In a recent post, MASS LOMAP’s senior law practice management advisor Jared Correia shared the ABCs of encryption. Whether you’re securing one document at a time or an entire collection, be sure to check out his recommendations. Another excellent resource is Email Encryption for Everyone by Catherine Reach.
While Oregon practitioners are not required to comply with data protection statutes, encryption is an essential best practice when it comes to the cloud. And perhaps in a few other contexts when the situation warrants:
Although use of electronic communications is not a per se violation of the duty of confidentiality, special precautions may be necessary in particular circumstances. For example, if information is particularly sensitive or subject to a confidentiality agreement, a lawyer may need to implement special security measures. Also, if a client requests it, a lawyer may be required to avoid, or be allowed to use, a particular type of electronic communication notwithstanding expectations of privacy in the communication method. Helen Hierschbiel, “Odds & Ends: Safeguarding Client Information in a Digital World,” Oregon State Bar Bulletin [July 2010]. Also See Melody Finnemore, “The Data Dilemma: Law Firms Strive to Strengthen E-Security as Potential Threats Continue to Rise,” Oregon State Bar Bulletin [October 2012] and the companion sidebar by John W. Simek and Sharon D. Nelson, “E-Security Pros Offer 15 Tips to Help Law Firms Better Protect Sensitive Data.”
Fellow Oregon practice management advisor Sheila Blackford is working on an encryption article for In Brief, the official publication of the Professional Liability Fund. Keep an eye out in your mailbox and your inbox – the article is likely to appear late this year or in early 2014.
[Photo credit: The Lone Gunman/Conspiracy Hack]