Extranet External Sharing Guide
SECURE RECEIPT, STORAGE, AND TRANSMISSION OF CLIENT INFORMATION
Disclaimer: The following in a summary of larger policy. Please use this link to access the Information Security & System User Guide for the detailed policy and protocols.
The firm has implemented a protocol and tools to ensure the secure transmission, receipt, and storage of restricted information. Employees, independent contractors and vendor must comply with the protocol when applicable.
Classification of Client Information
The firm has an obligation to protect restricted information beginning when a new matter is opened. Attorneys must be prepared to answer the following questions when opening a new matter.
Will this matter entail the Firm’s receipt of HIPAA Protected Health Information (PHI)? If yes, then be prepared to explain the nature and format (electronic or physical) of the information and how it will be transmitted to the Firm.
Will this matter entail the Firm's receipt of any other especially sensitive information such as Social Security Numbers or financial account numbers? If yes, then be prepared to explain.
Will this matter entail the Firm’s commitment to any special or unusual security, handling, storage, return, or destruction of client information, such as in the engagement letter, outside counsel guidelines, or a HIPAA business associate agreement (BAA)? If yes, then be prepared to explain.
Resources to Receive, Send & Store Client Information
Document Management Security
EDocsDM is the Firm's official repository for documents pertaining to clients. Saving documents in DM enables access to documents from any computer on the Firm's network and sharing of documents with anyone at the Firm. eFax is the Firm's fax solution - it allows users to send file attachments to a fax machine using their e-mail account. The Firm's e-mail system is configured to encrypt all outgoing mail using Transport Layer Security (TLS) if the person receiving the e-mail is also configured for encryption. For clients and matters that contain PHI and/or personally identifiable information (PII), enforced encryption will be applied to outgoing and incoming e-mail. The Firm also offers extranets, toolkits and licensed technology platforms for client collaboration. This includes over 25 different templates (corporate or health law deal rooms, due diligence rooms,
Enforced E-Mail Encryption
Made with FlippingBook