Extranet External Sharing Guide

SECURE RECEIPT, STORAGE, AND TRANSMISSION OF CLIENT INFORMATION

Disclaimer: The following in a summary of larger policy. Please use this link to access the Information Security & System User Guide for the detailed policy and protocols.

The firm has implemented a protocol and tools to ensure the secure transmission, receipt, and storage of restricted information. Employees, independent contractors and vendor must comply with the protocol when applicable.

Classification of Client Information

The firm has an obligation to protect restricted information beginning when a new matter is opened. Attorneys must be prepared to answer the following questions when opening a new matter.

Will this matter entail the Firm’s receipt of HIPAA Protected Health Information (PHI)? If yes, then be prepared to explain the nature and format (electronic or physical) of the information and how it will be transmitted to the Firm.

Will this matter entail the Firm's receipt of any other especially sensitive information such as Social Security Numbers or financial account numbers? If yes, then be prepared to explain.

Will this matter entail the Firm’s commitment to any special or unusual security, handling, storage, return, or destruction of client information, such as in the engagement letter, outside counsel guidelines, or a HIPAA business associate agreement (BAA)? If yes, then be prepared to explain.

Resources to Receive, Send & Store Client Information

Used To

Resource

Operational Definition

Document Management Security

EDocsDM is the Firm's official repository for documents pertaining to clients. Saving documents in DM enables access to documents from any computer on the Firm's network and sharing of documents with anyone at the Firm. eFax is the Firm's fax solution - it allows users to send file attachments to a fax machine using their e-mail account. The Firm's e-mail system is configured to encrypt all outgoing mail using Transport Layer Security (TLS) if the person receiving the e-mail is also configured for encryption. For clients and matters that contain PHI and/or personally identifiable information (PII), enforced encryption will be applied to outgoing and incoming e-mail. The Firm also offers extranets, toolkits and licensed technology platforms for client collaboration. This includes over 25 different templates (corporate or health law deal rooms, due diligence rooms,

Receive

Send

Store

eFax

Receive

Send

Store

Enforced E-Mail Encryption

Receive

Send

Store

Encrypted Extranet

Receive

Send

Store

Made with