personal data you have been entrusted with.

These contracts were simpler in the days before GDPR, and even disregarded in some cases. However, the DPA is a critical component of business deals under the new data protection laws and can no longer be ignored.

Compliance starts with the right foundation. Investing in a sustained data management and governance program that includes a solution for DPAs provides businesses with a competitive advantage. Essentially, it enables them to position themselves as innovators and market leaders in a post-GDPR world.

For more information, check out The Essential Guide to Data Processing Agreements, which provides all the information in one convenient place.


Judi Crimmins is a jurist, writer, and the Director of Global Marketing at LawGeex. Previous companies include BSI Group and British Water. Judi holds a Master of Laws (LLM) from the University of London. Connect with her on LinkedIn

LawGeex Is Gearing Up For Legalweek 2020

There is nothing quite like an exciting conference that leaves even the most jaded legal professional thrilled about the industry all over again.

LawGeex is ringing in the new year with an exciting program of events. Keeping up with the latest trends and innovations is a monumental task, which is why these events are so integral for spreading new information via seminars, workshops, and unparalleled opportunities to network with peers and experts.

One of the hallmarks of our calendar, Legalweek kicks-off in NYC February 3-6.

Legalweek is a major expo in which the legal industry gathers to explore the business and regulatory trends, technology and talent drivers impacting the industry. Easily drawing over 10,000 attendees each year, Legalweek features workshops, networking events, and three conferences designed to address key issues at a functional level: LegalTech, LegalCIO, and Legal Business Strategy.

For everyone in attendance, Legalweek presents a unique opportunity to forge connections, create opportunities, and learn from one another’s experience.

We’ve prepared some truly superb swag and special edition, customized content for Legalweek. We hope you’ll join us. Our booth tends to get pretty busy, so if you’d like to demo our award-winning platform and find out how you can achieve a risk-free, rapid deployment of LawGeex to accelerate deal closure, click here.

Oh, yet to secure a ticket?

Don’t worry. We’re delighted to offer a number of complimentary tickets that grant you free access to the expo. Contact us for more information.

Metrics that Matter: Using Legal Data to Make Informed Business Decisions

By Nicole Arbiv

The legal industry is evolving at breakneck speed. Legal departments are expected to run as a business and drive cost-effective processes that benefit the entire organization. General counsels too are required to invest in the operational support of the department, and legal operations has emerged as the glue that holds the various functions and practice areas together.

There’s no doubt that effective legal ops allows in-house counsel to focus on high value legal activities. And at the heart of this, is the need to define clear goals and KPIs around these activities to measure success. So, how do you do that?

Poor Data Visibility Hampers Performance

When it comes to contracting, legal is typically seen as a blocker instead of a trusted advisor to the business. However, by leveraging data and metrics around turnaround time and developing SLAs with internal clients, legal can support the business and help drive revenue by jump starting a new customer relationship.

The problem is that even in legal departments with mature legal ops that collect data around contract review, it’s rare to have visibility into this data.

Unless lawyers are manually extracting and tracking the different legal concepts they’re reviewing as part of the routine negotiation process, legal departments simply don’t have the relevant data and insight into the trends driving their contract review process. It is typically based on intuition, and occasional roundtable discussions between the lawyers on the team.

Contract Automation Enables Better Business

The good news is that a Contract Review Automation (CRA) platform can provide this data. It drills down to the source. It provides insight into how a contract measures up against a company’s legal policy and guidelines.

Legal teams can use this data to find interesting trends over time. For example, it can be used to establish if there is a specific legal concept that is always missing from a contract. Conversely, it can offer insight into the potential risks and implications of concepts that probably shouldn’t be there in the first place.

This data is extremely powerful, as it enables in-house counsel to make strategic and informed decisions that can help position them as trusted advisors to the business. By turning data into tactical and actionable metrics, a business can use it to drive revenue and transform their bottom line.


Nicole Arbiv is the Director of Customer Success at LawGeex. Leveraging her legal ops background, she helps our customers drive efficiency in their contract review processes. Nicole holds a BA in Business Administration from the University of Washington and is a Certified Public Accountant (CPA) in the State of New York. Previous companies include PwC and HP.

2019 Legal Tech Buyer’s Guide

Is your head spinning from all the choices in legal tech? Are you wondering how to choose the best solution for your team?

You’re not alone.

Fortunately, LawGeex is here to help sort things out. Yup, it’s time for this year’s Legal Tech Buyer’s Guide, fully updated from 2018 and showcasing more than 80 key legal-tech solutions across 12 categories. The guide has become the indispensable compendium for everything from Contract Review Automation to Contract Lifecycle Management, and from Extraction to eDiscovery.

This year, we’ve made it more accessible by switching to an online format. And to make it even more useful, we’ve added a new section called Resources which includes various templates and examples. These currently include a six-step guide on how to evaluate and buy tech solutions and a template for your firm’s legal tech roadmap, and we’ll be adding even more.

We’d love to know what you think and what other resources you would find useful.
You’re welcome to contact us at buyersguide@lawgeex.com

A Primer on Using Artificial Intelligence in the Legal Profession

In this article in the JOLT Digest, Lauri Donahue, LawGeex’s Director of Legal Content, provides A Primer on Using Artificial Intelligence in the Legal Profession.

This useful and accessible article addresses questions such as how AI works, what it can do, how lawyers are using AI, and how it will affect the legal profession.

Read more

CLOC State of the Industry Survey

The Corporate Legal Operations Consortium (CLOC) just published its annual State of the Industry Survey of in-house corporate legal departments. This report provides valuable insights into legal spend and technology adoption. Here are some highlights that we found particularly interesting.

$7B Private Equity Firm Investindustrial Reduces Risk with CRA

Risk mitigation is one of a lawyer’s most important roles. Even as the legal world evolves, identifying, quantifying, and addressing risks remains a primary mandate for legal. How can tech, AI, and automation be used to mitigate risk?

Live Webinar: How MetLife’s Senior Counsel Uses Tech to Be a Dealmaker

You, along with everyone else on planet Earth, are cordially invited to a webinar featuring MetLife’s legaltech guru!

Robin French, Senior Counsel at MetLife, will share how the insurance giant is using technology to transform the role of legal – from sales blocker to dealmaker.

LawGeex picks up the prestigious Burton Award

Joining a bevy of recognitions already received this year, LawGeex is proud to share that we have also received the Burton Award!

Legal Tech Weekly profiles LawGeex

What does Contract Review Automation look like for clients? How should lawyers see the legaltech wave? And what does chutzpah mean? All these questions and more are answered in the pages of Legal Tech Weekly!