Keeping client confidences secure in the digital age is not always easy, but it certainly is necessary. It seems like there’s always some new technology tool or gadget that lawyers are told they “have to” learn. This program covers how to ethically use today’s technology and what emerging tools are important for lawyers to consider.

1. How To Ethically Use Technology
in Your Practice
#LawyersUsingTech

2. 2

3. 3

4. 4

5. About our presenter
Presenter
‣ Practice Management Advisor for
Oklahoma Bar Association
‣ Blogs at Jim Calloway’s Law Practice
Tips
http://www.lawpracticetipsblog.com
‣ Practice Management Advice
columnist in Law Practice Magazine
‣ Digital Edge podcast
http://legaltalknetwork.com/
podcasts/digital-edge/
5

6. The Wall Street Journal says
“Every business is a
technology business.”
6

7. http://bit.ly/2jiQeIz!
I wrote about this in ABA’s Law
Practice Magazine

8. Despite many lawyer’s antipathy toward
technology tools, you have no choice but to
use today’s business tools.
8

9. 9

10. 10
Delivery of legal
services today
is undergoing
many changes!

11. 11

12. The Benefits and Risks of
Relevant Technology
12

13. Poll Question #1
Has your state amended the Rules of Professional Conduct
to add the comment on the risks and benefits of relevant technology?
1. Yes
2. No
3. I should know that, but I don’t.
4. I could care less.
13

14. Protecting Confidential
Information
ABA Model Rule 1.6(c) A lawyer shall make reasonable
efforts to prevent the inadvertent or unauthorized
disclosure of, or unauthorized access to, information
relating to the representation of a client.
14
http://bit.ly/ABARule1_6 !
(Added in 2012. Adopted by about
50% of states.)

15. Security in the Cloud
15

16. What “The Cloud” Really Is!
!16

17. Cloud Computing!
"Cloud computing is a fancy way of
saying stuff's not on your computer. It's on
a company's server, or many servers,
possibly all over the world. Your computer
becomes just a way of getting to your
stuff. Your computer is an interface, but
not where the magic happens.!
"Byte Rights" by Quinn Norton,!
Maximum PC, Sept. 2010!
17

18. “Ethics up in the Clouds” 81 Oklahoma Bar Journal 2407
(11/6/2010) by OBA Ethics Counsel Travis Pickens!
Cloud Computing!
“Cloud computing does introduce a heightened risk, at
least in theory, in the sense that it outsources all, or
nearly all, of a lawyer’s data to an off-site location....!
“But rock-solid certainty is not required. Significantly,
in the few ethics opinions that have addressed it, the
consensus appears to be that the law firm is not
required to guarantee that the system will be
invulnerable to unauthorized access.!
18

19. Big Picture Requirements
• Stay up to date
• Actually read the Terms of Service (TOS)
• Know what you don’t know
• Lawyer should periodically review vendor’s security
measures
• Special circumstances warrant special precautions
19

20. My Personal Thoughts
• Your security risk is any connection to the Internet.
• Paid business-grade cloud vendors have security
experts and engineers on staff, which only the very
largest law firms can have.
• So using a properly-vetted vendor to secure
confidential information can be viewed as
“outsourcing” security to those more qualified and
responsive.20

21. Cloud Ethics Opinions Around the U.S.
http://bit.ly/2kJwkcW
21

22. Practice Management Software in
The Cloud
There are many benefits to using these
tools- for the lawyer and for the client. The
majority of small firm PM tools are hosted
in the cloud.
22

23. Digital Client Files (aka Paperless) are
now the standard for efficient
operations.
23

24. The Benefits of Digital Client Files
• Ease of access to files and documents remotely. Saves time,
which saves clients money.
• Savings on document storage costs.
• Reduced postage and paper expense by sharing documents
with clients digitally.
• Protection of client files in the case of a disaster such as flood
or fire.
• 7/24 access to every document in every open client file from
any location
Minnesota Lawyers Mutual, The Basics of Client Files and
Paperless Systems Opening, Closing, Documentation and
Ticklers A Malpractice Insurance Company’s Perspective (Rev.
2015) http://bit.ly/MutualPaperless !

25. Safe client files
“come Hell or high water”
25
What if this was your office
loca<on?

26. Social media is fun, but posting
online about clients is dangerous
26

27. Think before you post
27

28. 28

29. Social media is fun, but posting
online about clients is dangerous
• Don’t trust any privacy or security settings. Your
friends can share any post with the entire world.
• If you want to share, get client’s permission (in
writing)
• In the Internet Age, even disguising client’s name or
details can still give clues to be researched by others
and disclose confidences.
29

30. No lawyer can afford to be ignorant about
how social media operates
• Business clients need social media policies and advice. Great
business opportunity for lawyers.
• Family law contested proceedings now routinely include admission
of social media evidence.
• Soon social media evidence will be a common part of many types of
trials
30

31. Email - Love it or hate it
99% of us use email every day.
31

32. Poll Question #2
Do you use email encryption in your law practice?
1. Yes
2. No
3. I don’t have the tools
4. I have the tools but don’t do this.
32

33. Surely after last year, you
appreciate that unencrypted
email is not secure.
33

34. Why Encryption?
Unencrypted e-mails (including attachments)
go across the Internet as plain text- complete
lack of confidentiality or security.
34

35. If you are using Gmail for client
communications (and you haven't done this),
sign up for a more secure business account at
https://gsuite.google.com/pricing.html. Now
they are calling it GSuite. The cost is $5-$10
per month. Lots of features.
35
No more free Gmail for business communications!

36. Encryption of Email
Read this opinion on email confidentiality !
http://bit.ly/TXOpinion648!

37. 37

38. Do it yourself Encryption:
Password protect a Word document or PDF
file and give the recipient the password over
the telephone.
38

39. Encryption
39
Interesting read on encryption -
http://bit.ly/2kPkkWQ!
(Note: Tor Browser is for experts only.)!

40. Citrix ShareFile
• Send large attachments as a link in your email;
• Handy Outlook plug-in tool
• Require a sign in and get notifications;
• Offers a data room package;
• Access files securely from any internet enabled
device.
• www.sharefile.com
40

41. Client portals within practice
management software
• Great client service and secure method of
communication.
• Operates within the tool you are using all day
anyway.
41

42. Poll Question #3
Do you use a client portal to share information
with clients in your law practice?
1. Yes
2. No
3. I don’t have the tools
4. I have the tools but don’t do this.
42

43. Passwords
43

44. Worst Passwords of 2014
According to SplashData
44
123321
666666
7777777
1q2w3e4r
654321
555555
3rjs1la7qe
google
1q2w3e4r5t
123qwe
zxcvbnm
1q2w3e

45. 45
You simply must use a password manager

46. My Mother’s Maiden Name is
XK37B_PWRD!, What’s Yours?

47. For additional security, use
Two-Factor Authentication
• Something you know
(Password or PIN)
• Something you have
(Phone, keychain dongle)
• Something you are
(Fingerprint, retina scan)
47

48. 48
Free Wi-Fi is too expensive!

50. ¡ Breaches normally aren’t hacking into your firm’s
data from outside. Most breaches are:
§ Someone clicking an email attachment
§ Visiting a website with drive-by malware
§ Attaching a compromised device
§ Being taken in by a phone call from Microsoft
or “the IT Department”

51. • At least twice per year
• Brief training for all new hires
• Have recent examples of new exploits
• Some vendors have testing services that
let you phish your own employees!

54. ¡ If you have not planned well in advance, you are probably
stuck paying the ransom and the funding criminals.
¡ To recover quickly, you likely need a mirror image of the
workstation plus a current data backup. Then reload the
software and settings on computer before restoring the
data.
¡ Complete backup is expensive in the cloud (e.g. all of the
OS) and data will only be current to last backup.

55. ¡ Implement your Incident Response Plan (which means
you need to have one.)
¡ What steps & who needs to be contacted
¡ Include contact info for digital forensics technologists
¡ Get legal advice on your notification duties
¡ Notify insurance carrier
¡ Great opportunity for lawyers to help clients prepare
IRP’s.

56. http://bit.ly/2jZferF

57. Plan for more automation
in the immediate future.
57
http://bit.ly/2kjMhTy!

58. Automated document assembly
should be an automation priority.

59. Your Document Czar
ü Create templates for others
to use!
ü Continuous training
opportunities!
ü Standardize document
creation and storage!
ü Implement automated
document assembly !
ü Work with management on
fees & billing implications of
automating document
creation!
59

60. Released in January 2016
60

61. 61
Visit my blog and subscribe !
www.lawpracticetipsblog.com!

62. Presenter contact info
www.lawpracticetipsblog.com!
MyCase
www.MyCase.com
support@mycase.com
800-571-8062
Contact Us
62