Let ReviewAI Handle the Pre-signature Phase
ReviewAI provides a review of any contract and automatically redlines, annotates, and provides a risk rating based on your company’s…
Gartner estimates that 50% of the world’s population will have personal information covered under local privacy regulations similar to the EU General Data Protection Regulation (GDPR) within two years. Indeed, governments worldwide, including Australia, Canada and Brazil, are creating new privacy laws or updating existing ones. States in the U.S. are actively legislating in favor of this, with California, Maine and Nevada enacting comprehensive privacy laws.
While this represents a positive to individuals’ data protection, it adds a layer of complexity for companies working across states and countries. Jane A. Bennitt, founder of Global Legal Ebilling and president of the LEDES Oversight Committee for 14 years, talks with us about a development in European Data Privacy that directly impacts legal e-billing.
Q: Tell us about your e-billing and technology experience.
Bennitt: I have nearly a quarter-century of hands-on experience in implementing legal technology, and my specialty is global e-billing. Regularly I work with law departments, insurance claims organizations, law firms and vendors needing assistance with workflows, compliance, automation and metrics. With the nature of my job, I research rules and regulations which apply to electronic invoicing for my clients.
Q: What did you discover recently when looking into EU data privacy laws?
Bennitt: The U.S. government routinely requests information on users from large corporations like Google, Facebook and others. Based on a case out of Ireland, the European court has invalidated the data privacy shield that allows the transfer of personal information on EU citizens to U.S.-based servers. Contractual-based data transfer from the EU to U.S.-based servers is still allowed, which is fortunate because that is the basis for data transfer in legal e-billing. But that also may be challenged in courts.
Q: What are the implications for corporate legal departments?
Bennitt: Data privacy litigation is hot across the globe. More countries are considering and enacting stricter data privacy regulations, and it is not limited to the EU. I predict there will be a time when there are similar requirements all over the world. The California Consumer Protection Act, which went into effect on 1 Jan 2020, offers protections modeled on GDPR, for example. These regulations provide more comprehensive protections than seen previously, especially with GDPR. We’ve seen companies hit with massive fines for non-compliance with GDPR and we will see more in the near future.
If your corporate legal department is involved in e-billing and cross-border operations, find out where your e-billing data is hosted. You may need to consider storing e-billing data on multiple global servers in jurisdictions with stringent data privacy regulations. If you’re based in Europe, have a server in Europe. If you’re in Brazil, have your data stored in Brazil or South America.
Q: What advice do you have for corporate legal departments?
Bennitt: I’m not a lawyer, but here are common-sense steps to take to protect your e-billing and its data:
Thanks so much to Jane for sharing her insights into e-billing and regulation trends. If you’d like to contact her, you can reach out via LinkedIn or email.
To learn more about legal e-billing and legal spend management from Onit, visit here.
ReviewAI provides a review of any contract and automatically redlines, annotates, and provides a risk rating based on your company’s…
Streamline collaboration across departments with Onit’s groundbreaking new AI Virtual Assistants for Legal Operations and Contract Management. Step into a…
As an in-house legal professional immersed in document review, you know first-hand the promise — and pitfalls — of applying…