This post originally appeared on www.sharefile.com from Affinity Consulting Group Partner Jeff Krause.
Email is the most common form of communication in almost every business. Law firms are no exception. Email is fast and convenient. An entire discussion or exchange can occur and conclude over a short period of time and that discussion is memorialized in the emails. Email can be received anywhere the recipient has access to their account, which these days is just about anywhere.
Along with these many positive qualities, email also has negatives. There are social aspects such has how impersonal email can be and a tendency to say things in an email that would never be said in person or over the phone. Used the wrong way, email can also have dramatic ethical implications for lawyers. Just like a letter placed in the mail, email travels a path from sender to recipient. However, unlike a letter that remains unopened along this path, an email may be copied from server to server along the path. It can be intercepted, read by others, forwarded inadvertently and subject to the infamous reply all.
In short, email can be a minefield and, as we learned during last year’s presidential campaign, it is possible for a hacker to gain access to thousands of emails at a time and share them in a way that makes them accessible to everyone on the planet. As a lawyer, you can take every reasonable precaution but you can never be certain that your client takes similar care. They read their emails over coffee shop wifi, use an account shared with their estranged spouse, leave their work computer logged in 24/7 or “protect” it with a completely ineffective password such as “1234” or “password.”
A recent ruling in the United States District Court in the Western District of Virginia concluded that sharing sensitive information in an unsecured file share is not much better. In that case, rather than email files, one party placed a specific file in a popular file sharing site in order to share it with the other party. The file location was made available through an unsecured link and sent to the other party. However, the rest of the client folder was not secured correctly and the other party was given access everything related to the case file. The judge likened this to leaving a legal file on a bench.
The better way
I recently spoke along with John McHugh from Citrix ShareFile at Legaltech in New York. Our presentation offered client portals as an alternative way to avoid the pitfalls of email. A client portal is a secure way to share files with clients. It requires the client to login with a user name and a strong password. Once inside the portal, the client can view files you have shared with them. They can also share files with you by uploading. You set the rules of the portal such as who can download a file, whether download is even possible and how you are notified if a download occurs. You can even expiration dates to automatically delete files after a certain number of downloads or days after upload.
The features listed above sound expensive. However, while the features may vary, almost every cloud practice management system includes a client portal feature. So does almost every cloud document management product. In other words, you might already have the ability to setup and use a client portal. Citrix ShareFile is another great option. Every one of the features mentioned above is standard in ShareFile along with the ability to encrypt emails via a simple Outlook add-in.
If you are worried about safely sharing digital information with your clients, consider a client portal. It is a safe and easy way to protect their information and meet your own ethical obligations.