A new ethics opinion has Massachusetts lawyers scrambling to analyze the ethical risks of data loss associated with cloud computing. In Opinion 12-03 [Click Here] The Committee on Professional Ethics of the MBA, addressed:
“whether it would violate Lawyer’s obligations under the Massachusetts Rules of Professional Conduct to store confidential client information using Google docs or some other Internet based storage solution, and to synchronize his computers and other devices that contain or access such information over the Internet”.
After analyzing its prior opinions and those of other ethical advisory bodies, the Committee concluded that lawyers may use an internet-based service provider to store confidential client data so long as reasonable efforts are undertaken to comply with the obligation to keep client information confidential.
According to the Committee opinion, “reasonable efforts” include:
(d) examining the provider’s existing practices (including data encryption, password protection, and system back ups) and available service history (including reports of known security breaches or “holes”) to reasonably ensure that data stored on the provider’s system actually will remain confidential, and will not be intentionally or inadvertently disclosed or lost; and
(e) periodically revisiting and reexamining the provider’s policies, practices and procedures to ensure that they remain compatible with Lawyer’s professional obligations to protect confidential client information reflected in Rule 1.6(a).
The Boston technology lawyers at Raymond Law Group LLC regularly work with clients to address technology, privacy and data loss issues in Boston and throughout Massachusetts.