The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/624538
PEER TO PEER: THE QUARTERLY MAGA ZINE OF ILTA 22 ASK THE VENDOR A WELL-EXECUTED RETENTION POLICY name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ted Matey company . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . InOutsource website . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .www.inoutsource.com The simplest way for a law firm to secure clients' data is with a well-executed retention policy. This helps you ensure files required to support your clients' needs are maintained, but only as long as the data are needed. In engagement letters with clients, define a period of time the firm will maintain files for a particular matter after its closure. Extend file disposition to both physical and electronic client files. Return any client-provided original documentation immediately after the conclusion of a matter. Holding on to client files for longer than needed creates information security risks, exposes the firm to potential conflicts or ethical wall issues, and increases the scope of potentially discoverable information should they be subpoenaed. What's a low-cost (or no-cost) step all law f irms should take to secure their clients' data? TRAINING STAFF name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Joe Kelly company . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Legal Workspace website . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . legal-workspace.com Train staff on how to use good cyber-related safety habits, such as password managers, limiting the use of public Wi-Fi spots and understanding how to spot potentially malicious email messages. All users should be running antivirus and malware protection, and their desktop and laptop drives should be encrypted. You should also use two-factor authentication for mobile users and have a mobile device management system in place to manage smartphones and tablets, so they can be wiped remotely if a device is stolen or lost. EDUCATING CLIENTS name . . . . . . . . . . . . . . . . . . . . . . . Helen Geib company . . . . . . . . . . . . . . . . . . . . QDiscovery website . . . . . . . . . . . . www.qdiscovery.com Safeguarding clients' confidential data starts with the client. Lawyers need to educate themselves and their clients on the fundamentals of secure data transfer and enforce compliance with security procedures.