For Ombuds Moving Online

Designing Online Dispute Resolution Information Systems Effectively

DEODRISE, by Dr. Clare Fowler

Most Ombuds would say they didn’t sign up to be an online ombuds.

I didn’t sign up because I was impressed with block chain and ecommerce and AI ADR algorithms. I signed up because I love connecting with visitors, hearing their stories, and feeling like I have helped. We all have that moment where two people walk into a room hating each other, but after a couple of hours of mediating, the fairy dust appears as they forgive and begin to heal. It is that magical moment that draws me to mediation and Ombuds and facilitation.

And then I wanted more. I wanted to spend more time with my kids and other parts of my job, and less time in the car. I wanted to work with more clients that were spread across the country, or globe, and not have to deal with traveling. So, like many of us, I dipped my toe into Skype, Webex, GoToMeeting, MS Teams, and now Zoom.

When we initially began working in online dispute resolution and case management, we tried a lot of things that we decided not to do again.

  • Using Alexa for relationship disputes
  • A mobile app for resolving company complaints
  • Charging per person for case management (instead of charging per case, as we do now)
  • Too many features (aka too confusing)
  • Lengthy intake (parties became overwhelmed, or intake felt invasive)
  • Getting the credit card before ever speaking to the client (no rapport)
  • Getting the credit card when everything was over (no reason to pay an online system)
  • Designing one perfect system (every office is arranged so differently. AI, intake, and case management systems need to be flexible.)
  • Using only one perfect platform or process (need to be familiar with different processes for different types of clients and cases, and different platforms for when one doesn’t work)
  • Telling clients “trust us, we have it all figured out” (clients want transparency, and sometimes to have a hand in designing the process.)
  • Not allowing clients to interact/feel involved (Clients want to interact.)
  • Cumbersome sign-on discriminates (the simpler the intake the more accessible it is)

In summary, we learned that online processes have to be responsive and inclusive—the same skills that we learned make successful mediators.

Online we can still have that fairy dust magical moment in a facilitation/mediation/ADR meeting if we design a process that is:

  • Simple
  • Safe
  • Smart

Here is what I’ve learned about these three requirements.


  • Your website. This is the first interaction your visitor has with you/your office, so keep it clean and welcoming. A direct path from their landing page to scheduling a meeting with you. You should have multiple links taking clients to a contact or scheduling page.
  • The scheduling process needs to be simple, or a client will move on to someone else. I like calendly,, and cogsworth. WordPress also has some nice calendar integration tools.
  • This might be a separate form on your website, or combined with your scheduling platform. Keep this form simple. Clients have not established enough rapport with you yet to be transparent about their concerns. What is the least amount of information you need to contact them? Name, email, phone, and perhaps a brief description of the issue. This minimizes email (often unsecure). Shorter fields also minimize the chance that a client will share something with you that should be reserved for a private conversation.
  • Calendar invite: Again, keep this process as simple as possible. Have your calendar, Zoom, or your scheduling software send out an invite for you with the details. Just review the invite first (many of these are modifiable), to make sure it conveys the tone you are looking for. Make sure to include date, time, how to connect, and how to contact you if things go topsy-turvy. These invites are often wordy with multiple links and can be confusing for clients—which is not a great step for establishing rapport!
  • Meeting: One click. That is the goal here—nice and simple. Clients are already upset—the last thing you want is to add to that frustration. Tell clients any important details beforehand: will the audio and video be on when they join? Will there be a waiting room? Will they be alone with you, will this be a joint meeting, will they be able to speak with you privately? You can answer many of these questions through an FAQ site on your website, and just send clients a link to that page.
  • Documents: This should also be a simple click. Before you sign up with a service, try going through it as a client. Is it obvious where to initial and sign, and are the clients able to save a copy of the file?


There are multiple pieces of the mediation process that have to be protected. You need to find an answer to all of them, but try to find a system that satisfies many of these steps. The more integrated of a system, the better, because when you are transferring your data from one system to another it is the most vulnerable to attack (Just like a prison transfer, right? I’ve obviously been watching too many action movies since I’ve been home.).

  • Scheduling: Use a trusted system that encrypts information when it is being transferred.
  • Intake: Are you asking them to share confidential information? Where is this information being stored? Is it on a company server—is that subpoenable? Is it being sent to you in an email? If possible, see if instead you can receive an alert that an intake has been filled out, instead of the details of the case and any pii (personally identifying information).
  • Calendar invite: Be careful when sending an invite not to send the details from your invite, especially if you are using a company server. This leaves a trail that can expose your client. This also can make the client feel that you aren’t taking their security seriously. Can someone from IT review these emails and see the details of the case? How do they know you haven’t bcc’d someone? Is there a copy of the sent email stored in your local drive?
  • Meeting: Ensure that you have end-to-end encryption, disable chat and record, and enable protection for getting in the meeting (password, registration, and/or waiting room).
  • Case Management: Does your CM software offer multi-factor authentication (such as a push code, a call, or a text)? Also ask: where is the data being stored, how long is the data kept on the back-up servers, what do you do if information is deleted, what is the requirement if the data is breached? Many mediation and arbitration offices want secure back-ups that are archived for at least seven years; whereas most Ombuds offices will need to know that the data will be scrubbed from back-ups and any archives. However, demographic and case trend data can usually be retained for an Ombuds office, as long as the demographic data does not allow a reasonable user to identify the visitor.
  • Documents: If you need to send your document as an attachment, password protect the file (you can do this in Word, excel, adobe, etc.). If you need the clients to sign the document, how are you going to send it to them and have them send it back? I recommend using a secure service such as docusign, adobesign, PandaDocs, etc. When possible, I also use Zoom Remote Control to have clients sign documents on the spot, and then I send that document as a File in Chat. File transfer must be enabled in Zoom before the meeting begins. But this is a simple way to ensure that the document is signed, no one else has viewed it, and that we all have a signed copy.

Additional thoughts about data security: it is important to approach every process knowing that someone will attempt to hack you. It is the reality of working online now, and we are potentially causing harm to our clients if we don’t take responsibility to protect them. There are many simple steps that you can take—design strong passwords, set-up multi-factor authentication, add a password to your laptop and important files, use secure software, use a safe internet connection, and use encrypted meeting platforms.

To keep your clients safe, protect their data during intake, where you store it, while you are meeting, and whenever you transfer it to another platform. The CCPA (California Privacy Act passed in January 2020) actually says that you have a responsibility if you transfer data to someone (an accountant, website designer, etc.) to verify their safety rules or you could be held accountable.


How to mess up ODR? Don’t use smart software. Smart software should be flexible—add-in features that you want, get rid of everything that you don’t. It should be a time saver. It should be able to identify trends in your practice/center/office/court/state. It should also be able to integrate securely with other systems to provide scheduling, videoconferencing, intake forms/surveys, reporting, and ecommerce (if applicable).

Software should be smart enough to support you and not be a time-suck. That is why we call it a platform and not a canyon.


Mediation is a noble profession. We are with people at their worst, and help them to become their best. As technology changes, it is our duty to ensure that we are still protecting our clients. We need to keep the process simple and streamlined for them and also let them know that we are safeguarding their most important thoughts. They should feel safe from their first interaction with us to the final signing of the document. The last thing any of us want are horror stories of exposing client information, breaching their data because we didn’t take steps to protect them, and having people begin to shy away from mediation. By keeping the mantra of being Simple, Safe, and Smart we can guide our venture into ODR into a place that we are proud of.

written by:Clare Fowler
link: For Ombuds Moving Online