Monday, August 8, 2011

Standards and Ethics for Lawyer Use of Hosted Cloud Software Services

Law Technology News recently published an article on law firm information risk management considerations for using third-party hosted applications and data storage services: “Security and Privacy Standards for Cloud Services.
  • “For service providers to achieve and maintain information security sufficient to safeguard firm and client information, providers should adhere to appropriate standards and policies, even applicable legislation, and implement technical security controls that comply with the requirements that correspond to their customers' needs.”
The article offers links to several detailed resources for firms looking to conduct technical due diligence and shape their IT strategy. On the practitioner front, several jurisdictions are considering (or reconsidering) the ethical implications of cloud software:
  • In Alabama, one lawyer reached out to the state bar ethics committee to ask specifically about the very popular Dropbox file hosting service, which has been the subject of some recent controversy: “My question? After the events of late is it still ethical to use Dropbox for our offsite storage of client files?” You can read more on his blog.
  • The North Carolina Bar issued draft rules on cloud software services in April, 2010. But based on industry feedback, they retracted the draft a year later and have since published a revised proposed opinion: “This time, the comments were less favorable, with many in the legal computing arguing that the requirements were so onerous as to effectively block the use of many cloud applications.” [Here’s a sample.] In response, the Bar has directed the committee working on the opinion to review and revise.

No comments:

Post a Comment