Data Security for Law Firms: Part 2

Dec 21, 2018

In the second installment of a two-part series, Korbitec president Alan Bass explores how Automated Civil Litigation can minimize the chance of a data breach.

Data Security for Law FirmsExchanging documents in the newest feature of the closed environment of Korbitec Inc’s Automated Civil Litigation (ACL) product dramatically reduces the chances of a data security breach, company president Alan Bass tells AdvocateDaily.com.

In part one of this series, Bass explained how low-tech failures in law firm processes are a significant, and often overlooked, source of client data breaches.

According to Bass, something as simple as a misdirected email, a weak password or unwiped metadata can easily undermine expensive security systems based on cloud storage and strong encryption or other security measures.

When it comes to the exchange of documents, he says lawyers overwhelmingly rely on email, with memory sticks or shared online drives serving as a backup option for larger files.

Despite their convenience, “none of those methods are secure,” Bass says. “I think people have come to hopefully recognize that email is not a secure transmission methodology.”

However, he says users of ACL — the Toronto-based company’s marquee software document automation product — can avoid many data breach risks due to a number of existing and some newly built-in features of the program.

“It addresses some very big security issues,” Bass says.

For example, every template in its database — which can be used to create litigation documents including statements of claim, affidavits and correspondence for practice areas including estates, family, civil litigation, and small claims — starts out completely fresh.

“There’s no stored metadata, so there’s no chance you will mistakenly send out client information from old files changed from precedents that were copied and pasted in,” Bass says.

In addition, documents created in ACL can be emailed directly from the program’s workspace on creation, he says.

“Because you’re choosing who you send it to through ACL, those people are already noted as recipients on the file,” Bass says. “There is no chance you will send it to the wrong person because nobody else is linked to that particular file within ACL.”

Early next year, Korbitec will introduce its XchangeDocs, a brand new feature that will help further complement law firms’ data security measures.

“It’s a secure document exchange portal that allows you to send and receive documents between the parties associated with the file,” Bass says. “We know there are others out there, but what’s unique about ours is that we have a community of approximately 500 law firms already using ACL.”

And when ACL users want to send documents to non-users, Korbitec has developed a system that allows the transfer to occur via a web interface without requiring them to sign up.

“We have the highest level of encryption commercially available, and all the security aspects are built in,” he says. “We’re also based in Ontario, so data is staying local, and there’s a full audit trail, detailing when a document was received and opened.”