About Confidentiality Management

At the heart of Milan's information governance solution is Confidentiality Management—a set of tools for quickly and efficiently securing your firm's information systems.

The most robust of these tools, Policy Center, provides your risk team with an intuitive interface for creating and applying policies across multiple systems, including WorkSite, Elite, LegalKEY, and Windows file shares.

Security Center, on the other hand, is a simpler ethical wall implementation that allows you to secure matters in WorkSite to teams or groups while also excluding specific users at either the matter or client level.

Both Policy Center and Security Center allow you to:

• Grant users access to documents on a need to know basis via teams or groups.
• Delegate management of team membership to matter owners (e.g., the responsible attorney).

With either tool, you can also reduce the strain on your service/help desk by enabling Self-Service, which provides an integrated workflow for making and approving access requests for workspaces and documents.

Choosing the Right Tool

If you are simply looking to secure matters in WorkSite using teams, groups, and exclusions, Security Center might be sufficient for your needs. However, if you require support for advanced features like competitive exclusion policies or user notifications, you will need to implement your policies via Policy Center.

The key differences between the two tools are summarized below.

Security Center

• Works exclusively with WorkSite.
• Limited to teams and walls, i.e., inclusionary and exclusionary policies.
• Confidentiality is specified at either the client or matter level.

Policy Center

• Confidentiality is defined in policies, which can include multiple clients and/or matters.
• Policies can be enforced on WorkSite, Elite, Aderant, Intapp Time, Carpe Diem, Windows files shares, LegalKEY, and SQL-based systems.
• Supports implementation of contractor and competitive exclusion policies.
• Includes an email notification system for alerting risk team members and users affected by policies.
• Custom policy types can be created for lateral hires, ITAR, data privacy, price sensitivity, trade secrets, and conflicts of interest.
• User/group lists in policies can be automatically updated based on rules associated with the policy's type.
• The users, groups, clients, and matters affected by a policy can be determined dynamically via custom SQL scripts.
• Specific users, such as financial analysts, can be designated as "immune" from some or all policies.