Client Confidentiality While Working from Home
By Gerard Gosioco, State Bar of Nevada, Assistant Bar Counsel
There is no doubt that COVID-19 has changed the way we live. As a result, most people and businesses have implemented preventative measures to contain the spread of COVID-19, and phrases such as “social distancing” and “working from home” have become a norm in our daily lives. According to the Bureau of Labor Statistics, only 29 percent of Americans were able to work from home before the COVID-19 pandemic. Today, most employees have no choice but to work from home.
If you are like me, working from home has proven to be a significant adjustment. Although there are certain aspects of working from home I enjoy – only having to wear the upper half of a suit or calculating DPG (days per gallon) instead of MPG—the reality is that working from home may present several security risks. As such, lawyers working from home should be aware of these risks and should do everything in their power to ensure that any confidential information in their possession is protected.
Nevada Rule of Professional Conduct 1.6 states, in pertinent part, that a lawyer “shall not reveal information relating to representation of a client unless the client gives informed consent, the disclosure is impliedly authorized in order to carry out the representation,” or the disclosure is otherwise permitted under specifically enumerated exceptions.
While this is by no means an exhaustive list, here are some tips and tricks to help you get started:
Practice Safe Security
Compared to offices that have a staffed IT department that manages the Wi-Fi networks, employees’ home networks typically have weaker security protocols. Although companies can set up virtual private networks (VPNs) that extend an encrypted network into employees’ homes, many home networks could already be compromised with malware or hardware that can easily be exploited. If you are working from home, make sure everything on your computer is password protected, and if possible, refrain from working on personal devices.
Don’t Go Phishing
Phishing is widely recognized as one of the top causes of data breaches. Recently, hackers have been sending fake Zoom URLs and emails posing as the World Health Organization as part of their phishing scams. If you receive a suspicious email with an attachment, don’t open it. It’s as simple as that.
Loose Lips Sink Ships
It is important to remember that not all security risks come from electronic attacks. As the boundaries between work life and private life are breaking down, work talk should be limited to private places. When working from home, try to have a designated workspace and keep others away from it. Humans are naturally social beings, and employees like to talk. As such, we must be more cautious of what we share, where we share, and with whom. When possible, make sure that any conversation you have regarding confidential information is conducted in private. I, myself, have always personally followed this rule. The only time I make an exception to this rule is when I have conversations in front of my seven-month-old Husky. This exception exists because she is loyal and can’t repeat anything I say.