Informed consent and cloud computing

Tags:

Post on 14-Jun-2015

187 Views

Category:

Technology

2 Downloads

Preview:

Click to see full reader

DESCRIPTION

As online practice management solutions and cloud technology become increasingly prevalent, lawyers face the challenge of assuaging client concerns around the security and confidentiality of hosted online data. They also face the task of gaining informed consent from clients when using such tools for engagement and information management. How can lawyers implement and use secure communication tools, online client portals, and online practice management solutions while protecting themselves from the confidentiality rules that govern such technologies? Register now for this webinar with legal technology expert Chad Burton, who will go over salient facts that lawyers need to know when engaging with clients in the cloud, including: • State ethics opinions on using cloud computing vendors • Obtaining informed client consent • Common client concerns related to cloud computing

Transcript

Informed Consent & Cloud ComputingJoshua Lenon, esq.Clio – Practice Management Simplified

Cloud Computing Ethics Opinions

Traditional Computing Model

The Internet Local Area Network

Software-as-a-Service Model

The Internet Local Area Network

MODEL RULES OF PROFESSIONAL CONDUCT

6

Lawyers’Duties• Communication

• Respond to or acknowledge client communications• Diligence

• On behalf of your client• Competence

• Awareness of changes in the law & practice• Benefits and of relevant technology

• Continuity• Records retention

• Confidentiality

6

R. 1.6 - Confidentiality• Lawyers must make reasonable efforts to prevent the

inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.

• Exemptions exist• Disclosure is impliedly authorized in order to carry out

representation of the client’s interests• Duty extends to the use of nonlawyers assisting the lawyer• R. 5.3

Rules specifically allow lawyers to disclose confidential client

information with informed consent.

Informed Consent• “The agreement by a person to a proposed course of conduct

after the lawyer has communicated adequate information and explanation about the material risks of and reasonably available alternatives to the proposed course of conduct.”

• Affirmative Response is Required

• Written Affirmation NOT Required on Disclosing Confidential

Information

Informed Consent• Requirements• Lawyer must make reasonable efforts to inform• Client possesses information reasonably adequate to make an

informed decision • Reasonable Standard• Reasonably prudent and competent lawyer

• R. 1.0(H)

Reasonable and Cloud Computing

• Basic understanding of electronic protections afforded by technology

• Consultation with experts• Use providers that have • Reasonable security procedures • Understanding of lawyers’ professional obligations

Security Procedures• explicitly agrees that it has no ownership or security interest in the data;

• has an enforceable obligation to preserve security;

• will notify the lawyer if requested to produce data to a third party, and provide the lawyer with the ability to respond to the request before the provider produces the requested information;

• has technology built to withstand a reasonably foreseeable attempt to infiltrate data, including penetration testing;

• includes in its “Terms of Service” or “Service Level Agreement” an agreement about how confidential client information will be handled;

• provides the firm with right to audit the provider’s security procedures and to obtain copies of any security audits performed;

• will host the firm’s data only within a specified geographic area. If by agreement, the data are hosted outside of the United States, the law firm must determine that the hosting jurisdiction has privacy laws, data security laws, and protections against unlawful search and seizure that are as rigorous as those of the United States and Pennsylvania;

• provides a method of retrieving data if the lawyer terminates use of the SaaS product, the SaaS vendor goes out of business, or the service otherwise has a break in continuity; and,

• provides the ability for the law firm to get data “off” of the vendor’s or third party data hosting company’s servers for the firm’s own use or in-house backup offline.

Server Security

• How is sensitive information being handled?

TRUSTe – Privacy Policy

“TRUSTe’s program requirements are based

upon the Fair Information Principles and OCED

Guidelines around notice, choice, access,

security, and redress - the core foundations of

privacy and building trust. Sealholders are

required to undergo a rigorous review process

to assess the accuracy of privacy disclosures and

compliance with TRUSTe’s requirements in order

to obtain certification.”

Data Escrow

saas provider escrow provider

saas user

Conclusion

• Lawyers’ duty of confidentiality can be a mine field

• Reasonable efforts on the part of the lawyer are required to use any tool that may risk disclosure – including cloud computing

• Informed consent protect lawyers from misconduct claims

top related

Lampiran 1 Informed Consent - repository.maranatha.edu ·.....
Documents
k5 Informed Consent
Documents
What is Informed Consent: A Guide to Informed Consent
Law
Title: Obtaining Informed Consent from Research Subjects...
Documents
Informed consent process
Health & Medicine
Informed Consent Process “Boot Camp” · – Informed...
Documents
INFORMED CONSENT, INFORMED RESHUFAL, RECORD …
Documents
Informed Consent
Documents
Consent, Informed: Rethinking Informed Consent ...
Documents
INFORMED CONSENT FORM
Healthcare
Informed Consent Definition Why Should you Obtain Informed.....
Documents
Informed consent in emergency research – a contradiction.....
Documents
Informed Consent a...
Documents
Informed consent.2222
Documents
Module 3: Informed Consent. This training session contains.....
Documents
Informed Consent, Magister
Documents