Various studies have been commissioned and reports published, the most recent at the beginning of March, raising concerns over a lack of clear information about the services provided by law firms and details of costs to enable consumers to make an informed choice about legal service providers. In response to the research, regulators are working on increasing the availability of data to consumers and conducting further research into costs transparency and first tier complaints.
Firms are being encouraged to be more innovative in the ways in which they provide legal services and innovation is necessary for law firms to stay competitive because there is increasing competition in the market place, clients have higher expectations and so firms need to find ways to maximise revenue and productivity whilst minimising costs but at the same time ensuring that they continue to provide the same high level of client care and service to differentiate themselves in the market from their competitors. Many firms are now exploring remote or agile working as a way of doing just that.
Those firms that have dipped their toes in the water of remote or agile working report:
- • Happier and more motivated staff which in turn leads to improved productivity and thus increased profitability for the firm;
- • Increased productivity often results in improved levels of client satisfaction which means that clients are more likely to return to the firm if / when they have a legal issue and to recommend a firm’s services to family, friends and business associates, again potentially increasing profitability;
- • Agile working often means reducing costs and overheads and enabling staff to work smarter, which is not necessarily longer, which results in increased productivity;
- • The firm maintains a robust and motivated workforce without continual recruitment costs and, of course, the workforce is a firm’s greatest asset!
Firms that have implemented remote working or are thinking about it need to consider their duties how they will mitigate or eliminate the risk associated with remote working – particularly around confidentiality and cyber-security.
The Codes of Conduct (SRA and CLC) require:
- • You must act in the best interests of each client;
- • Provide a proper standard of service to your clients;
- • Run your business effectively and in accordance with proper governance and sound financial and risk management principles;
- • Protect client monies and assets;
- • Keep affairs of clients confidential;
- • Consider risks to client confidentiality and how to mitigate those risks.
In addition, and from a management perspective, the Codes require that you:
- • Have effective systems and controls;
- • Identify, monitor and manage risks;
- • Have adequate systems for supervising client matters to include regular checking of quality of work by suitable competent and experienced people;
- • Have clear and effective governance structures and reporting lines;
- • Comply with legislation applicable to your business including … Data Protection legislation.
In addition, under the current Data Protection legislation you have a responsibility to protect personal information that you and your firm collect and use and to ensure that appropriate security measures are in place to prevent it being accidentally or deliberately compromised. Failure to do so is likely to result in a significant fine and reputational damage to the firm.
So, what are the risks?
There are many – but they are manageable! Below are a few to consider before you allow staff to work remotely.
- • Mobile ‘phones – does the individual have access to their work emails on their personal mobile phone and, if so, do they have the necessary anti-virus software installed, is it password protected, do you have the facility to either remotely disable or wipe the content of the mobile ‘phone if it is lost or stolen?
- • Computers / lap-tops – does the device to be used have the following:
- • Sufficiently robust firewalls and virus checker;
- • Is the operating system set up to receive automatic updates;
- • Are the latest patches or security updates downloaded to cover vulnerability;
- • Anti-spyware / malware protection installed;
- • Regular back-ups of work;
- • Encryption – full disk encryption or file encryption for confidential information;
- • Password policy – is device password protected, strong password required, changed regularly.
- • Wifi – is the remote worker operating over a secured, as opposed to an open Wifi;
Human / Paper Risks:
- • Seniority of individual working from home – trust and accountability is key for successful remote working.
- • Paper files – consider the following:
- • log in / log out system
- • Transporting paper files or client papers home – from carrying them with a name on the outside of the file to leaving them on the bus or train on the way home, leaving them in your briefcase in the luggage rack on the train to leaving them in the boot of your car whilst you nip to the supermarket or corner shop for some milk or collect the children from nursery on the way home.
- • Shredding of working papers – what do you do with scraps of paper that you jot client details down on to draft letters that need amendment – shred at home – shredding complies with the firm’s requirements?
- • Home security – how are files / papers stored – locked cabinet, locked office – who has access to the office?
- • Printing at home – potential risk.
- • Headed Paper – Do you allow headed paper to be taken off the premises?
- • PII insurance – check requirements, similarly cyber insurance;
- • Policies relevant to agile working – email, internet usage, information management & Security, Data Protection, Cyber-Security, Remote Workers.
Some key considerations around client confidentiality for meetings with clients away from the office:
- • Are you in an area where other people can hear your conversation – potential breach of confidentiality? What if you are seeing a witness and he / she is talking and can be overheard?
- • Screen confidentiality – can members of the public see what is on your laptop – almost everyone has a mobile ‘phone and can take a photograph of your screen without you knowing!
- • Don’t leave your laptop – if you need to nip to the toilet;
- • Talking loudly on the train with colleagues or a client – breach of confidentiality.
Prior to agreeing to an agile working request – an individual should be asked to complete a self-assessment risk form which details all the issues above and confirms adherence to all of your policies and procedures which relate to any aspect of remote working, which is signed by the individual to confirm his / her agreement.
Remote working has many benefit for clients, staff members and for the firm and, properly managed and risk assessed, is just one way in which firms can work innovatively and stay competitive in an increasingly competitive market.