Memorandum for Record

pullfarmInternet και Εφαρμογές Web

3 Νοε 2013 (πριν από 3 χρόνια και 10 μήνες)

84 εμφανίσεις

Pam Hesse



PAR115



Memorandum for Record

Going Paperless

A paperless office has many advantages and disadvantages. Specifically, the ethics
and confidentiality requirements for a law firm demand additional care when
transitioning to a paperless
operation. Below are some of the advantages and
disadvantages that should be considered:

Advantages
:



Space



Electronic files require significantly less space for both use and storage.



Efficiency



It is significantly easier to manage and retrieve contact
s, case
documents, time keeping and billing, and all other files electronically. Conflicts can
be checked thoroughly in seconds; bills can be automatically produced based on
electronic time keeping; and evidence can be manipulated, indexed, organized and
presented with completeness and efficiency.



Compatibility



Courts and law firms are increasingly using electronic discovery and
electronic filing. Complying with new protocols will require the use of electronic
methods.

Disadvantages
:



Cost



Any money sa
ved by reducing storage space
and secretarial personnel
will need to be invested in hardware, software, service providers, training,
and
Information Technology personnel.

2




Security



In an effort to provide security and confidentiality to our clients,
systems and protocols must be put in place to ensure that sensitive information is
not transmitted improperly. In addition, client and case information needs to be
protected from equi
pment failure, hacking,
viruses
and intercepti
on.



Ethics



Note that the ABA considers using technology appropriately to be an
ethical concern. “
The duty of competence (ABA Model Rule of Professional
Conduct 1.1) requires lawyers to know what technology i
s necessary and how to
use it. It also requires lawyers who lack the necessary technical competence to
consult with others who have it. And the duty of confidentiality (ABA Model Rule
1.6) is, of course, one of a lawyer’s most important ethical responsibil
ities. That
duty extends to lawyers’ use of technology, too.


http://www.americanbar.org/publications/law_practice_home/
law_practice_archiv
e/lpm_magazine_articles_v35_is2_pg45.html

Determining the level and sophistication of security measures required is a
matter of professional ethics. Minimal security measures may be less expensive,
but not offer the protection our clien
ts expect. Maximum security measures may
be cost prohibitive and be much more than necessary to provide reasonable
protection.

The latest trend for
offices is cloud computing which offers a few additional
confidentiality and ethical concerns as described

by the ABA
Request for Comment:
Issues Paper Concerning Client Confidentiality and Lawyers’ Use of Technology
.

3


http://www.americanbar.org/content/dam/aba/migrated/ethics2020/pdfs/clientconfidentia
lity_issuespaper.authcheckdam.pdf

These include:



U
nauthorized access to confidential client information by a vendor’s employees
(or sub
-
contractors) or by outside parties
(e.g., hackers) via the Internet



T
he storage of information on servers in countries with fewer legal protections for
electronically stored information



A

vendor’s failure to back up data adequately



U
nclear policies regarding ownership of stored data



T
he

ability to access the data using easily accessible software in the event that
the lawyer terminates the relationship with the cloud computing provider or the
provider changes businesses or goes out of business



T
he provider’s procedures for responding to
(or when appropriate, resisting)
government requests for access to information



P
olicies for notifying customers of security breaches



P
olicies for data destruction when a lawyer no longer wants the relevant data
available or transferring the data if a cli
ent switches law firms



I
nsufficient data encryption



T
he extent to which lawyers need to obtain client consent before


The advantages of going paperless are compelling. In addition, given the current legal
environment, going paperless is virtually required. Therefore, our focus should be on
mitigating the disadvantages. Below is a list of remedies
suggested by the
Law Practice
4


acticle,
A TECHNO
-
ETHICS CHECKLIST
-

Basics for Being Safe, Not Sorry
, by

Erik
Mazzone and David Ri
es
.


Remedies

For Personal Computers



Install and use security software

including antivirus programs, spyware protection
and a firewall application

and keep them current with automatic updates.



Promptly install patches for your operating system and all app
lications.



Use care when opening embedded links and e
-
mail attachments.



Be sure your anti
-
malware software scans the latter before you open them.



Religiously back up important data and files.



Use strong passwords, passphrases or other authentication.



Use caution when downloading and installing programs.



Install and use a hardware firewall.



Install and use a file encryption program.



Configure the operating system, Internet browser and other software in a secure
manner.



Before disposal or reuse of co
mputers and other storage media, securely erase the
information on them using data
-
wiping software (such as Data Eraser or PGP Wipe).
Deleting files or reformatting drives is not sufficient.



Additional security measures are necessary for networks,
including measures for
secure network design, strong access controls and data segmentation. Wireless
networks require particular attention, including use of current technology and secure
configuration. Consult your IT professional for these.

5



For Portable
Devices




Don’t store unnecessary confidential information on your laptop or portable devices.



Use strong authentication, preferably two
-
factor.



Encrypt all sensitive data.



Never leave access numbers, passwords or security devices in your carrying case o
r
with your mobile device.



Consider using a tracking
-
and
-
wiping program. This software will automatically
transmit the location of your laptop or other device if it is lost or stolen.



Provide for physical security of your equipment at all points of trave
l.


For Cloud Computing




Read the user or license agreement terms in detail.



Determine who will “own” the data, you or the service provider.



Determine who, besides you, will have access to the data.



Find out how you retrieve your data and what happens t
o the data hosted by the
service provider if you terminate the service.



Examine the provider’s physical and electronic security and confidentiality policies.


Finally, protocols within our firm need to be established to ensure that all of our
employees a
re protecting case and client information to the maximum extent possible.
These protocols should include email, document transmission, and document
formatting.

6


Email procedures should include what kind of information we will allow to be transmitted
via em
ail versus what information must be delivered in person. In addition, emails must
contain a confidentiality statement

and all email addresses should be tested before
being used for the transmission of sensitive information.

Document transmission procedures should include scrubbing sensitive metadata that
may be used to determine who, when, and where a document was created or modified.
Note that the ABA Ethics Opinion allows counsel to view and use metadata that is sent
to th
em and that ethical actions include scrubbing metadata from documents before
transmission.
http://www.abanow
.org/2006/11/lawyers
-
receiving
-
electronic
-
documents
-
are
-
free
-
to
-
examine
-
hidden
-
metadata
-
aba
-
ethics
-
opinion/

In addition, documents
should be scrubbed of any “track changes” data that could show our strategy or thought
processes.

Lastly, all documents that

are transmitted should be saved in a PDF format such that
the document can be viewed but not altered. This will help to provide a secure chain of
custody for each piece of documentary evidence.