Data Security Ethics and Best Practices for Court Reporters

This article appeared in Cybersecurity Law & Strategy, an ALM publication for privacy and security professionals, Chief Information Security Officers, Chief Information Officers, Chief Technology Officers, Corporate Counsel, Internet and Tech Practitioners, In-House Counsel. Visit the website to learn more.

Individuals and companies, small and large, often neglect to develop their security infrastructures until an attack occurs and it's too late. No one is spared from the interest of cybercriminals. Hackers are largely indiscriminate in their approach, choosing to cast a broad net to collect information and reviewing what they've plundered for value after the attack. It's not necessarily about you; it's about the numbers.

The risk is real and can happen to anyone — personally or professionally, outside or inside the legal market, including court reporters. The issue of digital security and privacy should be a paramount concern to modern court reporters just as it is to their attorney clients. Yet their biggest risk remains the same as everyone else's: believing it won't happen to them.

As guardians of the record, court reporters have access to a broad expanse of privileged and confidential information, and it is their individual responsibility to protect that data. The National Court Reporters Association Code of Professional Ethics states, “(Reporters must) preserve confidentially and ensure the security of information, oral or written, entrusted to the reporter by any parties in a proceeding.” This responsibility extends to work product transmitted or stored on their devices and any individuals employed in their professional practice (i.e., scopists and proofreaders).

Attorneys must be able to trust that the court reporters taking their depositions are following every possible measure to protect the security and privacy of the data they're handling. As independent contractors, court reporters can take several measures to minimize their risk of a data breach

The first step for anyone to protect him- or herself is to recognize that the human factor is the weakest link to a security infrastructure and then act to protect his or her digital security based on that fact. With the busy life of a court reporter, it's difficult to stay apprised of the latest security trends. The good news is that there are some core guidelines that are a sound starting point to develop a digital security toolkit and will help to mitigate risk and exposure. The following are several recommendations for how court reporters can protect themselves and their work product. Most of these tips are good practices for anyone with an online presence or handling sensitive data.

Keep Software Up to Date

Turn on automatic updates and don't ignore them when prompted. Out-of-date software that hasn't been patched for security loopholes is often the point of entry for malicious attacks. Updating software can be annoying when trying finish a rough draft or other urgent client request, but it will be a lot more annoying when it is used against you!

Utilize Two-Factor Authentication

1. Two-factor authentication is widely available for most secure websites and applications and is free to use. Two-factor authentication requires you to type in your password to access an account and then requires that you type in a second randomly generated pin number that is sent by push or SMS notification to your mobile device.
2. The benefits of two-factor authentication are that cybercriminals now require two pieces of information to access your account, and if you are receiving pin codes while not trying to access your account, you're alerted that someone else is, and you can take the appropriate actions.

Create and Maintain Solid Passwords

1. If you're using “Password,” “1234” or any simple variation thereof, you are creating more of a personal burden to access your own accounts than an actual boundary for a hacker. Simple passwords are as ineffective as not having a password at all.
2. Lock your computer and mobile devices with a complex password.
3. Use a mixture of characters, including characters and numbers—the longer the better.
4. Don't write your passwords down.
5. Don't use the same password for multiple important accounts.
6. Multiple passwords, especially lengthy ones, can be difficult to remember. Use a password management tool to keep them all secure and in one place.

Think Twice and Exercise Skepticism When You Receive Strange E-Mails or Phone Calls

1. Just because a link looks safe, that doesn't mean it is. Links can be sent in e-mails or messages that look like a website you know or trust but redirect you to a different website altogether.
2. To combat this deception, hover over the link in your e-mail browser (without clicking), and the actual address to which the link will direct you will be displayed. Review the URL to make sure it's where you want to go.
3. Social engineering is becoming an increasingly popular tactic hackers use to take advantage of seemingly real situations and manipulate the target into revealing personal or financial information.

Install Anti-Virus Protection On Devices

As mentioned previously, make sure to set anti-virus protection software to automatically update or to accept any updates when prompted. Anti-virus protection is only doing its job properly if it is up-to-date to combat the latest cybersecurity threats.

Back Up All Your Data and Information

1. Last, but not least, back up all data! If something does compromise your device, the only guaranteed way to recover the information is through a backup.
2. Consider using a cloud-based backup service.
3. If you back up to an external hard drive, make sure the device is disconnected from the Internet and that it is stored in a physically secure space.

Modern technology has advanced the profession of court reporting in significant ways over the past several decades, improving productivity with state-of-the-art stenographic equipment, transcription software and even the ability to deliver real-time transcripts. However, technological advancement also presents some risks.

As independent contractors, many court reporters choose to work through agencies that may offer enhanced technology and other security measures to help mitigate the risk of their data being compromised. For court reporters with these tools at their disposal, it's recommended they take full advantage of them.

Furthermore, because a potential breach's impact could be far ranging, attorneys have a vested interest in what their court reporters are doing to prevent it. Whether scheduling them directly or through an agency, attorneys and their firms should require evidence of the data security and privacy practices their court reporters employ.

Andy Fredericks is the California Director of Operations for court reporting company Veritext Legal Solutions.