From Clio, January, 2017:
In April 2016, a lawsuit was filed claiming one Chicago-based law firm had failed to protect confidential client information.
The suit didn’t accuse lawyers at the firm of inadvertently sharing client information. In fact, according to The American Lawyer, “[t]he complaint makes no claim that data was stolen or used against clients.” The claim solely focuses on the fact that lax data security could have put client information at risk.
Talk about an eye-opener, for lawyers and others (such as private investigators) who retain confidential information during the normal course of business. And, it could be inadvertent actions – usually online – that can cause these security breaches.
Client confidentiality in the age of social media:
Consider the amount of information that gets shared on social media:
- Facebook users send 31.25 million messages per minute
- Twitter users send nearly 350,000 tweets per minute
- Instagram users post almost 50,000 photos each minute
If you’re a lawyer, you need to take extra care when using social media. There are plenty of ways your tweets or posts could inadvertently breach client confidentiality.
For example, if you use Swarm to check in at Starbucks during a client meeting, you could inadvertently disclose your client’s location as well. This may be an issue if your client wishes to remain anonymous, or if they don’t want it to be known that they have legal representation.
Photos can also be a problem. You should be more aware than lawyer and politician Kris Kobach, who accidentally revealed notes on proposed immigration policy in a photo with Donald Trump. You should always be extremely aware of what might be in the eye of a camera lens. Your son could take an impromptu photo while you’re catching up on some work at the dining room table; if there’s any sensitive information is visible in the image, you need to make sure that photo doesn’t get posted online (and does get deleted from his device).
Steps lawyers need to take on social media
Does this mean you need to stop using social media? No. But you do need to reconcile the practice of sharing information online with the need to keep client information confidential.
Here are a few things you can do to ensure you’re protecting client information:
- Go private on Facebook. This is a simple step for all lawyers (and for anyone using Facebook, for that matter). Go to “Settings,”, then “Privacy,” and set all of the visibility options so that only “Friends” can see your profile. If you want to market your law firm on Facebook, set up a separate Facebook page—and be extra mindful of the information you’re sharing on it.
- Use two-factor authentication. Using two-factor authentication to protect your online accounts is one of the most effective steps you can take to protect client information.
- Don’t use live mic technology. Someone’s always listening. Amazon hasn’t given up user data in this now-infamous murder case from late 2016 (so far), but that doesn’t mean you should put client information at risk by keeping an Echo or an equivalent device inside your office. And definitely ensure that no one in your office is walking around with a live mic device.
In short, you want to do everything you can to prevent unauthorized access to client information. In 2017, that means a lot more than just shutting the door each time you meet with your clients.
BNI Operatives; situationally aware.
As always, be safe.