Protecting Client Confidences
Nearly every client representation involves receiving some type of confidential information from clients or about clients. How attorneys handle it,…
December 18, 2017 at 05:53 PM
6 minute read
Nearly every client representation involves receiving some type of confidential information from clients or about clients. How attorneys handle it, use it and safeguard it is critically important, as the consequences of unsanctioned disclosure may be severe.
It should be no surprise that an attorney who discloses client confidences and secrets without permission or purpose could face discipline from the Texas Bar and, separately, be the target of a legal malpractice claim. For example, a claim could result if an attorney discloses attorney-client communications to a third party or fails to adequately protect a business's trade secrets.
Previously, maintaining confidences primarily centered on exercising caution with respect to conversations, that is, minimizing the risks of being overheard during innocent elevator talk or business lunches. But now, with more attorneys than ever before working remotely and conducting business on portable electronic devices, coupled with modern connectivity via the Internet, Twitter and Facebook, it has become more challenging for attorneys to protect client confidences and secrets. Data security has also become a vitally important issue for law firms.
In fact, evidence suggests that hackers targeting certain corporations may attempt to gain access to their secrets through law firms because they often find the law firms' networks easier to penetrate. The prospect of a data breach is concerning and could have significant consequences for the clients whose confidential information has been compromised. However, the biggest risk for disclosure of confidential information may not be a sophisticated computer hacker, but a mistake made much closer to home.
What must be protected?
The starting point is to understand that “confidences and secrets” involve much more than just information protected by the attorney-client privilege or the work product doctrine. Instead, the scope of Rule 1.05 of the Texas Disciplinary Rules of Professional Conduct extends to “all information relating to a client or furnished by the client, other than privileged information, acquired by the lawyer during the course of or by reason of the representation of the client.”
As a result, the topics that could need to be protected could include the identity of a client, the termination of the relationship, and everything in between. With some exceptions, this obligation continues after the attorney-client relationship has ended and extends to employees and staff of the law firm.
There are three common areas of focus when it comes to client confidences and secrets: documents, oral communications, and electronic information. Each presents its own challenges, and the steps for preserving confidences and secrets will vary depending on the size, nature and type of practice.
1. Documents
Documents generated during the course of a representation often contain sensitive client information. Law practices therefore generally have a protocol for addressing the various categories of documents, including financial documents (such as billing records), file documents (generated during the course of the representation), and other related documents that might not be client specific.
In addressing these categories, a firm might consider document maintenance, retention, and destruction protocols or systems. For document maintenance, certain steps can be taken to ensure that confidential files are kept in secured areas that are not publicly accessible.
Many firms will adopt systems or internal protocols regarding how to handle client files. For some firms, this may mean adopting a document retention policy. Policies—whether formally written or part of the firm's common practice—can cover many topics, including what the firm will do with original copies of documents, the right of the client to the documents, and the notification procedures that will be followed regarding the ultimate disposition of the documents. For most attorneys, determining the proper approach will require careful consideration of the facts and circumstances.
2. Oral communications
Communications about client matters outside of the law office are to be discouraged unless they occur in the course of providing legal services. Clients expect their business to remain confidential, and successful attorneys ensure it stays that way.
In addition to providing information on confidentiality to employees in writing, effective risk management may include training for law firm personnel regarding the importance of maintaining client confidences and secrets as well as the potential consequences for failing to do so. Examples of situations in which the issue may arise, such as in response to inquiries from the press, are helpful in defining the boundaries and explaining how to handle various situations. Although such training is not required by the ethical rules, it can provide a benefit because otherwise employees may not know the types of information that must be protected from disclosure.
In this regard, leading by example is important. Attorneys are encouraged to remember that staff members will follow their lead when deciding what information can be disclosed outside the firm.
3. Electronic information
In order to protect electronic information, there is no substitute for adequate security protocols prepared by professionals. Regardless of whether the practice belongs to a solo practitioner or a large law firm, bars are coming to expect that attorneys will adopt adequate security protocols to protect client information. This means that lawyers and firms can secure and update their computer systems and Internet access as is necessary to respond to constantly evolving threats.
In addition, specific policies can address and prevent circumstances where client information is left vulnerable. For example, law firms can determine whether to discourage (or even prohibit) employees from using personal email accounts to send or receive any “work” emails. Firms can also require encryption or multiple-level passwords for attorneys who are using firm systems out of the office, whether through mobile technology or other remote service.
Although maintaining client confidences and secrets may seem like a daunting task in light of the potential risks in today's world, a law firm that takes a proactive approach using these suggested steps can establish a culture where client information is treated with the utmost care.
Shari L. Klevens is a partner at Dentons and serves on the firm's US Board of Directors. She represents and advises lawyers and insurers on complex claims and is co-chair of Dentons' global insurance sector team. Alanna Clair is a senior managing associate at Dentons and focuses on professional liability defense. Shari and Alanna are co-authors of “The Lawyer's Handbook: Ethics Compliance and Claim Avoidance.”
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All'Virtue Begets Virtue': Tips for Practicing Law (and Living) Ethically
7 minute readTrending Stories
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250