The American Bar Association (ABA) in the United States first addressed in 1999 and recently updated on May 11, 2017 guidance on protecting confidential client communications. The ABA declined to specify any particular steps lawyers should take but outlined a set of considerations lawyers might use to make their assessment:
“A lawyer generally may transmit information relating to the representation of a client over the internet without violating the Model Rules of Professional Conduct where the lawyer has undertaken reasonable efforts to prevent inadvertent or unauthorized access. However, a lawyer may be required to take special security precautions to protect against the inadvertent or unauthorized disclosure of client information when required by an agreement with the client or by law, or when the nature of the information requires a higher degree of security.”
The best approach to securing a client’s personal or company information is to encrypt all communications, data, and files so that any breach of a Lawyer’s business, storage devices, end-user devices, or during electronic exchanges with the client is protected from unauthorized access. That sounds easy except the process of encrypting files or even utilizing an application’s password protection requires human involvement which can lead to errors. For example, reusing passwords, using simple passwords, sharing passwords in the clear, forgetting to protect data, or more commonly bypassing the process because of the extra steps and time required.
Deploying Bonafeyed’s data protection platform within a legal practice can ensure communications between counsel and their clients remain secured and private even when breached by cyber criminals or even internal non-authorized users. Bonafeyed uses 800-bit Stream Cipher technology to stop infiltrators or prying eyes in their tracks.
Bonafeyed’s Data Security Technology can be deployed by a Firm in minutes. Clients perform a simple 2-factor authorization from Bonafeyed’s Cy4Secure Security Arbiter Cloud Service which validates recipients and allows access to protected data. Most important is that each data communication can be independently encrypted/protected. No two data files or elements are required to share the same encryption key. When encrypted data is lost, stolen, abandoned or forgotten, it remains protected and becomes permanently inaccessible once keys are deleted or retired ensuring Lawyers and their firms exceed ABA’s consideration of client privacy.