Any member of the legal community, whether lawyer or support staff, full-time employee or contractor, is bound by the ethical duty of maintaining client confidences. An attorney, and by extension his or her staff, has a duty “to maintain inviolate the confidence, and at every peril to himself or herself to preserve the secrets, of his or her client.” (Cal. Bus. & Prof. Code §6068(e)(1)).
How do virtually working paralegals deal with the ethical obligation of maintaining our attorney clients’ confidential and proprietary information? How do we handle protecting the confidential information of their clients?
This is a question I am often asked, and it’s an important consideration for those of us working virtually.
The answer is that in many ways, virtual paralegals maintain confidentiality in exactly the same way full time employees do. We refrain from discussing our attorney clients’ businesses, practices, and protocols with anyone else, or in public places. Perhaps even more important, we refrain from discussing our attorneys’ clients, the facts of the cases we work on, and legal strategies being pursued in them. We refrain from discussing these things with anyone, anywhere, except for with the attorney client and his/her staff or agents.
One might think that it’s tempting for virtual workers whose clients, and their clients, may be miles away, to think that these restrictions don’t matters quite so much. After all, chances are nobody where we live will ever have heard of our distant clients or their cases. But the fact that our clients may be located across the state doesn’t make their communications or information any less confidential, and we must see to it we are guarding them.
This goes for social media too. If virtual paralegals have any sort of an online presence (and who doesn’t these days?), we need to refrain from commenting on any specifics of our clients’ confidential matters. Many bar associations have issued ethics opinions about attorney (and by extension, legal staff) use of social media. Disciplinary actions have been brought against lawyers for inappropriately revealing client information in tweets and Facebook posts. Virtual paralegals must guard against this as well.
The long-standing practice of never discussing client matters with others isn’t new to the virtual arena. What’s new is the need to maintain that confidentiality within the confines of our own offices and on our own electronic systems, be they on hard drives or in “the cloud.” Our attorney clients can’t do this for us. Our clients’ IT departments can’t do this for us. We must see to it ourselves.
As virtual workers, we need to maintain strict security of all paper and digital files. Well thought-out data retention and destruction polices are essential. There must be procedures in place for removing confidential client data from computer and cloud servers when a matter concludes or when requested by an attorney client. Computers, laptops, external drives, cloud storage services and file sharing accounts must be encrypted where necessary and must be rendered as secure as possible.
Further, virtual paralegals have a role to play in advising their attorney clients about the most secure mechanisms for transmitting confidential client data back and forth. Frequently, email isn’t secure enough for sending privileged and confidential data. Therefore, it behooves virtual paralegals to have vetted a variety of cloud-based file sharing platforms, so they have some trusted, secure options to propose to attorney clients when documents need to be exchanged securely.
Abiding by the duty of confidentiality is the obligation of everyone working within the legal community. Reputable virtual paralegals understand this, and take it seriously.