The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/1025033
10 PEER TO PEER: THE QUARTERLY MAGAZINE OF ILTA | SUMMER 2018 BEST PRACTICES Veing New Technology? Ask the Provider These Eight Questions Question #6: Are You HIPAA Compliant? Any firm that handles personally identifiable information such as Social Security numbers, names or addresses requires exceptionally stringent levels of data security. While HIPAA compliance is associated with healthcare, its levels of protection work well across all industries. By ensuring that your cloud provider is HIPAA compliant you can feel secure that your data will be protected regardless of aorneys' current or future practice areas. Question #7: What Security Measures Do You Offer? Data security is usually a major concern when moving servers outside the firm's walls. Your vendor should be able to offer multiple standard and accelerated levels of security. These include: » Multi-factor authentication. » Certifications. » Data centers that surpass HIPAA, PCI, ISO 27001, CIS 20, NIST and FISMA compliance standards so your firm can pass third-party audits and document compliance. » Proactive security monitoring. » 100% redundancy. » Administrative training and policies for data center personnel. Question #8: Is Your Support Based in the United States? Many technology companies outsource support to companies outside the U.S. in an aempt to save money. While cost-conscious law firms can appreciate this strategy, it also presents concerns. Since the provider is building your cloud environment, it is helpful to have support in your time zone, or at least close to your time zone. This is especially important when you have time-sensitive requests or emergencies that need to be escalated quickly. And as Microso and others have learned, you do not want to encounter any complications about where your data is hosted if you need to access your information or relocate it. Conclusion You and your law firm do not want to miss out on the latest hardware and soware advancements, and your clients do not want to deal with lawyers who are stuck in the past and unwilling to embrace new technology like the cloud. However, laws, regulations and security measures have not always caught up. In order to keep client data safe and easily accessible, you need to ask many questions and make sure your cloud provider can answer all of them thoroughly. P2P