SlideShare uma empresa Scribd logo

Informed consent and cloud computing

Transferir como PPTX, PDF
Clio - Cloud-Based Legal Technology
Clio - Cloud-Based Legal Technology

As online practice management solutions and cloud technology become increasingly prevalent, lawyers face the challenge of assuaging client concerns around the security and confidentiality of hosted online data. They also face the task of gaining informed consent from clients when using such tools for engagement and information management. How can lawyers implement and use secure communication tools, online client portals, and online practice management solutions while protecting themselves from the confidentiality rules that govern such technologies? Register now for this webinar with legal technology expert Chad Burton, who will go over salient facts that lawyers need to know when engaging with clients in the cloud, including: • State ethics opinions on using cloud computing vendors • Obtaining informed client consent • Common client concerns related to cloud computing

TecnologiaNegócios
1 de 16
Informed Consent & Cloud Computing Joshua Lenon, esq. Clio – Practice Management Simplified
Cloud Computing Ethics Opinions
Traditional Computing Model The Internet Local Area Network
Software-as-a-Service Model The Internet Local Area Network
MODEL RULES OF PROFESSIONAL CONDUCT
Lawyers’Duties • Communication • Respond to or acknowledge client communications • Diligence 6 • On behalf of your client • Competence • Awareness of changes in the law & practice • Benefits and of relevant technology • Continuity • Records retention • Confidentiality 6
R. 1.6 - Confidentiality • Lawyers must make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client. • Exemptions exist • Disclosure is impliedly authorized in order to carry out representation of the client’s interests • Duty extends to the use of nonlawyers assisting the lawyer • R. 5.3
Rules specifically allow lawyers to disclose confidential client information with informed consent.
Informed Consent • “The agreement by a person to a proposed course of conduct after the lawyer has communicated adequate information and explanation about the material risks of and reasonably available alternatives to the proposed course of conduct.” • Affirmative Response is Required • Written Affirmation NOT Required on Disclosing Confidential Information
Informed Consent • Requirements • Lawyer must make reasonable efforts to inform • Client possesses information reasonably adequate to make an informed decision • Reasonable Standard • Reasonably prudent and competent lawyer • R. 1.0(H)
Reasonable and Cloud Computing • Basic understanding of electronic protections afforded by technology • Consultation with experts • Use providers that have • Reasonable security procedures • Understanding of lawyers’ professional obligations
Security Procedures • explicitly agrees that it has no ownership or security interest in the data; • has an enforceable obligation to preserve security; • will notify the lawyer if requested to produce data to a third party, and provide the lawyer with the ability to respond to the request before the provider produces the requested information; • has technology built to withstand a reasonably foreseeable attempt to infiltrate data, including penetration testing; • includes in its “Terms of Service” or “Service Level Agreement” an agreement about how confidential client information will be handled; • provides the firm with right to audit the provider’s security procedures and to obtain copies of any security audits performed; • will host the firm’s data only within a specified geographic area. If by agreement, the data are hosted outside of the United States, the law firm must determine that the hosting jurisdiction has privacy laws, data security laws, and protections against unlawful search and seizure that are as rigorous as those of the United States and Pennsylvania; • provides a method of retrieving data if the lawyer terminates use of the SaaS product, the SaaS vendor goes out of business, or the service otherwise has a break in continuity; and, • provides the ability for the law firm to get data “off” of the vendor’s or third party data hosting company’s servers for the firm’s own use or in-house backup offline.
Server Security
TRUSTe – Privacy Policy • How is sensitive information being handled? “ TRUSTe ’ s program requirements are based upon the Fair Information Principles and OCED Guidelines around notice, choice, access, security, and redress - the core foundations of privacy and building trust. Sealholders are required to undergo a rigorous review process to assess the accuracy of privacy disclosures and compliance with TRUSTe’s requirements in order to obtain certification.”
Data Escrow saas provider escrow provider saas user
Conclusion • Lawyers’ duty of confidentiality can be a mine field • Reasonable efforts on the part of the lawyer are required to use any tool that may risk disclosure – including cloud computing • Informed consent protect lawyers from misconduct claims

Recomendados

The Impact of Cloud: Cloud Computing Security and Privacy
The Impact of Cloud: Cloud Computing Security and PrivacyThe Impact of Cloud: Cloud Computing Security and Privacy
The Impact of Cloud: Cloud Computing Security and PrivacyCharles Mok
 
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...Cyber security for the regulator and regulated - Ontario Regulatory Authorit...
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...Dan Michaluk
 
Procurement Of Software And Information Technology Services
Procurement Of Software And Information Technology ServicesProcurement Of Software And Information Technology Services
Procurement Of Software And Information Technology ServicesPeister
 
Data Security
Data SecurityData Security
Data Securityankita_kashyap
 
Data Confidentiality, Security and Recent Changes to the ABA Model Rules
Data Confidentiality, Security and Recent Changes to the ABA Model RulesData Confidentiality, Security and Recent Changes to the ABA Model Rules
Data Confidentiality, Security and Recent Changes to the ABA Model Rulessaurnou
 
GDPR – Data Portability
GDPR – Data PortabilityGDPR – Data Portability
GDPR – Data PortabilityBusola Awani
 
Cyber Liability Coverage in the Marketplace with Dan Cotter
Cyber Liability Coverage in the Marketplace with Dan CotterCyber Liability Coverage in the Marketplace with Dan Cotter
Cyber Liability Coverage in the Marketplace with Dan CotterButlerRubin
 
The internet as a corporate security resource
The internet as a corporate security resourceThe internet as a corporate security resource
The internet as a corporate security resourceDan Michaluk
 

Recomendados

The Impact of Cloud: Cloud Computing Security and Privacy
The Impact of Cloud: Cloud Computing Security and PrivacyThe Impact of Cloud: Cloud Computing Security and Privacy
The Impact of Cloud: Cloud Computing Security and PrivacyCharles Mok
 
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...Cyber security for the regulator and regulated - Ontario Regulatory Authorit...
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...Dan Michaluk
 
Procurement Of Software And Information Technology Services
Procurement Of Software And Information Technology ServicesProcurement Of Software And Information Technology Services
Procurement Of Software And Information Technology ServicesPeister
 
Data Security
Data SecurityData Security
Data Securityankita_kashyap
 
Data Confidentiality, Security and Recent Changes to the ABA Model Rules
Data Confidentiality, Security and Recent Changes to the ABA Model RulesData Confidentiality, Security and Recent Changes to the ABA Model Rules
Data Confidentiality, Security and Recent Changes to the ABA Model Rulessaurnou
 
GDPR – Data Portability
GDPR – Data PortabilityGDPR – Data Portability
GDPR – Data PortabilityBusola Awani
 
Cyber Liability Coverage in the Marketplace with Dan Cotter
Cyber Liability Coverage in the Marketplace with Dan CotterCyber Liability Coverage in the Marketplace with Dan Cotter
Cyber Liability Coverage in the Marketplace with Dan CotterButlerRubin
 
The internet as a corporate security resource
The internet as a corporate security resourceThe internet as a corporate security resource
The internet as a corporate security resourceDan Michaluk
 
Sensitive data
Sensitive dataSensitive data
Sensitive dataS.M. Towhidul Islam
 
Cloud computing in Australia - Separating hype from reality
Cloud computing in Australia - Separating hype from realityCloud computing in Australia - Separating hype from reality
Cloud computing in Australia - Separating hype from realityRussell_Kennedy
 
Ilta 2011 balancing km with data privacy facilitated by dave cunningham aug...
Ilta 2011 balancing km with data privacy facilitated by dave cunningham aug...Ilta 2011 balancing km with data privacy facilitated by dave cunningham aug...
Ilta 2011 balancing km with data privacy facilitated by dave cunningham aug...David Cunningham
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full pptShahbaz Khan
 
Is it time for an IT Assessment?
Is it time for an IT Assessment?Is it time for an IT Assessment?
Is it time for an IT Assessment?Raffa Learning Community
 
Cloud: Should I Stay or Should I Go?
Cloud: Should I Stay or Should I Go?Cloud: Should I Stay or Should I Go?
Cloud: Should I Stay or Should I Go?Marcelo Martins
 
Data lake protection ft 3119 -ver1.0
Data lake protection ft 3119 -ver1.0Data lake protection ft 3119 -ver1.0
Data lake protection ft 3119 -ver1.0Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
Wayne richard - pia risk management - atlseccon2011
Wayne richard - pia risk management - atlseccon2011Wayne richard - pia risk management - atlseccon2011
Wayne richard - pia risk management - atlseccon2011Atlantic Security Conference
 
Keeping Control: Data Security and Vendor Management
Keeping Control: Data Security and Vendor ManagementKeeping Control: Data Security and Vendor Management
Keeping Control: Data Security and Vendor ManagementPaige Rasid
 
Centrifuge Systems Overview
Centrifuge Systems OverviewCentrifuge Systems Overview
Centrifuge Systems OverviewRuss Holmes
 
2016 02-04-gingell-iot
2016 02-04-gingell-iot2016 02-04-gingell-iot
2016 02-04-gingell-iotgingell
 
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & PrivacyDo You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & PrivacyButlerRubin
 
Data Privacy & Security
Data Privacy & SecurityData Privacy & Security
Data Privacy & SecurityEryk Budi Pratama
 
Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Dan Michaluk
 
Privacy Impact Assessment Management System (PIAMS)
Privacy Impact Assessment Management System (PIAMS) Privacy Impact Assessment Management System (PIAMS)
Privacy Impact Assessment Management System (PIAMS) The Canton Group
 
Moving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionMoving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionBlackbaud
 
Managing Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebManaging Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebBoyd Neil
 
Technology & Life Science Practice, FailSafe Overview
Technology & Life Science Practice, FailSafe OverviewTechnology & Life Science Practice, FailSafe Overview
Technology & Life Science Practice, FailSafe OverviewCary Adler
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Kimberly Simon MBA
 
Respond to the following in a minimum of 175 words security req
Respond to the following in a minimum of 175 words security reqRespond to the following in a minimum of 175 words security req
Respond to the following in a minimum of 175 words security reqSHIVA101531
 
Cloud Computing Legal Risks And Best Practices
Cloud Computing Legal Risks And Best PracticesCloud Computing Legal Risks And Best Practices
Cloud Computing Legal Risks And Best Practiceslisaabe
 
12 02-14 information security managers - unannotated
12 02-14 information security managers - unannotated12 02-14 information security managers - unannotated
12 02-14 information security managers - unannotatedwdsnead
 

Mais conteúdo relacionado

Mais procurados

Cloud computing in Australia - Separating hype from reality
Cloud computing in Australia - Separating hype from realityCloud computing in Australia - Separating hype from reality
Cloud computing in Australia - Separating hype from realityRussell_Kennedy
 
Ilta 2011 balancing km with data privacy facilitated by dave cunningham aug...
Ilta 2011 balancing km with data privacy facilitated by dave cunningham aug...Ilta 2011 balancing km with data privacy facilitated by dave cunningham aug...
Ilta 2011 balancing km with data privacy facilitated by dave cunningham aug...David Cunningham
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full pptShahbaz Khan
 
Cloud: Should I Stay or Should I Go?
Cloud: Should I Stay or Should I Go?Cloud: Should I Stay or Should I Go?
Cloud: Should I Stay or Should I Go?Marcelo Martins
 
Wayne richard - pia risk management - atlseccon2011
Wayne richard - pia risk management - atlseccon2011Wayne richard - pia risk management - atlseccon2011
Wayne richard - pia risk management - atlseccon2011Atlantic Security Conference
 
Keeping Control: Data Security and Vendor Management
Keeping Control: Data Security and Vendor ManagementKeeping Control: Data Security and Vendor Management
Keeping Control: Data Security and Vendor ManagementPaige Rasid
 
Centrifuge Systems Overview
Centrifuge Systems OverviewCentrifuge Systems Overview
Centrifuge Systems OverviewRuss Holmes
 
2016 02-04-gingell-iot
2016 02-04-gingell-iot2016 02-04-gingell-iot
2016 02-04-gingell-iotgingell
 
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & PrivacyDo You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & PrivacyButlerRubin
 
Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Dan Michaluk
 
Privacy Impact Assessment Management System (PIAMS)
Privacy Impact Assessment Management System (PIAMS) Privacy Impact Assessment Management System (PIAMS)
Privacy Impact Assessment Management System (PIAMS) The Canton Group
 
Moving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionMoving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionBlackbaud
 
Managing Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebManaging Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebBoyd Neil
 
Technology & Life Science Practice, FailSafe Overview
Technology & Life Science Practice, FailSafe OverviewTechnology & Life Science Practice, FailSafe Overview
Technology & Life Science Practice, FailSafe OverviewCary Adler
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Kimberly Simon MBA
 
Respond to the following in a minimum of 175 words security req
Respond to the following in a minimum of 175 words security reqRespond to the following in a minimum of 175 words security req
Respond to the following in a minimum of 175 words security reqSHIVA101531
 

Mais procurados (20)

Sensitive data
Sensitive dataSensitive data
Sensitive data
 
Cloud computing in Australia - Separating hype from reality
Cloud computing in Australia - Separating hype from realityCloud computing in Australia - Separating hype from reality
Cloud computing in Australia - Separating hype from reality
 
Ilta 2011 balancing km with data privacy facilitated by dave cunningham aug...
Ilta 2011 balancing km with data privacy facilitated by dave cunningham aug...Ilta 2011 balancing km with data privacy facilitated by dave cunningham aug...
Ilta 2011 balancing km with data privacy facilitated by dave cunningham aug...
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
 
Is it time for an IT Assessment?
Is it time for an IT Assessment?Is it time for an IT Assessment?
Is it time for an IT Assessment?
 
Cloud: Should I Stay or Should I Go?
Cloud: Should I Stay or Should I Go?Cloud: Should I Stay or Should I Go?
Cloud: Should I Stay or Should I Go?
 
Data lake protection ft 3119 -ver1.0
Data lake protection ft 3119 -ver1.0Data lake protection ft 3119 -ver1.0
Data lake protection ft 3119 -ver1.0
 
Wayne richard - pia risk management - atlseccon2011
Wayne richard - pia risk management - atlseccon2011Wayne richard - pia risk management - atlseccon2011
Wayne richard - pia risk management - atlseccon2011
 
Keeping Control: Data Security and Vendor Management
Keeping Control: Data Security and Vendor ManagementKeeping Control: Data Security and Vendor Management
Keeping Control: Data Security and Vendor Management
 
Centrifuge Systems Overview
Centrifuge Systems OverviewCentrifuge Systems Overview
Centrifuge Systems Overview
 
2016 02-04-gingell-iot
2016 02-04-gingell-iot2016 02-04-gingell-iot
2016 02-04-gingell-iot
 
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & PrivacyDo You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
 
Data Privacy & Security
Data Privacy & SecurityData Privacy & Security
Data Privacy & Security
 
Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?
 
Privacy Impact Assessment Management System (PIAMS)
Privacy Impact Assessment Management System (PIAMS) Privacy Impact Assessment Management System (PIAMS)
Privacy Impact Assessment Management System (PIAMS)
 
Moving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionMoving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting Introduction
 
Managing Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebManaging Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social Web
 
Technology & Life Science Practice, FailSafe Overview
Technology & Life Science Practice, FailSafe OverviewTechnology & Life Science Practice, FailSafe Overview
Technology & Life Science Practice, FailSafe Overview
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
Respond to the following in a minimum of 175 words security req
Respond to the following in a minimum of 175 words security reqRespond to the following in a minimum of 175 words security req
Respond to the following in a minimum of 175 words security req
 

Semelhante a Informed consent and cloud computing

Cloud Computing Legal Risks And Best Practices
Cloud Computing Legal Risks And Best PracticesCloud Computing Legal Risks And Best Practices
Cloud Computing Legal Risks And Best Practiceslisaabe
 
12 02-14 information security managers - unannotated
12 02-14 information security managers - unannotated12 02-14 information security managers - unannotated
12 02-14 information security managers - unannotatedwdsnead
 
Ethics and Security of Cloud Computing for Lawyers
Ethics and Security of Cloud Computing for LawyersEthics and Security of Cloud Computing for Lawyers
Ethics and Security of Cloud Computing for LawyersRobert Ambrogi
 
Cloud Computing Legal for Pennsylvania Bar Association
Cloud Computing Legal for Pennsylvania Bar AssociationCloud Computing Legal for Pennsylvania Bar Association
Cloud Computing Legal for Pennsylvania Bar AssociationAmy Larrimore
 
Rules of Professional Conduct and Cybersecurity presented by Accellis Technol...
Rules of Professional Conduct and Cybersecurity presented by Accellis Technol...Rules of Professional Conduct and Cybersecurity presented by Accellis Technol...
Rules of Professional Conduct and Cybersecurity presented by Accellis Technol...Accellis Technology Group
 
Contracting for Better Cybersecurity
Contracting for Better CybersecurityContracting for Better Cybersecurity
Contracting for Better CybersecurityShawn Tuma
 
Managed Service Provider Contracts
Managed Service Provider ContractsManaged Service Provider Contracts
Managed Service Provider ContractsWhitmeyerTuffin
 
Cloud and mobile computing for lawyers
Cloud and mobile computing for lawyersCloud and mobile computing for lawyers
Cloud and mobile computing for lawyersNicole Black
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Ontario Cloud SIG
 
Ethical Dangers of Technology in the Law Practice
Ethical Dangers of Technology in the Law PracticeEthical Dangers of Technology in the Law Practice
Ethical Dangers of Technology in the Law PracticeRobert Ambrogi
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)AltheimPrivacy
 
OCBA Cloud 9: Cloud Computing and Ethics for Florida Attorneys
OCBA Cloud 9: Cloud Computing and Ethics for Florida AttorneysOCBA Cloud 9: Cloud Computing and Ethics for Florida Attorneys
OCBA Cloud 9: Cloud Computing and Ethics for Florida AttorneysDaniel Whitehouse
 
Don't be a robot: You can't automate your ethical considerations
Don't be a robot: You can't automate your ethical considerationsDon't be a robot: You can't automate your ethical considerations
Don't be a robot: You can't automate your ethical considerationsNehal Madhani
 
Legal Issues Associated with Third-Party Cyber Risk
Legal Issues Associated with Third-Party Cyber RiskLegal Issues Associated with Third-Party Cyber Risk
Legal Issues Associated with Third-Party Cyber RiskShawn Tuma
 

Semelhante a Informed consent and cloud computing (20)

Cloud Computing Legal Risks And Best Practices
Cloud Computing Legal Risks And Best PracticesCloud Computing Legal Risks And Best Practices
Cloud Computing Legal Risks And Best Practices
 
12 02-14 information security managers - unannotated
12 02-14 information security managers - unannotated12 02-14 information security managers - unannotated
12 02-14 information security managers - unannotated
 
Ethics for lawyers in the cloud
Ethics for lawyers in the cloudEthics for lawyers in the cloud
Ethics for lawyers in the cloud
 
Ethics and Security of Cloud Computing for Lawyers
Ethics and Security of Cloud Computing for LawyersEthics and Security of Cloud Computing for Lawyers
Ethics and Security of Cloud Computing for Lawyers
 
Cloud Computing Legal for Pennsylvania Bar Association
Cloud Computing Legal for Pennsylvania Bar AssociationCloud Computing Legal for Pennsylvania Bar Association
Cloud Computing Legal for Pennsylvania Bar Association
 
Rules of Professional Conduct and Cybersecurity presented by Accellis Technol...
Rules of Professional Conduct and Cybersecurity presented by Accellis Technol...Rules of Professional Conduct and Cybersecurity presented by Accellis Technol...
Rules of Professional Conduct and Cybersecurity presented by Accellis Technol...
 
Contracting for Better Cybersecurity
Contracting for Better CybersecurityContracting for Better Cybersecurity
Contracting for Better Cybersecurity
 
Managed Service Provider Contracts
Managed Service Provider ContractsManaged Service Provider Contracts
Managed Service Provider Contracts
 
Cloud and mobile computing for lawyers
Cloud and mobile computing for lawyersCloud and mobile computing for lawyers
Cloud and mobile computing for lawyers
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloud
 
How can you improve cybersecurity at your law firm?
How can you improve cybersecurity at your law firm?How can you improve cybersecurity at your law firm?
How can you improve cybersecurity at your law firm?
 
Ethical Dangers of Technology in the Law Practice
Ethical Dangers of Technology in the Law PracticeEthical Dangers of Technology in the Law Practice
Ethical Dangers of Technology in the Law Practice
 
Does cloud technology belong at your law firm?
Does cloud technology belong at your law firm?Does cloud technology belong at your law firm?
Does cloud technology belong at your law firm?
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
 
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
 
Prepare Your Firm for GDPR
Prepare Your Firm for GDPRPrepare Your Firm for GDPR
Prepare Your Firm for GDPR
 
OCBA Cloud 9: Cloud Computing and Ethics for Florida Attorneys
OCBA Cloud 9: Cloud Computing and Ethics for Florida AttorneysOCBA Cloud 9: Cloud Computing and Ethics for Florida Attorneys
OCBA Cloud 9: Cloud Computing and Ethics for Florida Attorneys
 
Evaluating Legal Technology for Your Law Firm
Evaluating Legal Technology for Your Law FirmEvaluating Legal Technology for Your Law Firm
Evaluating Legal Technology for Your Law Firm
 
Don't be a robot: You can't automate your ethical considerations
Don't be a robot: You can't automate your ethical considerationsDon't be a robot: You can't automate your ethical considerations
Don't be a robot: You can't automate your ethical considerations
 
Legal Issues Associated with Third-Party Cyber Risk
Legal Issues Associated with Third-Party Cyber RiskLegal Issues Associated with Third-Party Cyber Risk
Legal Issues Associated with Third-Party Cyber Risk
 

Mais de Clio - Cloud-Based Legal Technology

Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...
Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...
Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...Clio - Cloud-Based Legal Technology
 
How Clio Customers Take a Stress-Free Summer: Streamlining Client Intake
How Clio Customers Take a Stress-Free Summer: Streamlining Client IntakeHow Clio Customers Take a Stress-Free Summer: Streamlining Client Intake
How Clio Customers Take a Stress-Free Summer: Streamlining Client IntakeClio - Cloud-Based Legal Technology
 
Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...
Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...
Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...Clio - Cloud-Based Legal Technology
 

Mais de Clio - Cloud-Based Legal Technology (20)

Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...
Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...
Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...
 
How Automating Client Intake Increases Client Confidence
How Automating Client Intake Increases Client ConfidenceHow Automating Client Intake Increases Client Confidence
How Automating Client Intake Increases Client Confidence
 
How Clio Customers Take a Stress-Free Summer: Streamlining Client Intake
How Clio Customers Take a Stress-Free Summer: Streamlining Client IntakeHow Clio Customers Take a Stress-Free Summer: Streamlining Client Intake
How Clio Customers Take a Stress-Free Summer: Streamlining Client Intake
 
2023 Legal Trends for Solo Law Firms
2023 Legal Trends for Solo Law Firms2023 Legal Trends for Solo Law Firms
2023 Legal Trends for Solo Law Firms
 
Increase Your Profits While Reducing Burnout
Increase Your Profits While Reducing BurnoutIncrease Your Profits While Reducing Burnout
Increase Your Profits While Reducing Burnout
 
90-Day Goal Setting for Legal Professionals
90-Day Goal Setting for Legal Professionals90-Day Goal Setting for Legal Professionals
90-Day Goal Setting for Legal Professionals
 
Insights from the 2022 Legal Trends Report - Slides.pdf
Insights from the 2022 Legal Trends Report - Slides.pdfInsights from the 2022 Legal Trends Report - Slides.pdf
Insights from the 2022 Legal Trends Report - Slides.pdf
 
How to Refine Your Law Firm Business Model
How to Refine Your Law Firm Business ModelHow to Refine Your Law Firm Business Model
How to Refine Your Law Firm Business Model
 
Legal Tech Roundup: Tools and Services Your Firm Needs in 2023
Legal Tech Roundup: Tools and Services Your Firm Needs in 2023Legal Tech Roundup: Tools and Services Your Firm Needs in 2023
Legal Tech Roundup: Tools and Services Your Firm Needs in 2023
 
2022 in Review: What's Working for Your Firm and What Isn't
2022 in Review: What's Working for Your Firm and What Isn't2022 in Review: What's Working for Your Firm and What Isn't
2022 in Review: What's Working for Your Firm and What Isn't
 
Watch How Family Lawyers Use Clio
Watch How Family Lawyers Use ClioWatch How Family Lawyers Use Clio
Watch How Family Lawyers Use Clio
 
Reclaim Your Time in 2023 with Clio’s Newest Features
Reclaim Your Time in 2023 with Clio’s Newest FeaturesReclaim Your Time in 2023 with Clio’s Newest Features
Reclaim Your Time in 2023 with Clio’s Newest Features
 
How to Grow a Law Firm_ From Startup to Success
How to Grow a Law Firm_ From Startup to SuccessHow to Grow a Law Firm_ From Startup to Success
How to Grow a Law Firm_ From Startup to Success
 
Customer Research: How to Gauge Client Satisfaction
Customer Research: How to Gauge Client SatisfactionCustomer Research: How to Gauge Client Satisfaction
Customer Research: How to Gauge Client Satisfaction
 
Cloud Software: The Key to Staff Success and Satisfaction
Cloud Software: The Key to Staff Success and SatisfactionCloud Software: The Key to Staff Success and Satisfaction
Cloud Software: The Key to Staff Success and Satisfaction
 
How to Generate New Business With Client Reviews
How to Generate New Business With Client ReviewsHow to Generate New Business With Client Reviews
How to Generate New Business With Client Reviews
 
Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...
Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...
Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...
 
Key Insights from the 2022 Legal Trends Report
Key Insights from the 2022 Legal Trends ReportKey Insights from the 2022 Legal Trends Report
Key Insights from the 2022 Legal Trends Report
 
Billing Week Stress to Collections Success Webinar.pdf
Billing Week Stress to Collections Success Webinar.pdfBilling Week Stress to Collections Success Webinar.pdf
Billing Week Stress to Collections Success Webinar.pdf
 
Streamline Your Court Interactions With Technology
Streamline Your Court Interactions With TechnologyStreamline Your Court Interactions With Technology
Streamline Your Court Interactions With Technology
 

Último

Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 

Último (20)

Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 

Informed consent and cloud computing

  • 1. Informed Consent & Cloud Computing Joshua Lenon, esq. Clio – Practice Management Simplified
  • 3. Traditional Computing Model The Internet Local Area Network
  • 5. MODEL RULES OF PROFESSIONAL CONDUCT
  • 6. Lawyers’Duties • Communication • Respond to or acknowledge client communications • Diligence 6 • On behalf of your client • Competence • Awareness of changes in the law & practice • Benefits and of relevant technology • Continuity • Records retention • Confidentiality 6
  • 7. R. 1.6 - Confidentiality • Lawyers must make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client. • Exemptions exist • Disclosure is impliedly authorized in order to carry out representation of the client’s interests • Duty extends to the use of nonlawyers assisting the lawyer • R. 5.3
  • 8. Rules specifically allow lawyers to disclose confidential client information with informed consent.
  • 9. Informed Consent • “The agreement by a person to a proposed course of conduct after the lawyer has communicated adequate information and explanation about the material risks of and reasonably available alternatives to the proposed course of conduct.” • Affirmative Response is Required • Written Affirmation NOT Required on Disclosing Confidential Information
  • 10. Informed Consent • Requirements • Lawyer must make reasonable efforts to inform • Client possesses information reasonably adequate to make an informed decision • Reasonable Standard • Reasonably prudent and competent lawyer • R. 1.0(H)
  • 11. Reasonable and Cloud Computing • Basic understanding of electronic protections afforded by technology • Consultation with experts • Use providers that have • Reasonable security procedures • Understanding of lawyers’ professional obligations
  • 12. Security Procedures • explicitly agrees that it has no ownership or security interest in the data; • has an enforceable obligation to preserve security; • will notify the lawyer if requested to produce data to a third party, and provide the lawyer with the ability to respond to the request before the provider produces the requested information; • has technology built to withstand a reasonably foreseeable attempt to infiltrate data, including penetration testing; • includes in its “Terms of Service” or “Service Level Agreement” an agreement about how confidential client information will be handled; • provides the firm with right to audit the provider’s security procedures and to obtain copies of any security audits performed; • will host the firm’s data only within a specified geographic area. If by agreement, the data are hosted outside of the United States, the law firm must determine that the hosting jurisdiction has privacy laws, data security laws, and protections against unlawful search and seizure that are as rigorous as those of the United States and Pennsylvania; • provides a method of retrieving data if the lawyer terminates use of the SaaS product, the SaaS vendor goes out of business, or the service otherwise has a break in continuity; and, • provides the ability for the law firm to get data “off” of the vendor’s or third party data hosting company’s servers for the firm’s own use or in-house backup offline.
  • 14. TRUSTe – Privacy Policy • How is sensitive information being handled? “ TRUSTe ’ s program requirements are based upon the Fair Information Principles and OCED Guidelines around notice, choice, access, security, and redress - the core foundations of privacy and building trust. Sealholders are required to undergo a rigorous review process to assess the accuracy of privacy disclosures and compliance with TRUSTe’s requirements in order to obtain certification.”
  • 15. Data Escrow saas provider escrow provider saas user
  • 16. Conclusion • Lawyers’ duty of confidentiality can be a mine field • Reasonable efforts on the part of the lawyer are required to use any tool that may risk disclosure – including cloud computing • Informed consent protect lawyers from misconduct claims

Notas do Editor

  1. First drafted in 1983 and adopted by 52 jurisdictions, the MRPC has guided the responsibilities and actions of lawyers for decades. These rules are designed to promote competence and diligence by lawyers in representing the interests of clients. Several duties are imposed on lawyers as part of these rules, including those of confidentiality.
  2. In the official comments associated with the rules creating the duty of confidentiality, the MRPC discusses some factors that can govern the reasonable efforts a lawyer must take to maintain confidentiality. These factors can include:the sensitivity of the information, the likelihood of disclosure if additional safeguards are not employed, the cost of employing additional safeguards, the difficulty of implementing the safeguards, and the extent to which the safeguards adversely affect the lawyer’s ability to represent clients.
  3. In order to consider a client informed, a lawyer must make reasonable efforts to ensure that the client or other person possesses information reasonably adequate to make an informed decision. Clients should be made aware of the material advantages and disadvantages of the proposed course of conduct and a discussion of the client's or other person's options and alternatives as part of informing the client. Lawyers must also promptly inform the client of any decision or circumstance with respect to which the client's informed consent.Model Rules of Prof'l Conduct R. 1.0 cmt. 6.Id.Model Rules of Prof'l Conduct R. 1.4(a)(1).Competency includes keeping abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology. In determining whether the information and explanation provided are reasonably adequate, relevant factors include whether the client or other person is experienced in legal matters generally and in making decisions of the type involved, and whether the client or other person is independently represented by other counsel in giving the consent.Model Rules of Prof'l Conduct R. 1.1 cmt. 8.Model Rules of Prof'l Conduct R. 1.0 cmt. 6.
  4. Pennsylvania Bar Association Committee On Legal Ethics And Professional Responsibility, “Ethical Obligations For Attorneys Using Cloud Computing/ Software As A Service While Fulfilling The Duties Of Confidentiality And Preservation Of Client Property.” (Formal Opinion 2011-200).