The Importance of Secure Communication and Collaboration in 2021

Lawyers have an ethical obligation to preserve client confidentiality. For that reason, the need to protect client confidences has always been a top priority for lawyers. This means that when lawyers and their staff work remotely – a practice that has become commonplace due to the pandemic – it’s all the more imperative for lawyers to ensure that confidential client data is protected when communicating electronically.

Because so many lawyers and law firm staff have worked remotely over the past year – and many continue to do so – law firms have increasingly relied on online communication and collaboration tools when interacting with law firm clients. Of course, this newfound uptick in the use of electronic communication methods is necessarily impacted by the ethical obligations that lawyers have when it comes to preserving client confidentiality. That’s why it’s so important for law firm leaders to have a full understanding of cybersecurity issues and how they may affect their displaced workforces, especially since lawyers and other law firm employees will likely continue work remotely and communicate electronically for many more months to come. The good news is that that law firms have solid options when it comes to secure online communication.

Client portals: a more secure option than email

Since the mid-1990s, lawyers have communicated with clients via electronic means, and for many years email was an accepted way to interact with clients electronically. However, because email is inherently unsecure and is no different than sending a postcard written in pencil through the post office, it has begun to fall out of favor – both ethically and practically – as technology has improved.

That’s why ethics committees and cybersecurity security experts have increasingly recommended methods other than unencrypted email when communicating and collaborating with clients online. For example, in 2017, the American Bar Association Committee on Professional Ethics concluded in ABA Opinion 477R that due to “cyber-threats and (the fact that) the proliferation of electronic communications devices have changed the landscape…it is not always reasonable to rely on the use of unencrypted email.” Instead, the Committee recommended that for particularly sensitive matters lawyers should consider using encrypted communications including encrypted email and the encrypted client communication portals built into law practice management software.

Florida issues secure communication guide

More recently, the Florida Bar issued an updated secure communications guide that included recommendations relating to remote work during the pandemic. This comprehensive guide, “Best Practices for Professional Electronic Communication,” is 25 pages long and offers an in-depth overview of the issues that arise when lawyers communicate and collaborate with clients electronically. The types of electronic communications addressed in the guide include texting, email, social media, telephones and cellphones, laptops, and court appearances via videoconference.

Email is easily hacked

In the section devoted to secure electronic communication, the authors focused on the technology issues that lawyers need to keep in mind when communicating with clients when using unencrypted email. The authors emphasized how unsecure traditional email is and encouraged lawyers to find a more secure way of communicating with clients.

As they explained, the reason for this recommendation is that email is easily hacked. That’s why, according to the authors, if the situation should arise where a lawyer must use email, it’s important to scan each and every email that is received and sent: “Attachments may contain malicious software code. Use scanning software for both outbound and inbound emails.”

Email is inherently risky

Another important factor that was emphasized in the guide was the need for lawyers to ensure technology competence when using email. Because technology competence is now a requirement in most jurisdictions, lawyers must understand that an important part of that duty is to ensure that they fully understand the risks associated with using any type of technology, including email.

That’s why, according to the authors, lawyers must take steps to preserve confidentiality when using email to communicate with clients, and part of that obligation includes a full understanding of the risks of using unencrypted email when sharing confidential information: “(I)f you use email as form of confidential communication, you should know the risks and be familiar with the options of sending secure/encrypted messages.”

Emails can be easily intercepted

The authors also addressed the likelihood of interference from bad actors when using email. They cautioned that because email is inherently unsecure, it can be easily intercepted. Fortunately, as they explained, one way to mitigate that risk is to use an encrypted email service.

Of course, email encryption technology often requires the assistance of an IT expert with the ability to set up this type of system – something that can oftentimes be a complex endeavor. Nevertheless, as they explained, for some law firms, encrypted email can be a viable option: “There is always a chance that your email may be intercepted. Many of these risks are mitigated if not entirely eradicated when using an encrypted email service.”

Related: [Blog Post] Cybersecurity Tips for Lawyers Working Remotely

Client portals are a secure and easy-to-use form of communication

Last, but not least, the authors turned to secure client portals. As they explained, because of the risks inherent in email, they recommended that lawyers consider using secure client portals like the ones built into law practice management software in lieu of email. They shared that client portals are a secure, safe, and easy-to-use alternative that is one of the best ways to ensure that confidential information is preserved whenever you communicate and collaborate online with clients: “Secure client portals are an emerging and safe alternative to email. There are many case and practice management systems that offer a client portal component. You should seriously consider this option as a method of communication for confidential information.”