For an attorney email security is vital to both your reputation and your career. The American Bar Association Standing Committee on Ethics and Professional Responsibility has updated its stance on electronic communication. Here’s what you need to know.
Attorney Email Expectations
Historically, it has taken time for professional organizations to catch up with technology. Recent worldwide attention to cyber-security attacks has sparked concern. All firms should assess their current practices and update policy and procedure to ensure compliance.
Changes to Opinions & Rules
The ABA recognizes that technology is constantly changing. They also recognize that flaws in current systems only emerge as problems occur. They have restructured rules to address this. One example is Comment to Rule 1.1. It now reads, “a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks of technology.”
Changes to Comment to Rule 1.6 include a new section. “A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information related to the representation of a client.” This section stresses that the type of communication may need more security.
American Bar Association Recommends 7 Steps
The American Bar Association recognizes the risk to attorney email. It does not, however, offer specific remedies. It points to earlier suggestions and offers seven steps to guard against disclosures.
- Assess each communication. How sensitive is the information? Raise security based on this.
- Understand the firm’s system of storage and transmission. How are confidential communications sent? Where are they stored? Attorneys should understand how the firm manages and accesses data. Pay attention to BYO devices --- are they secure?
- Attorneys must understand and use “reasonable” security methods. Thus, the committee stresses the importance of this. It says attorneys must understand that these are case-by-case. Some information requires using a secured internet connection, firewalls and security software.
- Educate clients. Partner with clients to develop the most secure solution for each case. Look at the type of information and how it is accessed. Suggestions include secure servers and password implementation.
- Label confidential information. You’ve likely received an email marked privileged and confidential. The warning is alarming but most people do not read it. Also, warning or not, it doesn’t stop leaks.
- Get attorneys and other staff trained on security measures related to confidential material. Then enact policy, monitor and enforce adherence. Set up training for all staff.
- Finally, track vendors providing communication technology. Firms must ensure third-party vendors align with the legal, ethical and professional parameters placed on the attorney and firm.
The Problem With These Changes
In conclusion, the committee places tremendous onus on the firm and individual attorneys. But, most attorneys do not have the time, and some do not have the savvy, to put these safeguards into place. Furthermore, there is also the issue of not being able to assess risk.
Find Solutions With CRA
The experts at CRA use the latest cyber-security technologies. We ensure that your firm, and attorney email, are protected. First, Computer Resources of America assesses your current policies, practices and systems. Then we meet with you to outline how to get you in compliance. Trusting an outside company is a leap of faith, but does your law firm have technology experts? When you partner with CRA you gain a team of experts hence you keep your resources focused on professional expertise. Streamline your technology by partnering with Computer Resources of America therefore safeguarding attorney email and client communications.