When you hire a lawyer, you get a lot you may not realize. You have – or at least should have – just hired a person who will abandon their Ferrari to get to your hearing on time. You have – or should have – just hired someone who does everything in their power not to let anything get in the way of representing you. But the flip-side of that is that you’re putting your faith in your lawyer’s choices. Some of those choices are obvious things like how they’re going to approach your case – those your lawyer should be discussing with you, and if he or she didn’t, you’d probably notice. Some, though, you’re likely never even to stop and really think about, even though they’re very important. Today, we invite you to think about your lawyer’s security when it comes to how he or she stores or uses your case file, including your personal information. Law firms are targets, and they’re too often not hard ones to breach.
If you were to break into the average lawyer’s office tonight, what would you find? The odds are that you’d have unfettered access to the paper copies of many hundreds or even thousands of cases. They’d likely contain very sensitive information – anything from Social Security numbers to confidential memos to tax returns to notes on privileged conversations. You could copy them, walk off with them, destroy them, or alter them. Perhaps even worse, many law firms’s security protocols are so lousy that, if you were to sit down at a computer, it could be unlocked and you’d have access to all of the office’s electronic data. And for many law offices, it wouldn’t even take breaking into their actual office: many firms don’t have strong electronic security protocols and have their own servers on-site, often poorly maintained and with out-of-date software which make them vulnerable to being hacked. Further, many lawyers don’t digitize their full client files, or if they do, they don’t back them up adequately – meaning that if, say, their law office burned down, information in their files would be gone for good.
Our commitment to securing your information is one of the many things that set us apart from other lawyers. We use strong physical and technical safeguards for our clients’ information. While for obvious reasons we don’t discuss on the internet our physical security safeguards, consider what client information you could access if you did manage to break into our office. The answer is that there wouldn’t be much. We are almost completely paperless – on an average day, we have only a few sheets of paper regarding our clients’s cases in our office, with everything else digitized. Our technical safeguards, meanwhile, are state-of-the-art. Our data storage provider uses strong encryption both in motion and at rest and our files are regularly backed up onto a different, off-site system (also with strong security). We require strong passwords and multi-factor authentication to access client data. Our mobile devices that can access client information are similarly protected. Our systems are such that, if our office burned down today, we’d be able to continue our work with little to no interruption. And we have administrative safeguards as well – policies that ensure that we maintain our ability to prevent improper access to our data and to respond to it.
Providing great legal services to our clients doesn’t start with the decisions we make about their cases. It starts with the systems we have in place to allow us to do our best work by focusing on our clients and allowing our clients to have confidence in us.