Dorothy Secol, CLA
  Home About Us Services News Resources  
Independent Paralegal Services for Attorneys



By now everyone is aware of the ability of certain individuals to hack into your computer, servers or main frames. Every day we hear of another company whose records have been exposed by hackers and whose security protocols have been breached.

As attorneys you have an ethical obligation under RPC 1:15 to “safeguard” client property, including client documents and files. You must also ethically preserve certain records for your firms, including trust account records. Many liability carriers have file retention requirements as a term in the legal malpractice policies. So, you must preserve these records, but where do you keep them?

Storage facilities are expensive and paper retention can be burdensome. Unless you return your files to the client at the end of your representation, you must preserve the entire file. State rules vary with regard to the length of time one must keep a file, however, New Jersey uses a records retention period of seven years after the event recorded, rather than measuring the period from the date of the conclusion of the representation.

In addition to the cost of storage of paper records, security issues and erosion concerns, as well as accessibility issues, many attorneys are motivated to store documents electronically. By scanning documents or converting them into an electronic record (Word.pdf, tif or jpeg) you no longer need the paper version, as long as that paper does not have some intrinsic value. Documents such as wills, trusts, stock certificates or settlement agreements should be preserved by the attorney or given to the client for safekeeping.

The next ethics consideration is where the electronic data is stored. Until the last few years, electronic data has been stored on attorneys’ computers or servers in their offices. In the last few years, however, more vendors are marketing retention storage through the Internet which means that the material does not exist on a physical piece of computer equipment.

May an attorney ethically store records and or files electronically and remotely in the “cloud?” There is ABA Opinion 11-459 which addresses emails and permits electronic communication with clients as long as the client is warned about the possibility of third-party access.

Before agreeing to remote storage in the “cloud,” there are several questions that should be asked:

1. The attorney or firm must ask clients to consent to remote electronic storage of their documents and information. Confirm this in your retainer letter so that the client understands and agrees that you will only keep electronic copies of the documents.

2. Check with your malpractice carrier so see if you have coverage for theft or destruction of electronic material or if there is “cyber” insurance available. Confirm whether the carrier covers identity theft costs of client information is misappropriated.

3. Create procedures in the event your servers go down, your office is destroyed or the vendor’s servers are down. Have emergency contact information.

4. Get recommendations from other attorneys you trust about their cloud providers.

5. Read the Service Level Agreement with the vendor. If you do not understand what should be in the agreement, hire someone who understands the technology and can review the agreement for you.

Email communication is just another form of written communication between client and attorney. They are considered writings and should be treated the same way letters and pleadings are treated. If a letter would not include personal dialog, emails written to client should not either. Train all firm staff and attorneys to proofread the written communication assuming it may be viewed by a judge some day.

It may be wise to include a clause in your retainer letter that informs your clients the firm may communicate with them by email and will use the emails they provide.

It may also be wise to advise your clients to avoid communicating with the law office using public computers such as in hotels or libraries, and to use only the email address for which the client is authorized to view the emails.

More News >>


Home  |  About Us  |  Services  |  News  | Resources

  Send mail to with questions or comments about this web site.
  Copyright ©2009 by Dorothy Secol, CLA.