Managing the Security and Privacy of Electronic Data in a Law Office
[Note: this booklet was published in 2004. While it still contains valuable content, we refer you to our Cyber Dangers page for a more up-to-date assessment of cyber security issues facing law firms.]
Clients, lawyers, and law office staff routinely work with electronic documents and data. Protecting the security and confidentiality of that information is important. Both Rules of Professional Conduct and PIPEDA apply equally to paper-based files and electronic documents such as computer files and e-mail messages. A failure to take appropriate steps to protect the electronic data in your office could result in a release of sensitive information, a malpractice claim, a complaint to the Law Society, or the theft of your personal identity. To minimize the risk of any disclosure or loss of confidential client or practice data, you should understand where the risks are, and implement office management practices and appropriate technology to ensure all of your data remains confidential and secure. This booklet highlights the risks and provides a comprehensive review of various steps you should take to ensure that the electronic information in your office remains confidential and secure.