U.S. law firms may be worried about the security risks of sharing confidential information online, but a new surveyby LexisNexis' legal and professional division reveals that they are not doing much about it.
Unencrypted email remains by far the most prominent way that law firms share privileged communications with their clients, with 89 percent of respondents reporting that it is the firm's primary method of distributing information.
In March, the company canvassed about 300 legal professionals in 40 states across 15 different practice areas. Results show that although respondents were aware of the risks, and wary of them, the most common method of securing documents and protecting privilege was the use of a confidentiality statement at the bottom of an email, with 77 percent of firms reporting this was their primary line of defense.
“There’s clearly a disconnect between expressed security concerns and measures law firms employ to protect their clients and themselves,” said Christopher Anderson, a senior product manager at LexisNexis, in a statement. “Relying on a mere statement of confidentiality when sharing privileged communications by email is a weak measure—and further it might protect the law firm but affords very little protection for the client,” he said.
A minority of law firms go a step further to protect their information, with 22 percent saying they use email encryption,14 percent using a password to protect documents and 13 percent employing a secure file-sharing site. At the reverse end of the spectrum, 4 percent of respondents said they take no measures at all to protect private information. “Law firms need to perform their due diligence, stay abreast of technology and ultimately protect their clients’ interest online just as they do in providing legal counsel,” said Anderson.