Subscriber Benefit
As a subscriber you can listen to articles at work, in the car, or while you work out. Subscribe NowEvery law firm owner is aware that outside actors can breach data and cause a host of problems. Hackers are the bogeyman in this situation. And so, much concern is spent over password management, encryption and email scams, including ransomware and phishing.
But to have a truly effective data security program, law firms also need to consider the access that internal staff enjoys. An undercovered segment of most data protection laws is that those laws also require that internal users only have access to the data that they need to have access to perform their jobs.
So ask yourself: Does your paralegal need access to your financial data? Must your bookkeeper have full access to your case files? For screening purposes, should certain lawyers be barred from viewing certain case files?
That’s just a smattering of potential queries you could make, but the overarching idea is that you should look at each person in your organization and ask what information each of those people needs access to.
Then, to ensure that your wishes are met, you’ll need to do some detective work and look at the roles and permissions options in your various software tools. Those options are getting more and more granular, beyond simply opting everyone in as an administrator and hoping for the best.
If you can align your data security requirements with your technology, you’re in business. (And, will likely stay in business.)
If you want to talk about the junction point between data security and technology applications, contact us today!
The Indy Bar offers FREE law practice management consulting services through Red Cave Law Firm Consulting.
To request a consult, visit the IndyBar law practice management consulting landing page and start running your law firm like a business.
Please enable JavaScript to view this content.