5 tech policies law firms should consider to prep for job departures
A St. Louis managing partner recently found a note on his desk when he returned from lunch, informing him that five lawyers had left his firm. Not all departures are that dramatic, but unless a firm expects and has experience with lawyer transitioning, the process is not likely to be a smooth one, especially where technology is involved.
Lawyers routinely advise clients to create employee manuals, have technology policies, and put in place checklists and procedures to cover these kinds of occurrences. But many firms do a poor job of following their own advice. Common responses to the technology issues raised by a departing lawyer or employee can be ad hoc, chaotic and woefully incomplete, raising more problems than the firm solves. It obviously makes great sense to have technology transition policies and procedures in place, given the proliferation of portable devices. Let’s look at some of the key concerns you’ll want to address:
• You will want to act quickly on restricting or limiting Internet access. A good first step would be to eliminate the existing user account and create a temporary account with limited rights and access to only necessary resources and actions. Even if you trust the departee, lax security practices by one person can expose your whole network. Consider whether other users should change their passwords. Will you require smartphones and other devices to be turned in immediately?
• Make a determination about whether an email account can be retained, perhaps with supervision, or whether email should be redirected to an account where it can be held and screened. What documents can be copied or downloaded? If you use cloud-based services for case management or other purposes, should access be taken away or restricted?
• Get a list of all hardware, software and services the departing person uses, as well as a list of documents, directories and other data the person has stored or used. It’s especially important to find out what templates, documents and the like have been copied, forwarded or downloaded, especially if a lawyer leaves to go to a competitor.
• In some cases, you might want to hire a computer forensics consultant or an IT consultant to determine what the departing person has done before leaving, especially if sensitive client data is involved or you have concerns about what the person might have taken.
• And are there unique technology concerns you must address? One example is disclosure of passwords for services or documents. Many people keep copies of personal documents and photos on their work computers. How will you deal with that? What happens if the departing person wants to keep or won’t return a laptop computer? Is information subject to a litigation hold involved?
I spoke with a savvy small-firm lawyer who handles the technology issues immediately after a departure. He gets the issues resolved, documents them, and gets appropriate releases and agreements. If necessary, he updates the firm’s policies and procedures.
Compare these procedures to the ones you have now or you might wish you had when the time comes.
Dennis Kennedy is a St. Louis-based legal technology writer and information technology lawyer.
