Lawyers or paralegals are constantly at risk of accidentally breaking client confidentiality because of the fast-paced and challenging nature of the work at hand. That’s why it is very important to be organized, alert and cautious when handling client information. It’s not enough to just keep your mouth shut, especially in today’s world where it seems no information is secure.
Despite technological advancements, some rules will always apply: Keep your clients’ files in a safe cabinet. Use the shredding machine. Never leave documents where people can get them.
The easiest way to commit malpractice is to make a mistake on the simple things because they seem so obvious.
So, if you’re torn between two important choices, choose the one which puts your client’s interest on top. Carefully review and follow the suggestions above.
If you received text messages from your clients, be sure to delete them right away so that your spouse, partner or any member of your family may not be able to see it. Never talk to clients on the phone when someone else is listening or can overhear your conversation.
Someone that has a drug problem or sex addiction is much more likely to be vulnerable to ethical lapses or bribery. Your clients deserve the same type of people handling their documents that the NSA has handling its documents.
Perhaps the easiest thing law firms can do is to put data in the hands of experts (and understanding that those experts are not attorneys). Offsite servers that are encrypted, protected and have teams of people ensuring their security are any law firm's best friend.
For companies that provide services to clients, data security is always an important part of business. With lawyers and law firms, however, who are constantly entrusted with highly sensitive information about their clients as a course of business , the need for effective data security is of even more critical importance.
Although it may seem trivial, a good and properly set up firewall is the first step in defending your law firm against intruders.
Sloane Perras is the Chief Legal Officer for The Krystal Company, an American fast food restaurant chain headquartered in Atlanta, Georgia. In her current capacity, Ms. Perras oversees the Legal and Risk departments for the Krystal brand and is involved in oversight of risk management, company litigation, compliance and employment law. Her expertise includes team leadership, business advisory, mergers & acquisitions, vendor management and employment relations.
First, unless a law firm is uniquely large, it is unlikely that the IT department is large enough to have a Security Operations Center capable of (1) inspecting all traffic, (2) classifying it as benign, malicious, or questionable, (3) analyzing questionable traffic rapidly to determine whether it is malicious, (4) curtailing malicious traffic (which can require reverse engineering the malicious code), and (5) taking the necessary steps to remediate any damage.
Now, the email that is received at and sent from law firms may (or may not, depending on the nature of the email) be subject to the attorney-client privilege. However, a strong email retention policy will also protect email from intrusion such as if the firm's mail server is hacked.
The most basic principle underlying the lawyer-client relationship is that lawyer-client communications are privileged, or confidential. This means that lawyers cannot reveal clients' oral or written statements (nor lawyers' own statements to clients) to anyone, including prosecutors, employers, friends, or family members, ...
Heidi tells her lawyer that the drugs belonged to her , and that she bought them for the first time during a period of great stress in her life, just after she lost her job. Heidi authorizes her lawyer to reveal this information to the D.A., hoping to achieve a favorable plea bargain.
Can they testify to what you said? Yes. Lawyer-client communications are confidential only if they are made in a context where it would be reasonable to expect that they would remain confidential. ( Katz v. U.S., 389 U.S. 347 (1967).) A defendant who talks to a lawyer in such a loud voice that others overhear what is said has no reasonable expectation of privacy and thus waives (gives up) the privilege. Similarly, people who talk about their cases on cell phones in public places risk losing confidentiality.
For perfectly understandable reasons, defendants sometimes want their parents, spouses, or friends to be present when they consult with their lawyers. Does that mean that the conversation won't be considered confidential?
If a jailer monitors a phone call and overhears a prisoner make a damaging admission to the prisoner's lawyer, the jailer can probably testify to the defendant's statement in court.
Blabbermouth defendants waive (give up) the confidentiality of lawyer-client communications when they disclose those statements to someone else (other than a spouse, because a separate privilege exists for spousal communications; most states also recognize a priest-penitent privilege). Defendants have no reasonable expectation of privacy in conversations they reveal to others.
Heidi authorized her lawyer to reveal her confidential statement to the D.A. But a statement made for the purpose of plea bargaining is also generally confidential, so the D.A. cannot refer to it at trial. Example: Same case. Soon after her arrest, Heidi speaks to her mother in jail.
Download anti-virus protection. All computers in your office that are connected to the network should have an anti-virus program installed and updated on a regular basis to ensure confidential legal information cannot be corrupted. [5]
Control use of the internet and social media. Create a written policy regarding appropriate internet and social media usage in the workplace, and take steps to prevent confidential legal information from being disclosed through social media. Keep in mind that it often isn't necessary to have internet connectivity on every computer in the office.
Conduct periodic checks. Ensure all employees are appropriately safeguarding confidential legal information and respecting the security of systems and servers by conducting regular tests and monitoring employee activity.
Removing access to the internet from the computers of employees who don't need it for work can significantly decrease accidental disclosures of confidential legal information.
Secure your fax machine . Avoid sending documents containing confidential legal information using the fax machine, and make sure the fax machine is located in a secure area with controlled access.
Office staff should know that if a fax comes through that involves a legal matter, it should be delivered directly to the person to whom it was transmitted.
Not only is it a benefit to have a top-notch information technology team available 24-7 to assess risks and quickly isolate and repair any problems, but using a security firm also ensures your security is always up to date.
When speaking with or about a client or a case by phone, the door to the office should be closed and the use of the speaker phone should be avoided. A call from or about a client should certainly not be taken with another client or third party present. 3.
Practical Tips for Protecting Client Confidences: 1. Don’t discuss work outside of work . As tempting as it may be to talk about work with colleagues, friends, and family, client confidences must not be revealed, even hypothetically.
The Comments to ABA Model Rule 5.3 specifically warn lawyers about the obligation to maintain client confidences: “A lawyer must give [nonlawyer] assistants appropriate instruction and supervision concerning the ethical aspects of their employment, particularly regarding the obligation not to disclose information relating to representation of the client [.]” (Emphasis added.) Client confidentiality is the only ethical obligation specifically pointed out in the comments to Rule 5.3, which should alert the practitioner to its significance. Unfortunately, client confidentiality is an easy rule to break simply because the definition of client confidences is often misunderstood by lawyers and legal assistants alike. Many practitioners presume that confidential information consists only of secrets told to the paralegal or the lawyer in confidence. However, confidential information is not just client “secrets” of which third parties have no knowledge. Confidential information is ANY INFORMATION about the client or the client’s legal matter - regardless of whether it is secret and regardless of its source. [1]
Even with the most care and attention to protecting client information, mistakes happen. The Model Rules of Professional Conduct provide guidance for recipients of information that is accidentally disclosed. Model Rule 4.4 (b) requires a lawyer “who receives a document or electronically stored information relating to the representation of the lawyer's client and knows or reasonably should know that the document or electronically stored information was inadvertently sent” to notify the sender of the information promptly. The Rule puts the burden on the sender to take necessary action to retrieve or otherwise protect the information. The Rule does not restrict or limit the receiving lawyer’s review or use of the information. In fact, there are circumstances where the lawyer might be ethically required to review or use the information. This means that we must take all the precautions necessary to avoid such a situation.
Have only one file open on your desk at a time and only one matter record open on your computer at a time . As the phone rings, or emails come in, or your boss pops in with new instructions , you bounce back and forth from file to file all day long.
2. Be cognizant of your surroundings when communicating with clients, even in the office . Even brief in-person conversations with clients should be conducted in a conference room or office with the door closed, not in the lobby, hallway, or elevator. When speaking with or about a client or a case by phone, the door to the office should be closed and the use of the speaker phone should be avoided. A call from or about a client should certainly not be taken with another client or third party present.
Computer passwords should be periodically changed and should not be written down in the office. If members of the legal team take client files, flash drives, or laptops containing client information outside the office, policies should be established for securing those files and computers.