The BYOD Policy Clients will Hire you for

Due diligence is at the core of a lawyer’s daily activities and responsibilities, and clients are aware of this.

Yet attorney-client privilege has been increasingly threatened, and legitimately jeopardized by law firms failing to integrate the right measures to protect their clients – namely by mishandling confidential data, using unsecured technology, and not having a firm-wide BYOD policy to deal with this.

Hackers aren’t the only ones to blame. Just like leaving a client’s confidential file on the seat of a busy train, letting it pass through the hands of strangers for anyone to exploit is exactly what happens when you work with a client’s information on an unsecured personal mobile device, or use unsecured servers and networks.

All Hands In

42% of law firms (2015 ABA Legal Tech Surveysay that their technology has been infected with some form of virus, spyware, malware, with this mostly occurring in firms of 10- 49 staff (52%). Regardless of firm size, it only takes one weak link to jeopardize the security of an entire team. Universal participation and compliance is essential.

Identify limitations, permissible use, and deal breakers.

It’s essential to remember that the purpose of a BYOD policy is for security, and not employee monitoring. It should in no way be intrusive and overbearing – but practical and easy to enforce. If you’ve got past the first step and have the universal buy-in of team members, this should be inherent.

  • Encourage employees to set up separate personal and professional logins on their devices
  • Be vigilant in using unsecured internet access to process client information
  • Draw the line on a few extremely clear boundaries, such as banning downloads from suspect sites to devices on which client PII is stored

Start with the basics

Although only a shocking 31% of respondents to the 2015 ABA Legal Tech Survey had an employee privacy policy enacted, 75% of those included an employee technology use policy. The onus is there, and requirements for implementation inevitable – there’s some simple things to include as you start.

  • Set up phone and laptop encryption, stronger passwords, and Google two-factor authentication
  • Separate personal and professional accounts on different devices
  • Frequently back up data stored on devices to your Clio, Dropbox or other cloud-computing account
  • Create a data loss / theft reporting protocol
  • Allow only use of secure servers – especially in countries vulnerable to hackers e.g. China, Russia.

Set a standard, and maintain it

The standard of practices for modern lawyers can typically be measured by California Rule of Professional Conduct 3-100  “It is the duty of an attorney to do all of the following:

(e)(1) To maintain inviolate the confidence, and at every peril to himself to preserve the secrets, of his or her client”. How technologically dependent will lawyers become to comply with this standard? This will largely depend on the ability of the firms to ensure compliance with protecting client information. Yet as a starting point:

  • Ensure your employee signs the BYOD policy at time of employment along with other contractual agreements
  • Ensure your employee has a full understanding of what it entails, how they can abide by it, and provide any additional information and technical assistance
  • Nominate a Chief Information Security Officer to oversee compliance
  • Frequently review processes for accessing, and maintaining client information, and how to securely dispose of files after the closing of a case

It is always going to be difficult to gauge how vulnerable you, your devices, or your firm are at any given time. You’re a lawyer, not an IT professional, and may not even be aware you’ve been hacked until you feel the repercussions! Take the appropriate steps to be in compliance with the legal ethics and security standards that ensure attorney-client confidentiality and secure the success of your legal practice.

Categorized in: Technology

Law firm technology is changing

With the right tools, your firm can run efficiently so you can focus on what matters most. Learn more in our free guide, Why Law Firms Are Moving to the Cloud

Get the Guide