South Carolina BAR Journal
SC Lawyer, March 2012, #5.
Ethics of Virtual Law Practice
South Carolina LawyerMarch 2012Ethics of Virtual Law PracticeBy Stephanie Kimbro and Courtney KennadayMore law firms are beginning to deliver legal services to clients over the Internet through secure client portals. Using different web-based technologies, such as document automation and assembly, lawyers can collaborate with their clients and co-workers. Known as a "virtual" law practice, it can be structured in different ways depending on the firm's practice area and client base.
In a virtual practice, the client registers for a unique username and password to gain access to a secure client portal. Through that portal, the lawyer and client communicate-from the establishment of the attorney/client relationship to the rendering of legal services and online payment to the lawyer.
The technology that creates a virtual law office is called software as a service (SaaS) and is one form of so-called cloud computing. There are many different legal SaaS products on the market, but regardless of the technology chosen, the key component of a virtual law practice is a secure, encrypted client portal.
SET OFF IN BOX:
Examples of Virtual Law Firms in South Carolina
Frame Legal, www.framelegal.com
The Darby Law Office, PA, www.darbylawoffice.com
Travis Newton, PA, www.laptoplawfirm.com
Turner Vaught, www.turnervaughtlaw.com
Engaging in virtual law practice is no different than other forms of traditional legal service delivery when it comes to complying with rules of professional conduct. The lawyer must be careful to comply with S.C. Rules of Professional Conduct Rule 1.6 to protect the confidentiality of the client's data. Comment 18 of Rule 1.6 states a lawyer must take "reasonable precautions" when transmitting a communication that includes information relating to the representation of a client to prevent the information from coming into the hands of unintended recipients.
There are two ethical components of a virtual law practice: 1) the lawyer must conduct due diligence in researching both the technology vendor and the technology solution, and 2) after implementing the technology, the lawyer must establish daily best practices for the use of the technology in his/her law practice.
First, to conduct due diligence, the lawyer should thoroughly scrutinize the service level agreement (SLA) or user agreement provided by the technology vendor. The lawyer should ascertain the method by which the vendor will keep the lawyer's data confidential. Provisions to look for in the agreement include the vendor's confidentiality policy or practices, such as the extent of employee access to the data and under which circumstances the data would be accessed, if ever. The lawyer can also request to see a copy of the vendor's employee confidentiality agreement. In addition, the lawyer should ask about the vendor's policy regarding search and seizure actions. Is there a policy in place to notify the lawyer prior to handing over the data to law enforcement? Does the vendor carry insurance that covers data breaches? Will the lawyer be notified if there is ever a breach of the vendor's security system?
Second, lawyers should understand the process of transferring law office data from the lawyer to the technology provider, and then to the data center where the data is...