Ways to Protect Electronically Stored and Transferred Information

Many law firms and solo practitioners have embraced electronic storage of client information because of productivity gains, enhanced efficiency, better recall and major time and money savings. Because of the drastic increase in electronically stored and transferred information, you need to be aware of the security risks regarding your data and how to best protect your clients' information.

You must limit physical access to your server, router and other hardware. A person with physical access to equipment can gain unauthorized entry to the stored information, thus compromising your client's confidentiality. You should limit access by setting authorizations, passwords and expirations.

It's also critical that your firm has a firewall for it's Internet connection. A firewall ensures all incoming and outgoing messages into the network are legitimate. A firewall can either be software or hardware based. Software firewalls are sufficient to protect an individual computer but law firms should have a hardware-based firewall to protect the entire network.

A password should be required not only when a laptop or mobile device is turned on but also when it's leaving the screen saver. If you have employees, make sure any devices they use for work require passwords as well.

When you email a sensitive document, you should password protect it. This is often an available feature in the document program itself, such as in Microsoft Word or Adobe Acrobat.

You should also think about encrypting your emails. You can use a third-party software program or a plugin for your web browser, which will integrate with your email service and prevent unwanted parties from viewing sensitive communications.

Metadata are hidden details in documents, which can contain confidential and sensitive information. You should take steps to reduce the risk of others having access to this information by turning off fast save features, deleting track changes in a document or converting files to PDF before sending to clients. It may benefit you to invest in a separate program that can delete metadata to protect confidential information.

To enhance your current security measures, you should secure your network, password protect your devices and documents and encrypt sensitive emails. By taking the right security measures, you protect your client's information from falling into the wrong hands.