Keeping Your Clients’ Data Safe
March 4, 2009
We all know that it’s important to protect sensitive information, but with so much information these days stored in our computers (in files, databases, emails, etc.), it can be hard to know how to protect these digital files adequately. In this article, we’re going to talk about easy steps you can take to protect sensitive client information – client’s names, Social Security or Tax ID numbers, etc. – and the documents that may contain such information.
With the increasingly worrisome trend of “identity theft” (which might be more accurately described as “identity fraud”), comes the need to take steps to reduce the risk of personal information being stolen and used fraudulently. Many states (including Massachusetts) have or are beginning to pass laws to address this issue – but ultimately, if you take and store this sort of information, the responsibility for protecting it is on you.
First off, it’s worth knowing what sort of personal information might be saved, and where on your computer it is saved:
- TurboLaw Document Software stores client’s names, addresses, and in some cases, Social Security or Tax ID numbers. This information is stored both in TurboLaw’s database file and in any document or form you create that calls for that information.
- TurboLaw Time and Billing, on the other hand, does not ask for any personal information beyond a client’s name and address.
So, what can you do to protect this information? There are many different ways you can protect information, but here are some of the simplest:
Using Microsoft Window’s own Solution
Microsoft Windows itself has something built-in that can help you. Windows (2000 or later) has a feature called the Encrypting File System. This feature allows you to “encrypt” files on your computer, so that if your computer is (for example) stolen, the person who stole it won’t be able to read the encrypted files.
Below are two articles which describe how to use this feature and some “best practices” for using it:
- How to encrypt a file in Windows XP (the method described is similar in Windows 2000 and Windows Vista)
- Bets practices for the Encrypting File System
- It is worth noting that this method of protecting your files is only as strong as the password you use on your computer – if you don’t use a password, or if you use a simple, short password, then your files will not be very secure. A full discussion of choosing a good password is beyond the scope of this article, but you can read some tips and suggestions in this article: Strong Passwords: How to create and use them.
Knowing this, and knowing that you can click the “View” menu in TurboLaw and choose “TurboLaw Status” to see where TurboLaw is currently saving your database and case documents, you can encrypt that folder (as well as any other folders on your computer where you store documents that might contain sensitive information) and know that your data is protected.
Other Solutions
There might be reasons why you wouldn’t want to use Microsoft Windows’ own solution. Fortunately, other solutions are available (although they are a little bit more technical).
For example, you might use software such as TrueCrypt to encrypt an entire disk on your computer – or create a “virtual” disk which is also encrypted.
Another option is to store your data on a USB flash drive which comes with encryption options (similar to TrueCrypt).
Final Thoughts
If you have an in-house IT department (or an arrangement with an IT provider or firm), we would generally recommend that you speak to them for advice on how to secure sensitive client data on your computers.
However, if you are a small firm or a solo practitioner, the tips provided above will help you be more proactive about protecting the sensitive information that is increasingly stored on your computer.
Related articles:
Comments
Got something to say?
Subscribe
