Even if you are complying with the Data Protection Act in accordance with the letter of the Act have you considered how you handle your files and the information in them in accordance with your professional and ethical obligations to your clients? Can anyone in your practice see anything at any time?
Why data protection is everyone’s responsibility
The Data Protection Act, somebody else’s problem? The marketing people have it well under control don’t they?
Even if you are complying with the Data Protection Act in accordance with the letter of the Act have you considered how you handle your files and the information in them in accordance with your professional and ethical obligations to your clients? Can anyone in your practice see anything at any time?
In legal practices everywhere, every matter file (physical or electronic) will hold confidential information about the client it relates to. Probate and Trust files almost certainly have detailed information around assets and dependencies. Files created when writing wills have private and confidential financial information. House conveyancing files may contain information around mortgage applications and income. Personal Injury files detailed medical information. What if the information in these files were to be disclosed unintentionally or worse still, fall into the wrong hands?
And then there’s the question of how you keep the information. Is it in physical files? Is it in partners’ notebooks? Is it in electronic files or is it in all three? What about Microsoft Outlook, does your practice regard this as a storage system? Most practices I know will have lots of confidential information contained in emails. Which begs the question how do you make sure that only the people who need to see it can see it when they need to?
When you think about it, your law firm has vast silos of data about your clients, your employees and your prospects and it’s spread across all sorts of mediums. These silos may be your greatest asset if maintained and mined in the right way but they could become your biggest issue if they contain multiple versions of the truth.
A question worth asking yourself if you are unsure about how you hold client information is, if I was obliged to disclose case information could I be sure that all the information in the file was complete, accurate and appropriate? If you’re not sure then you need to think about developing a strategy for managing and archiving all of your data, not just the information marketing holds. You need to make it as easy as possible for the partners and staff to maintain that data.
A matter and case management system, like Lexis® Visualfiles™, can help you enormously. Such systems provide a single electronic file for all activities, documents and communications related to a matter, including emails. They not only make it easy to collect all the information in one place, so you have a single source of the truth, they also enable you to automatically police the data. You can restrict who can access the file. You can see when people have accessed it. You can set review points for archiving and deletion. You can also be sure that if you have to disclose case information it is complete, accurate and appropriate. Maybe data handling was my problem after all, but perhaps now it could be my opportunity?