Quarter of law firms admit to “misplacing” confidential documents

Brought to you by our friends at Networks First

Almost a quarter of law firms in the UK have admitted to losing mobile devices containing confidential documents and information, according to the results of a new survey.

A top Data protection firm surveyed 100 legal firms throughout the UK and discovered that 24 per cent had misplaced at least one mobile device containing confidential documents. The results showed that data most at risk of being compromised included client information, contracts and case notes.

Out of those who admitted to losing a mobile device containing confidential information only 13 per cent said they were confident that the device could not be breached as it had security settings in place to protect against unauthorised access.

Over the past few years data has become a growing source of value for companies, considered on the balance sheet alongside other assets, and while data might not be an asset which law firms can put a price on the nature of their work means that they should be taking even more data protection cautions than businesses in other sectors.

Information breaches can seriously jeopardise cases, severely damage the level of trust that clients have in a legal firm and will also be a breach of the Data Protection Act 1998, which sets out rules that those handling the personal information of others must adhere to.

A naive approach to the protection of data was revealed by the survey, with more than 90 per cent of lawyers questioned believing that their information was protected by the use of a simple password, and four per cent admitting to not using any security measures at all.

Ex-hacker and security IT consultant Robert Schifreen described passwords as “inadequate”. “You can download cracking software from Google that can break the average password in less than 30 minutes,” he warned.

Data security should be an important focus for anyone working in the legal profession. Carrying client information, records, case files and contracts on a device with no encryption is unprofessional at best, and gives an incredibly negative message about a firm as a whole – would you trust a lawyer who acted so irresponsibly with private information about other people?

One of the key mistakes made over data protection is that the end user is often given too much responsibility or control. For data protection solutions to be truly secure they must be controlled by a central system or device, and they must have a warning system which quickly flags up attempted unauthorised access.

Data protection should be a top priority for all legal firms and any security measures should be backed up by comprehensive staff training on working safely with sensitive data.

About the Author: Peter Titmus

Having been an apprentice with GPO (now BT) Peter moved into the network industry where he has been for the last 35 years. After working for Racal Milgo, Motorola Codex and then Infotron, Peter and five of his colleagues founded Networks First where he is Chairman today.

Peter is passionate about innovation and strongly believes in technology such as ProductivityOne that allows companies to access, synchronise, share and control contacts, documents, calendars and task & note information securely and allows their staff to work in a much more flexible and effective way.

May 8, 2013 · Tim Kevan · Comments Closed
Posted in: Uncategorized