Lawyers must take steps to protect sensitive paperwork, following a series of cases which have seen files lost or accidentally made public.
According to the Information Commissioner’s Office, there have been 15 complaints about solicitors and barristers in the last three months, and commissioner Christopher Graham reminded lawyers of their responsibilities to keep personal information secure under data protection rules.
He told the Telegraph: “The number of breaches reported by barristers and solicitors may not seem that high, but given the sensitive information they handle, and the fact that it is often held in paper files rather than secured by any sort of encryption, that number is troubling.” The commissioner was unable to reveal details of the 15 recent cases.
However in June the ICO investigated Oxfordshire County Council after a solicitor removed a number of documents from the office but had dropped these in a street near their home. The papers related to three child protection cases, and named 22 individuals.
Paul Doble, director at logistics firm DX, said: “It is a worrying sign when the Information Commissioner publicly warns lawyers to improve their data protection efforts, but one that is evidently needed. According to our research, 29 per cent of legal professionals have experienced an incident in which data security has been compromised in the last 12 months as a result of physical documents, and the same proportion as a result of email.
“The legal profession must ensure it has the necessary measures in place to stop these instances occurring. For physical documents, this means lawyers taking personal responsibility when they are in possession of such documents, and due diligence when it comes to appointing third party suppliers to transport these sensitive documents. Documents need to be transported in a secure manner by vetted professionals.
“Similarly, all electronic information needs to be encrypted to an acceptable standard – including emails – to ensure information isn’t put in the hands of someone it shouldn’t be. Secure, encrypted email services can take away the risk associated with emails being sent to the wrong person – something that 55 per cent of legal professionals have experienced. With irreparable reputational damage – not to mention significant fines for individual lawyers – at stake, this isn’t something that lawyers can afford to ignore.”
