• About
  • Solutions
    • Products
      • SecureMail Gateway
      • Fast&Secure
      • Consulting Services
    • Technologies
      • SecureTier
      • Data Leak Prevention
  • Pricing
  • Partners
    • Technology Partners
    • Reseller Programs
  • Resources
    • Whitepapers
    • Knowledge Base
    • Latest News
  • Contact
    • Contact Info
    • Open a Support Request

Call Toll free (855) 614-2378

sales@globalcerts.net
Manage account
GlobalCertsGlobalCerts
GlobalCertsGlobalCerts
  • About
  • Solutions
    • Products
      • SecureMail Gateway
      • Fast&Secure
      • Consulting Services
    • Technologies
      • SecureTier
      • Data Leak Prevention
  • Pricing
  • Partners
    • Technology Partners
    • Reseller Programs
  • Resources
    • Whitepapers
    • Knowledge Base
    • Latest News
  • Contact
    • Contact Info
    • Open a Support Request

Securing Lawyer-Client Communication

How firms can make email security a selling point instead of a hassle

Home NewsLaw Firm Security Best Practices
Law Firm Security Best Practices

Law Firm Security Best Practices

March 29, 2019

Let’s face it: Law firms have historically been behind the curve when it comes to adopting new technologies. Many are just now realizing the tremendous benefits of electronic document management (EDM) systems. When it comes to storing and retrieving case information compared to the old filing cabinet, there is no comparison. Certified postal mail and faxes are still a staple at most firms, but they’re slowly being replaced by email and other electronic forms of communication. But here specifically, there can be a big problem with making the jump to digital: Is it secure?

According to an article from the American Bar Association, “Most attorneys do not consider the implications of encryption and cybersecurity in their daily lives”. However, they are often handling some of their clients most private and sensitive information. In the medical and financial industries, this type of information is subject to many regulations that mandate how the information is stored, transmitted, and protected: HIPAA, HITECH, GLBA, Sarbanes-Oxley, just to name a few.

Lack of Regulations

Unfortunately, “There is no omnibus law dictating what information about you is sacrosanct and what is off-limits” The legal industry does NOT have any federal acts or laws dictating how private client information is handled. The closest thing is an opinion letter from the ABA from 2017, called Formal Opinion 477. This opinion updates the previous statement that unencrypted email is an acceptable way for lawyers to communicate with their clients about case information. It states that “cyber-threats and the proliferation of electronic communications devices have changed the landscape and it is not always reasonable to rely on the use of unencrypted email.”

Why TLS Encryption Isn’t Enough

The opinion goes on to reference an ethics opinion that outlines some circumstances where email communication should be given special protections:

1. communicating highly sensitive or confidential information via email or unencrypted email connections;
2. sending an email to or from an account that the email sender or recipient shares with others;
3. sending an email to a client when it is possible that a third person (such as a spouse in a divorce case) knows
the password to the email account, or to an individual client at that client’s work email account, especially if the email
relates to a client’s employment dispute with his employer…;
4. sending an email from a public computer or a borrowed computer or where the lawyer knows that the emails
the lawyer sends are being read on a public or borrowed computer or on an unsecure network;
5. sending an email if the lawyer knows that the email recipient is accessing the email on devices that are
potentially accessible to third persons or are not protected by a password; or
6. sending an email if the lawyer is concerned that the NSA or other law enforcement agency may read the
lawyer’s email communication, with or without a warrant.

Turning Email Security into a Differentiator

These are perfect examples of why a firm’s email security solution should be a selling point, rather than a check-the-box compliance obligation. Only dedicated email encryption systems like the SecureMail Gateway  or our managed service Fast&Secure can provide this type of protection to clients. Using a secured web portal like SecureMessenger guarantees that the data is encrypted at rest and in transit with TLS encryption. But more importantly, the lawyer and client can create a unique authentication passphrase to secure access to the messages. So for instance, even if a spouse has access to a client’s computer or their email account, they will NOT be able to access the secured emails without the unique passphrase established between the lawyer and client.

GlobalCerts’ Securemail Gateway solution utilizes the ‘SecureMessenger‘ delivery system, which delivers secured emails over a branded, TLS encrypted web portal, direct to the client’s computer or smartphone. The SMG stores secured emails with military grade AES-256 encryption in the sender’s environment. The sending organization is always in the complete control of the email. Messages are automatically deleted after a specified lifetime, or on-demand by the admin.

To learn more about GlobalCerts and the Securemail Gateway, Contact sales today, toll free at (855) 614-2378 or sales@globalcerts.net to learn more.

 


Sources/References

https://www.americanbar.org/groups/business_law/publications/blt/2016/06/07_borden/

https://www.americanbar.org/groups/young_lawyers/publications/tyl/topics/cybersecurity/privacy-law-the-information-economy/

https://www.americanbar.org/content/dam/aba/images/abanews/FormalOpinion477.pdf

https://abovethelaw.com/2017/06/new-aba-email-guidelines-how-can-lawyers-comply


Share

You also might be interested in

Heartbeat Line

Easing HIPAA Regulations

Feb 13, 2019

The landmark 1996 Health Information Portability and Accountability Act (HIPAA)[...]

The War On Encryption

The War On Encryption

Dec 20, 2019

There has been a LOT of commentary recently from privacy[...]

Leaking Pipe
OLYMPUS DIGITAL CAMERA

Data Leak from NC DHHS

Nov 24, 2017

According to a press release today, the North Carolina Department[...]

Contact Us

Have a question? We'd love to hear from you!

Send Message
See how GlobalCerts can secure your organization's email Request a Quote

Latest News

701 Palomar Airport Rd. STE 300
Carlsbad, CA 92011
(855) 614-2378
info@globalcerts.net

Site Search

Copyright © 2025 GlobalCerts LLC, All Rights Reserved Site Map | Privacy Policy | Legal Disclaimer