Shari Klevens, left, and Alanna Clair, Dentons. Courtesy photoAvoiding Trouble: Tips on Protecting Client Confidence in the Workplace
With more attorneys working remotely and on electronic devices and in the modern world of Facebook, Twitter and the internet, it has become more challenging for attorneys to protect client confidences and secrets.
August 20, 2018 at 02:07 PM
6 minute read
One of the cornerstones of the attorney-client relationship is the attorney's obligation to safeguard a client's confidences. An attorney who fails to do so can face severe consequences, including termination by the client, a bar grievance, or even a legal malpractice claim.
Revealing a client confidence can get an attorney in trouble even if there are few consequences of that disclosure. In other circumstances, however, the harm posed by a failure to safeguard confidences can be severe, such as when an attorney reveals the identity of a victim of domestic abuse to the press or fails to adequately protect a business's trade secrets.
In years past, attorneys would take care to avoid having sensitive conversations in public places, like an elevator or a party. However, now, with more attorneys working remotely and on electronic devices and in the modern world of Facebook, Twitter and the internet, it has become more challenging for attorneys to protect client confidences and secrets. As it has for others, data security has become a vitally important issue for law firms.
Evidence suggests that hackers targeting certain corporations may attempt to gain access to corporate secrets through law firms because they often find the law firms' networks easier to penetrate. Indeed, over the past several months, some prominent law firms have suffered highly publicized data breaches. The prospect of a data breach is concerning and could have significant consequences for the clients whose confidential information has been compromised. However, the largest risks for disclosure of confidential information are not sophisticated computer hackers, but rather can be avoided by ensuring that simple protocols, practices and procedures result in the protection of client confidences and secrets.
Indeed, it is far more likely that a client's confidences and secrets will be revealed by something other than a sophisticated hacker.
The key for most attorneys is to appreciate that “confidences and secrets” is often much broader than the attorney-client privilege. The scope of Rule 1.6 of the Connecticut Rules of Professional Conduct extends to all “information relating to [the] representation of a client.” Accordingly, attorneys typically protect information ranging from the identity of a client to the termination of the relationship and everything in between. This obligation may also carry on after the attorney-client relationship has ended and extends to employees and staff of the law firm.
Generally, there are three areas where client confidences and secrets can be vulnerable to discovery: documents, electronic information and oral communications. What steps attorneys may consider to protect confidences in these three categories will likely vary depending on the type of practice and type of information.
|Documents
Documents generated during the course of a representation often contain sensitive client information. Many law practices adopt protocols for addressing and storing the various categories of documents, including financial documents (such as billing records), file documents (generated during the course of the representation) and other related documents that might not be client-specific.
For example, a firm might consider document maintenance, retention and destruction protocols. For document maintenance, most firms will take reasonable steps to ensure that confidential files are kept in secured areas that are not publicly accessible. In practical terms, this means that confidential files should not be kept in lobby areas, hallways utilized by nonemployees or other public areas of the law firm that are not segregated and secure.
Document retention policies can also be confirmed in writing and specify the method, duration and place of retention. Clients can be advised at the outset of a representation (in the engagement letter or the fee contract) of the document retention rules, including specifically any policies regarding original copies of documents, the right of the client to the documents, and the notification procedures that will be followed regarding the ultimate disposition of the documents.
Document destruction policies can also be in writing. Although destruction policies can vary by firm, by state, and even by type of representation, it is most helpful that the policies be uniform. That is, firms that apply document destruction policies on an ad hoc basis, or at the discretion of an attorney or other employee, may face heightened scrutiny if questions arise regarding whether confidential information was lost.
The safer course is to have uniform rules regarding the length of time that documents will be maintained prior to destruction, and the notifications to clients that will be provided before a client document is destroyed. That doesn't mean that there can never be exceptions to the policy. All situations are unique and will require careful consideration of the facts and circumstances.
|Electronic Information
For most law firms, adequately protecting electronic information involves a combination of internal policies and external expertise. Whether a solo practitioner or a large firm, the practice can take steps to ensure that computer systems and internet access are secure and updated. The range of the security may vary on the circumstances, but law firms should take serious stock of what confidential information they have in their possession. For example, a plaintiffs' class action firm may be a target for hackers because that firm may have the medical records or Social Security numbers of hundreds of plaintiffs in their files.
Firms can also adopt internal policies aimed at protecting vulnerable client information. For example, many firms discourage employees from using personal email accounts to send or receive any “work” emails given the potential risk.
|Oral Communications
Communications about client matters outside of the law office should be discouraged unless it occurs in the course of providing legal services. Clients expect that their business is confidential, and attorneys should work hard to make sure it stays that way.
Employees may need instruction on the types of information that must be protected from disclosure. Many firms—regardless of the size—will consider protocols for how to respond to inquiries from the press or other outside entities so as to protect confidences.
Leading by example is also important. Attorneys should be encouraged to remember that staff members will follow their lead when deciding what information can be disclosed outside the firm. Thus, attorneys should avoid gossiping about clients or matters to people outside the firm, particularly in front of more junior attorneys or staff who may then believe that such conduct is appropriate.
Shari L. Klevens is a partner at Dentons in Atlanta and Washington, D.C., and serves on the firm's U.S. board of directors. She represents and advises lawyers and insurers on complex claims and is co-chairwoman of Dentons' global insurance sector team. Alanna G. Clair is a partner at the firm in Washington, D.C., and focuses on professional liability defense. Klevens and Clair are co-authors of “The Lawyer's Handbook: Ethics Compliance and Claim Avoidance.”
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
ADVANCE Act Offers Conn. Opportunity to Enhance Carbon-Free Energy and Improve Reliability With Advanced Nuclear Technologies
Trending Stories
- 1Trump's Solicitor General Expected to 'Flip' Prelogar's Positions at Supreme Court
- 2Pharmacy Lawyers See Promise in NY Regulator's Curbs on PBM Industry
- 3Outgoing USPTO Director Kathi Vidal: ‘We All Want the Country to Be in a Better Place’
- 4Supreme Court Will Review Constitutionality Of FCC's Universal Service Fund
- 5'It Refreshes Me': King & Spalding Privacy Leader Doubles as Equestrian Champ
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
