Software swap guide: four tips to protecting your data


The COVID-19 lockdown has forced all of us to be more reliant on technology and embrace working from home. But many legacy IT infrastructures are ill-suited or too outdated to handle all the demands of remote working. Cloud-based software is the solution, but where to start?

1. Getting your data back – it’s your right

Lots of variables should be considered before you commit to upgrading or swapping software. Not least your data; of which you store vast quantities. Your law practice stores a plethora of important documentation, such as contact, identity, matter and financial – all of which must be handled carefully.

Unfortunately, some providers make it as difficult as possible for clients to migrate their data. And yet, this data is not theirs to hold – it belongs to you. This is unethical as well as being the worst type of client retention strategy there is!

You don’t want this to happen to you, especially if you discover the truth about locked data at the time you wish to leave. You shouldn’t be denied access to your own property and your supplier has a duty to act as the custodian, not owner, of your data. Enquire about assistance with data extraction upfront.

It’s not unreasonable to pay a fee for the service of delivering your data but it should be timely.

Additionally, once the migration has taken place, your supplier should delete your data from their stores otherwise both parties (you and your supplier) will fall foul of data protection rules; the Data Protection Act 2018 and GDPR amongst them.

2. Rigorously safeguard your data

With the onset of stricter data protection rules and existing regulatory obligations comes more onerous duties. Heavier too are the fines imposed for non-compliance – both parties could be blamed for any data breach. Glance at legal news headlines and you’ll see that leaked data can and does happen.

Your software supplier must follow the right procedures in safeguarding your valuable data. Check for accreditations that evidence sufficient cybersecurity standards; primarily ISO and Cyber Essentials certification.

Reputable organisations undergo rigorous annual re-certification processes in order to gain these quality marks, so make sure your new supplier carries these endorsements. As standard, your supplier’s security protocol should include at least the following measures:

  • password access
  • SSL encryption
  • firewalls
  • penetration testing
  • system monitoring
  • replication
  • physical security measures
  • other industrial-strength security protocols
  • robust BCDR plans for further reinforcement

3. Negotiate the best possible contract terms

We’ve already covered data export but what about your overall exit strategy?

Don’t be rushed into signing contracts without poring over this legally binding agreement. It’s the small print that often causes problems. If your supplier is forcefully requesting your signature and you feel pressured to commit against your will, alarm bells should be ringing.

4. Ensure Legal Software Suppliers Association (LSSA) membership

The LSSA is the UK body for legal software developers and vendors whose aim is to set and maintain professional standards within the sector. The LSSA’s sets out recommendations relating to data conversion such as extracting
data in an industry-standard format within a reasonable timeframe, exporting associated case-related documents, generating reports on current data, supporting trial conversions through mutual supplier cooperation, transforming data to accommodate subtle differences between databases and checking data integrity once converted with any requisite correctional activity.

LSSA membership is confirmation that you’ll be well looked after at all stages of the customer lifecycle from acquisition to termination. Suppliers not adhering to the LSSA’s standards stand to lose their LSSA accreditation completely. You should apply extreme caution when dealing with companies whose reputation is questionable.


Hopefully, our tips will help you easily and painlessly switch to another supplier. Remember that you are responsible for safeguarding your data and the best way to do this is to find a reputable and trustworthy software vendor right at the outset. Use this guide as a starting point, supplement with other pressing questions of your own and you should be well on your way to putting into place your optimal IT set-up to cope with COVID challenges and into the future.