By: dmc-admin//March 24, 2004//
Ross Kodner |
Electronic security and disaster prevention are facts of legal life today. With new computer viruses and daily security breaches, protecting client confidences and firm information is challenging. Complicating this is HIPAAs privacy legislation. Security and disaster planning are as critical in small firms as in mega-practices. This article explores seven quick tips for practicing safe computing:
For all the law practices now using Microsoft Word as their document generation system, theres a horrifying threat that needs to be addressed: its called Metadata.
From the time a Word document (or an Excel spreadsheet or a PowerPoint file) is created, through all the edits, revisions and modifications that occur during the life of the document, a frightening amount of information is permanently stored, invisibly, under the hood so to speak, in the file. Anyone who knows how to view such a file (as easy as selecting the Recover Text from Any File option in Words File | Open dialogue box, whereupon retrieval of the file, all the contained metadata is tacked onto the end of the document) can exploit it to their advantage. For example, assume youve had several revisions of a document with passages of text being removed, copied from other documents, comments inserted and deleted, etc. Perhaps some of the language, or even the entire document was leveraged from work done for another client. If that document leaves your firm as an e-mail attachment, what are the consequences of someone outside your firm being able to view all the information you thought was no longer there? Have you breached client confidentiality (of both the client in question as well as the earlier client whose work you recycled and whose information is still hidden in the document)? Could this be an ethical violation? How about malpractice?
The only practical ways to address this issue are to turn Word documents into PDF files (using Adobe Acrobat writer or an equivalent compatible product such as FinePrint Softwares pdfFactory Pro), which strips virtually all the metadata out of the document. Or alternatively, use a Word add-in that removes Metadata from documents such as Metadata Assistant from Payne Consulting (or MetaWALL from Workshare Technologies or iScrub from Esquire, Ltd.). The point is, in the protecting your clients from disaster category, taking one of these approaches must be considered mandatory.
The bottom-line: We practice law in a complex electronic environment. Protecting our confidential information cant be an afterthought it must be as
rigid a daily procedure as entering time. It is essential that your law practice strive to practice safe computing.
Ross Kodner is a recovering lawyer who saw the light and founded Milwaukee, Wisconsins MicroLaw, Inc. a legal technology consultancy and CLE education company. He consults with and teaches lawyers worldwide about technology. He can be reached at [email protected], via www.microlaw.com and at 414-540-9433.