Data and document security is a major concern for lawyers, which is why legal transcription outsourcing companies go to great lengths to safeguard the sensitive legal files they handle. The recent global ransomware attacks made organizations across the globe, including law firms, realize how vulnerable they are to cyber threats. In fact, according to the revised Formal Opinion 477 released by the ABA Standing Committee on Ethics and Professional Responsibility in May this year, lawyers are required to make reasonable efforts to ensure that communications with their clients are secure and not subject to inadvertent or unauthorized cybersecurity breaches.
In the 1999 Opinion, the committee had expressed that unencrypted email was acceptable because lawyers have a reasonable expectation of privacy in all forms of email communications. However, today, lawyers rely on smartphones, tablet devices and cloud storage to manage much of their tasks. Therefore, the new opinion explains: “Each device and each storage location offer an opportunity for the inadvertent or unauthorized disclosure of information relating to the representation, and thus implicate a lawyer’s ethical duties.”
A lawyer’s ethical responsibilities include competency, confidentiality, and communication. According to Rule 1.1 of the Model Rules of Professional Conduct, one basic principle of a lawyer’s ethical obligations to his or her client is that the lawyer must provide “competent representation” or “legal knowledge, skill, thoroughness and preparation reasonably necessary for the representation.” According to an article in the National Law Review, the requirement for competent representation covers everything from keeping “abreast of changes” to “benefits and risks associated with relevant technology.”
The committee notes that while unencrypted email is acceptable when lawyers communicate routinely with clients, they must take “greater effort” to ensure secure communication when dealing with highly sensitive industries such as industrial designs, mergers and acquisitions of trade secrets and industries like healthcare, banking, defense or education. All of these are vulnerable to cyber threats and higher risk of date theft.
The committee recommended that lawyers undergo a “fact-based analysis” that involves evaluating various factors to determine the level of security that needs to be assigned to their communications:
- The nature of the threat and the extent of cyber security risk
- The manner in which client data is created, transmitted and stored
- Reasonable electronic security measures and their use
- Additional safeguards needed to protect electronic communications
- The need to mark client information as privileged and confidential
- The need to train lawyers and non-lawyer assistants in technology and cyber security
- The need to conduct due diligence on vendors who provide technology services
Legal transcription services are a good example of an area with high potential for security breach. Legal entities rely on transcription companies to convert audio recordings of court proceedings, depositions, meetings, pleadings, and other events into accurate records. Unless lawyers take care to outsource the work to a reliable legal transcription service company, they risk compromising the confidentiality of their sensitive files.
With a trustworthy legal transcription company, lawyers can choose from various options for file transfer such as browser-based drop box, secure FTP, 256 bit encryption technology, and more. They have stringent security measures to protect the confidential data they handle. Employees are trained and monitored on privacy, security, and confidentiality, and computers are password protected and equipped with strong firewall protection. Hard copies of client documents are shredded on site. Facilities where transcription is performed have round-the-clock security services. Such services are crucial as lawyers strive to protect client confidentiality in electronic communications.