Large stack of files

How law firms can protect their most sensitive paper records against data compromise

by Stephanie Kurtz
 
 With all the headlines about hackers and the theft of digital data, the security of paper records often is given short shrift.

But, paper left unsecured gives thieves an easy way to steal sensitive information. In fact, one in five security incidents1 of which law firm BakerHostetler advised in 2014 involved paper records.

That’s why it’s critical that information governance and document retention policies cover paper as well as electronic documents. For paper specifically, it’s important that the policy spells out how to track where documents are stored, for how long and how they are secured. 

 

Storing your paper documents

Do you know where all of your paper documents are located? Do you have security policies such as sign-in procedures at those facilities? Since cybersecurity is a huge focus, it’s easy to become lax about this area of information governance.

However, through my consulting experience, I’ve seen that in 20 percent of the instances when an attorney requests a box from a document storage facility, that box cannot be located. In an industry where access to the right information could make the difference in winning a matter, that’s an astounding statistic. A firm can get in big trouble if it can’t quickly produce all the documents demanded by a discovery motion.

In addition, matters often involve highly valuable and confidential information. For example, paper documents may include information on the intellectual property of a company. If paper schematics or drawings are in storage, it’s easy for someone to slip a folder into their briefcase and leave. Without a tracking process, how would you know? 

Preparing for the unknown

Another challenge with physical documents is that the possibility of destruction from natural disasters. Hard copy documents that require retention should always be scanned and back-file converted.

Hurricane Katrina was a great reminder of the importance of scanning documents for digital storage.

Hurricane Katrina was great reminder of the importance of scanning documents for digital storage. I learned this lesson first-hand while working for a company in New Orleans. Their digital information was backed up and available from a remote server within 48 hours after the hurricane. But, the paper contracts that were in file cabinets and boxes sat in four feet of water for over two weeks. Although it took thousands of hours to recreate those lost documents, I considered us lucky that we could reproduce them. Many organizations wouldn’t know where to start or even be able to identify what documents were lost.

To avoid these problems, make sure your document retention policy covers paper and is updated at least twice a year. The policy should clearly state what should be stored and where, the length of storage, security controls, disaster recovery plans and detailed destruction policies. In addition, make sure to include a process by which important paper documents are scanned, converted and digitally stored

Recommended for you

hand dialing keypad on phone Article: Can your office phones be hacked? Internet-connected work phones pose the same security risks as your computers
dictionary definition of hacking Article: 11 essential hacking terms The types of threats and hacking terms that are impacting business security
First level review case study thumbnail image. Case Study: First Level Review Expediting document review for a data breach
 
1  "The BakerHostetler Data Security Incident Response Report 2015." bakerlaw.com. 2015. https://www.bakerlaw.com/files/uploads/Documents/Data Breach documents/BakerHostetler-Data-Security-Incident-Response-Report-2015.pdf 
 
Cookie Policy

Ricoh uses data collection tools such as cookies to provide you with a better experience when using this site.
You can learn how to change these settings and get more information about cookies here.

Close Chat
HelpChoose A Topic