I was at iManage ConnectLive in Chicago last month. The headline announcement was the iManage MCP Server, now generally available, which gives AI tools permission-bound, auditable access to iManage content without content leaving the platform. CEO Neil Araujo put the governance promise plainly from the stage: “Your content stays in the core. The ecosystem plugs into it. Governance as a foundation.” iManage’s existing permission and ethical wall controls govern what the AI can access through the iManage MCP, and iManage previewed plans to extend Security Policy Manager to AI agents as part of a broader agentic governance roadmap, though that integration is still under evaluation and not yet generally available.
What stayed with me on the flight home was a set of governance questions that the iManage MCP doesn’t answer: what’s already in Harvey and Legora, how content continues to flow in through two direct pathways, and what professional obligations follow client content into these platforms regardless of how it got there.
Harvey and Legora are two of the external AI applications law firms have deployed at scale. The governance question they raise applies to external generative AI platforms broadly, but these two are where it is live and specific to law firms right now.
The iManage MCP keeps content in the DMS and gives AI tools governed, auditable access to it without content leaving iManage. That is a meaningful improvement over earlier integration models, and it is why the ConnectLive announcement mattered. But two methods for moving content directly into Harvey or Legora predate the iManage MCP and remain in place, and each carries governance implications it doesn’t address.
The first predates the iManage MCP entirely. Both Harvey and Legora have direct DMS integrations with iManage that were in place before the iManage MCP became available. These integrations respect iManage’s existing permissions and ethical walls at the point of upload, governing what users are authorized to bring into the platform. Once content is inside Harvey or Legora, it sits within each platform’s own governance framework. Harvey’s engineering documentation confirms as much. Retention and deletion fall to users and administrators, through manual deletion or retention rules they configure themselves.
The second pathway has no DMS permission check at all. External AI applications also accept direct uploads from users, independent of any DMS integration. Harvey Vault accepts up to 100,000 documents per vault uploaded directly from a user’s local environment.
A specific concern is worth naming here. If a user cannot access a file in the DMS due to permissions or ethical wall restrictions, a colleague who can access it could download and share it for direct upload into the AI application. Whether that happens in practice is a question for firms to answer, but the technical pathway exists and the iManage MCP does not close it.
Although the technology is new, the governance gap it creates is not. Law firms have navigated this problem before. When SharePoint arrived at law firms, it gave users another place to put content: fast, convenient, and largely outside the governance frameworks that applied to the DMS. The controls existed in principle. In practice, users did what was easiest, and content spread. The addition of Teams to SharePoint further accelerated content living outside the DMS. External AI tools follow the same logic. Users upload directly because it is faster or simpler. The content accumulates, and the governance question follows: who is responsible for what sits in these platforms, and under what policies?
If the unstructured data estate is everywhere firm content lives that needs to be governed, are Harvey and Legora part of it?
And if they are, what does that mean in practice? Do a firm’s retention schedules apply to content held in Harvey Vault or Legora? If so, who configured the retention settings in those platforms, and who makes updates when policy changes? Does the information governance team audit what’s held in external AI applications, and how often?
The governance questions extend well beyond retention. Clients are including AI clauses in their outside counsel guidelines at an increasing rate: requirements for consent before client information enters a GenAI tool, prohibitions on using client data to train models, and the ability to permanently delete client data from those tools. If a client invokes that deletion right, can your firm identify what content of theirs is in Harvey or Legora and confirm when it is removed? ABA Formal Opinion 512 places client information shared with third-party AI vendors within Model Rule 1.6 (Confidentiality of Information). Whatever your vendor contract says, the professional obligation travels with the content. Has anyone assessed whether the content in these systems is consistent with what your OCGs permit?
The questions I keep coming back to for IG and IT leaders are these. How are you governing content inside these AI tools? What policies apply to it, who enforces them, and how do you know they’re working? How does that align with how you govern the rest of your unstructured data estate: iManage, file shares, SharePoint, email? If every unstructured repository runs on its own governance framework, the firm has a collection of separate oversight models, each with its own gaps. Do you need a unified view across them?
I don’t have the answers, and that’s the point. If you’re an IG or IT leader at a firm that has deployed Harvey or Legora, I’d like to hear how you’re thinking about it.
Sources Consulted
• iManage MCP Server Now Available for Broader AI Ecosystem — iManage, May 14, 2026
• AI is only as good as what it knows: iManage shares the governed foundation for the agentic era — iManage ConnectLive 2026 keynote recap, May 20, 2026
• Security Policy Management — iManage Security Policy Manager — iManage product page
• Harvey Announces Technology Partnership with iManage — Harvey, June 2025
• How to Enable the iManage Integration — Harvey Help Center
• Building Harvey’s iManage Integration — Harvey engineering blog, October 2025
• Harvey Vault — Harvey platform page
• Folder Uploads and One-Way Sync — Harvey release notes, March 19, 2026
• Understanding Retention Policies — Harvey Help Center, updated April 8, 2026
• Security and compliance — Legora — Legora security page
• LFIGS: AI Considerations for Information Governance Processes — Law Firm Information Governance Symposium, 2024
• ABA issues first ethics guidance on lawyer’s use of AI tools — American Bar Association, July 29, 2024