Secure Email for Attorneys: Protecting Client Communications

By Mary Elizabeth Hammond

As technology has grown, so has the threat to data security. The American Bar Association (ABA) states, “Technology changes and the law must follow.” 

Like most of us, attorneys conduct a fair amount of business via email. Emails  or letters to clients and partners often contain sensitive information, and without proper security measures in place, attorneys risk confidentiality. Several state bar associations explain that attorneys who don’t take reasonable steps to protect client data risk facing ethical sanctions and potentially losing their license. This overview highlights why attorneys need the most secure emails and methods for protecting sensitive information. 

Can Lawyers Use Regular Emails Like Gmail?

Gmail offers some of the most up-to-date security measures to protect sensitive information that is sent and received. As a security protocol, Gmail uses Transport Layer Security (TLS) to encrypt emails. However, a TLS connection requires both the sender and the recipient to use TLS. Thankfully, most email providers including Yahoo! Mail and Microsoft Outlook offer TLS to ensure 100% encryption. For paid Gmail accounts, Secure/Multipurpose Internet Mail Extensions (S/MIME) is used for an even higher level of encryption than TLS. With S/MIME, the message is encrypted rather than the channel; however, the sender and recipient need S/MIME in order for the message to be successfully sent. 

As alternatives, there are several tools described further down this article that also ensure secure client communication.

Why Do Attorneys Need a Secure Email?

Secure email for attorneys is essential for protecting confidential emails that contain client and company information. Private information is easily compromised, stolen, or leaked without safety measures. Attorneys also need email security to meet regulatory compliance standards established to protect patient and client privacy, including the Health Insurance Portability and Accountability Act (HIPAA) or the Gramm Leach Bliley Act (GLBA). 

The American Bar Association (ABA) states that attorneys have an ethical duty to take “competent and reasonable measures” to safeguard client information and contractual commitments to protect confidential information. 

Without safeguards in place, email communications can easily compromise client confidentiality. Whether it’s due to a phishing scam, data leak, a legal professional sending out information to the wrong client, or simply someone accidentally pressing “reply all” on an email with sensitive information—email conduct can have serious repercussions. In the ABA Model Rules of Professional Conduct, Rule 1.6 states that a lawyer “shall not reveal information relating to the representation of the client unless the client gives consent.”

How Can I Ensure My Client Communications are Protected?


There are several ways to safeguard client communications. First, the most secure emails are protected with reliable encryption. According to an ABA-sponsored webinar on legal encryption, most attorneys will need to use encryption during their careers to protect confidential information. 

Make sure you rely on the most secure email encryption and that there are no caveats. Don’t use standard email platforms like Gmail for sensitive information unless you know that you and the recipient have TLS. 

A dedicated server hosted only for your business email is one of the safest ways to protect confidential emails. As a safety measure, you can also disable POP/IMAP access on your email accounts. POP/IMAP capabilities allow you to sync your email on your phone and other devices by saving your passwords, but it also leaves you vulnerable to cybercriminals. If you need to sync multiple devices to your email and don’t want to disable this service, relying on multi-factor authentication can help combat potential threats. 

In addition, out-of-date servers can lead to holes in your security protocols. Regularly updating your firm’s software will help to protect your communication from potential vulnerabilities. 

Secure Client Communication Alternatives 

If you’d like to bypass email servers altogether, there are other (more secure) ways to communicate with clients. A specialized client communication portal will provide additional protection and security that aren’t built into typical email servers. This enables attorneys to securely communicate and share private information with clients in an all-in-one platform. 

These accessible client portals have secure built-in text messaging for fast communication. Lawyers work in a fast-paced environment and often juggle multiple cases at once—replying to clients promptly can be tricky. Built-in text messaging is an easy way to answer quick questions and give clients rapid responses without sharing your personal information or risking security. Texting within the client portal also keeps all communications in one place, allowing lawyers to see exactly what has been shared with clients. 

A good client portal will also integrate with the apps you use daily, such as Google Calendar, MailChimp, Dropbox, and more. Using these apps within the client portal is convenient and secure—with all your needed communication tools in one place. 

Simplify and Secure Client Communication with MyCase

Legal professionals looking for the best email security, email management for lawyers, and a secure client portal can rely on MyCase. With the MyCase client communication platform, your firm’s communication will not only be more secure but also much simpler as well as providing better customer service. Secure email for attorneys, managing leads, viewing case insights, and running your firm are all easier with a platform like MyCase. Also learn tips such as how to lead client interviews, how to write a legal cover letter, get more leads, improve profits, and improve your client management skills.

Ready to simplify and secure your client communications? Try the MyCase risk-free 10-day free trial