Considerations When Using Email within the Legal
Industry
State and Federal regulations mandating privacy in the legal
field are constantly evolving. Complexity is increasing.
Regulations and risk exposure are always growing.
Attorneys and legal experts must take reasonable measures to
protect their client information. However, when sending
information via email, those risks can become more
widespread. As a result, the most reputable law firms have
adopted secure email sending practices in order to protect
their clients.
Additionally, when legal professionals work with clients in
various protected and sensitive industries, further
protections are warranted. With data privacy failures and
security breaches on the rise, law firms wisely institute
protections before an incident occurs.
When attorneys, paralegals, and others sending email use
secure encryption technologies, they are adopting a higher
standard of client protections and confidentiality, which
always reflects well on the law firm and suggests to the
client that their relationship security is valued.
One simply has to read the news to see that, unfortunately,
security breaches and identity theft are a common
occurrence. The most common way that security is compromised
is through insecure email transmission.
Thankfully, the American Bar Association has provided some
guidance on the matter. In their "Ethics Opinion 477, May
11, 2017 they address some of the issues. This opinion and
related information are addressed in the document titled
"Email Communications and Electronic Data: Considerations
for All Lawyers" By: Martin M. Shenkman, Esq. and Suzanne
Thau, Esq.
https://www.americanbar.org/content/dam/aba/publishing/rpte_ereport/2018/2-Spring/technology-email-and-ethics%20(002).pdf
Some findings and recommendations from their report are:
Healthcare regulations and regulatory authorities
involved in healthcare include:
- Rapidly evolving technology is changing the practice
of law, forcing legal practitioners to be aware of the
risks involved in electronic communications, both from a
cybersecurity and attorney-client privilege perspective
- Lawyers must take reasonable efforts to remain abreast
of technological developments and ensure that
communications with clients are secure and not subject
to inadvertent or unauthorized security breaches.
- It [the Ethics Opinion 477] is also leaves attorneys
vulnerable to claims that they have not taken adequate
measures to protect client information.
- An attorney must take reasonable steps to use secure
internet access methods whenever possible. Examples
provided in the Opinion include secure Wi-Fi, the use of
a Virtual Private Network, or another secure internet
portal, using unique complex passwords, changed
periodically, implementing firewalls and
anti-Malware/Anti- Spyware/Antivirus software on all
devices upon which client confidential information is
transmitted or stored. . . .Other available tools
include encryption of data that is physically stored on
a device and multi-factor authentication to access firm
systems.
- Secure VPN connections should be the norm, rather than
less secure, off the shelf remote platforms.
- If client information is of sufficient sensitivity, a
lawyer should encrypt the transmission and determine how
to do so to sufficiently protect it
- Certain popular document sharing services such as
Dropbox and Google Drive are not secure because they
don't encrypt documents when they are transmitted
- Practitioners have ethical duties to remain cognizant
of the risks and benefits of rapidly evolving
technology, and should take steps to ensure that
cybersecurity and attorney client privilege matters are
adequately addressed.
The Net Atlantic Solution
The Net Atlantic Secure Message Suite is the easiest way
available anywhere to provide secure encrypted email to your
law firm or organization. The solution works seamlessly with
Microsoft Exchange, Outlook 365, and Google G Suite to
provide the level of security that your clients expect.
Industry trade groups in the legal field include:
ABA:
The American Bar Association
AHLA:
American Health Lawyers Association
