Thursday, January 31, 2008
A recent ethics opinion from the Maine Board of Overseers of the Bar deals with the ethical propriety of using third-party vendors to process and store electronically held law firm data. The opinion concludes:
"With the pervasive and changing use of evolving technology in communication and other aspects of legal practice, particular safeguards which might constitute reasonable efforts in a specific context today may be outdated in a different context tomorrow. Therefore, rather than attempting to delineate acceptable and unacceptable practices, this opinion will outline guidance for the lawyer to consider in determining when professional obligations are satisfied.
At a minimum, the lawyer should take steps to ensure that the company providing transcription or confidential data storage has a legally enforceable obligation to maintain the confidentiality of the client data involved. See ABA Ethics Opinion 95-398 (lawyer who allows computer maintenance company access to lawyer's files must ensure that company establishes reasonable procedures to protect confidentiality of information in files, and would be 'well-advised' to secure company's written assurance of confidentiality); N.J. Sup. Comm. Prof. Ethics Opinion 701 ('Lawyers may maintain client files electronically with a third party as long as the third party has an enforceable obligation to preserve the security of those files and uses technology to guard against reasonably foreseeable hacking.') ."