Category: Records Management and Retention

Managing the Mountain of Paper: Records Management in the Law Firm

Perhaps the thorniest issue faced by attorneys is what to do with client’s files for matters that have been concluded and closed.  Attorneys are looking for ways to minimize storage requirements, while at the same time protecting their client’s confidential documents, and also … READ MORE

Social Media Policies: The Impact On Your Practice

With the rapid rise in the use of social media both professionally and personally, the challenges become huge to preserve possible evidence. From text
messages on individual cell phones, to videos on YouTube, to  READ MORE


Best Practices For File Closing and Destruction

Many of you are scratching your head and wondering about all the files which have accumulated over years of practice.  Some of you have 50 years of files.  Or a basement, attic, and garage already filled with box after box of files.  What about them?  If you decide to do electronic storage, do you have to go back and purge and scan all those files?  Heck no!!!  READ MORE

Records Management for Personal Stuff

Another great post by Patti Spencer, Esquire details which personal records you should keep permanently.  If you tend to hoard more than you should, maybe this will enable you to throw some things away without worry.  Read “What To Keep and What to Throw Away (Part Two of Two)”.

The Run For The Door

We’ve all heard stories, watched it in action, or been in the middle of what I refer to as The Run For The Door — the point at which partners determine their firm no longer has sufficient mass to cover overhead and debt, and the mass exodus begins.  Those who move too slow are left to turn off the lights, and are often left holding the proverbial bag.  It’s an ugly thing to watch.  In some cases it’s led to some undesirable career detours.  In some cases it’s led to the loss of a special culture.

Let’s be frank.  Partners with a good reputation and solid book of business always land on their feet.  In fact, just rumors that a firm may be experiencing difficulty, even if only temporary, is seen as an opportunity by other firms; often leading to a sharp increase in activity by competitors who attempt to lure away some of the best and brightest.  When some of those recruiting efforts result in departures, even if only of a few key rainmakers, it can easily trigger “The Run” as remaining partners, particularly top earners, become concerned about the impact on their future compensation.

Such is the case with Howrey.  It’s partners voted on Wednesday, March 9th, to dissolve effective March 15th.  The vote required a supermajority of 85% of partner shares to carry the vote for dissolution.  The story appeared in AmLaw Daily.

’”Once you lose a certain mass, you just can’t get it back,” one partner says. “It’s just a matter of days right now.” Adds the second partner: “I did it with a heavy heart, but if we don’t vote for formal dissolution, if you think it’s chaos now, it’s just going to turn into a disaster. You don’t want it to be a situation where the last person turns out the lights.”

According to the article, the firm has seen more than 140 partners depart since April 2010.  They were smart enough to recognize the stampede was well underway, and take the vote which would insure the least damage for those still at the firm.  Hopefully, this will not be one of those failures which leaves creditors in hot pursuit, and generates lawsuits from and between former partners.

From time to time I advise firms about to draft partnership or shareholder agreements.  There are a number of the subjects I always have to put squarely on the table for discussion, and it always makes the principals squirm.  I do it because I know it’s necessary.  What are those subjects?

  1. Termination of partners.  Exactly what can trigger involuntary termination?  Arrest?  Conviction?  Public embarrassment to the firm?  Damage to the firm’s reputation?  Lapse in fiduciary responsibility?  If termination is to be considered, how realistic is a 100% vote to get the job done?  What is more realistic?  What is a terminated partner entitled to, and should it be different from a partner who leaves voluntarily?
  2. Firm dissolution.  The obvious question regards the vote required to evoke dissolution.  But beyond that, there are a whole host of issues which should be addressed.  For example, I believe that purchase of an unlimited-duration Extended Reporting Period Endorsement (“the tail”) on the firm’s professional liability insurance policy should be required in the event of dissolution, and that all stakeholders who were part of the firm in the fiscal year of dissolution should be required to pay their prorata share of the cost.Records retention and management issues also come into play big time.  There will be enormous number of files which are closed, many of which will belong to clients no longer with the firm, and developed by lawyers long gone as well.  They cannot just be thrown in the trash. (Although there have been some pretty awesome stories from time to time about the frustrated few partners left to turn off the lights who, in frustration caused by former partners who wouldn’t help and didn’t care, actually did throw files in the trash.  Sanctions were always harsh.)   Someone has to remain the custodian of the files, oversee destruction when the proper retention period has tolled, ensure proper authorization has been received beforehand if any original or valuable client property remains in the file, and pay for storage until all files have been properly returned to clients or destroyed in accordance with ethical requirements and Rule 1.15 [Safekeeping Property].

These are but two areas of concern which can cause a great deal of  acrimony, and even disciplinary action, if not taken into consideration beforehand.  And there are many more.

My point?  No matter how large or small, any firm, except for a solo firm, can experience a “run for the door”.  Be prepared for that eventuality, as awful and remote a possibility as it may seem.  Otherwise, precisely at a time when you may be trying to start anew, your past may be holding you back by distracting you and consuming your valuable time with squabbles and lawsuits.


To return to the main page of the blog, click here.  To return to the blog  Index, click here.

Your Confidential Data and U.S. Border Crossings

This post is about an issue that wasn’t even on my radar screen until yesterday.  My colleague, Reid F. Trautz, director of the American Immigration Lawyers Association in Washington, D.C., sent a link to an article on Yahoo News entitled “NY Lawsuit Seeks to Halt Suspicionless Searches.”  The article relates that the American Civil Liberties Union, the New York Civil Liberties Union and the National Association of Criminal Defense Lawyers have filed the lawsuit on behalf of the National Press Photographers Association, criminal defense lawyers and a student: Pascal Abidor, a 26-year-old French-American citizen whose laptop computer was confiscated at the Canadian border.

The lawsuit is designed to change policies adopted by U.S. government agencies which permit the search of all electronic devices that “contain information,” including laptops, cameras, mobile phones, `smart’ phones and data storage devices.  It seems that the current policies, as written, do not require any probable cause at all before the data can be seized and searched.  Although the article provides a link which purports to take the reader to the location on the U.S. Department of Homeland Security web site which sets forth the policy, it doesn’t in fact take you anywhere useful.  I spent well over an hour searching and going through menus until I finally came across the actual web page where the relevant Directives on Border Searches of Electronic Media can be found.  They are found in two PDF documents.

The whole point is that lawyers, among others, carry a tremendous amount of confidential information on smartphones, laptops, and other devices.  You may not be aware that this information can be accessed at any U.S. border without reasonable cause, or for no cause at all.  Until the above-referenced lawsuit winds its way through the courts, you may want to rethink what you store on your media if you are crossing a U.S. border.

By the way, as I was wandering around the cyber-halls of the government site, I stumbled across a chilling document entitled “International Terrorism and Transnational Crime: Security Threats, U.S. Policy, and Considerations for Congress” which was published by the Congressional Research Service on March 10, 2010.  If you’re interested in this stuff, or just don’t want to sleep well for a few nights, give it a read.


To return to the main page of the blog, click here.  To return to the blog  Index, click here.

Only 16 Days Until the HITECH Act Goes into Effect

As promised, attorney Jennifer A. Stiller has posted her detailed blog post regarding the new “Health Information Technology for Economic and Clinical Health Act” – or “HITECH Act.”  You can read all the details here.


The new legal requirements apply to impacted firms effective February 17, 2010.  Chances are, if you represent doctors, hospitals, health insurance companies, and any other person or entity that is considered a “covered entity” under the HIPAA patient privacy rules, this applies to you.




To return to the main page of the blog, click here.  To return to the blog  Index, click here.


The Scary World of Penalties and Enforcement Under the New HIPAA-HITECH Law

This is the second guest post by health care attorney Jennifer A. Stiller.  My gratitude to Jenny for providing this additional information.  She will be posting a detailed follow-up article on this topic on her own web site.  I encourage you to read it.


On January 22, I wrote about the new HITECH Act, which as of February 17th  will make HIPAA business associates – such as law firms that represent healthcare clients – directly subject to federal penalties if they fail to meet certain obligations with regard to implementing safeguards to keep their clients’ patient information secure when stored or transmitted electronically.


And we should care because…?


In addition to expanding HIPAA obligations, the HITECH Act (known to the cognoscenti as “HIPAA on Steroids”) substantially increases enforcement penalties and activities.  Previously, there was no affirmative government enforcement of the HIPAA patient-privacy requirements – only the ability of the Department of Health & Human Services’ Office of Civil Rights (OCR) to investigate complaints. If a complaint revealed a violation, fines were limited to $100 per incident, with a maximum annual total of $25,000 for violations of the same requirement. Under HITECH –


·         Civil money penalties increased to as much as $50,000 per violation, up to $1.5 million per year.

·         Starting February 17, 2011, OCR is required to impose civil penalties if a violation is due to “willful neglect.”

·         OCR will keep the penalties, to be plowed back into enforcement activities.

·         OCR is directed to conduct periodic audits of covered entities and business associates to evaluate HIPAA compliance.


·         State attorneys general are granted authority to bring civil actions to enforce HIPAA.

·         The Government Accountability Office is directed to prepare a report by August 17, 2012 recommending a methodology by which affected individuals can share in penalties collected for HIPAA violations. Once implemented, this will increase individuals’ incentives to file privacy and security complaints, similar to the effect of the False Claims Act’s “whistle-blower” provisions.


Next week, I’ll publish a full article on my website explaining the duties the HITECH law imposes on business associates, effective February 17, 2010.  My appreciation to Ellen Freedman for providing me with an ability to use this forum to get the word out.




To return to the main page of the blog, click here.  To return to the blog  Index, click here.

New Duties to Protect Health Care Privacy Take Effect February 17, 2010

This is a guest post which was prepared by health care attorney Jennifer A. Stiller.  Thank you, Jenny, for taking the time to provide this information.  We are fortunate in that Jenny has agreed to provide another post, which will appear in another day or two.


Attorneys who represent doctors, hospitals, health insurance companies, and the like face new statutory obligations to take affirmative steps to ensure the privacy of their clients’ patient information when it is transmitted or stored electronically.  The new requirements, enacted as the “HITECH Act” portion of last year’s economic stimulus legislation, go into effect February 17, 2010.


Technically, many attorneys have already had such obligations under a “business associate” agreement with their healthcare industry clients, most of whom are “covered entities” under the HIPAA patient privacy regulations and as such, are required to enter into such an agreement with any non-employee who “provides … legal … services to or for such covered entity where the provision of the services involves disclosure of individually identifiable health information…” 45 C.F.R. § 160.103. 


But come February 17, there’s a new twist.  Whereas previously, if the law firm did not live up to its contractual obligations concerning how patient information was to be handled, the worst thing it would face would be being fired by its client and possibly a suit for breach of contract.  As of February 17, however, the law firm is directly liable to the federal government for having inadequate safeguards in place (regardless of whether private information is in fact compromised) – and the penalties for non-compliance can be stiff.




To return to the main page of the blog, click here.  To return to the blog  Index, click here.

New Ethics Opinion on File Management Issued by PBA

The latest newsletter by The Disciplinary Board of the Supreme Court of Pennsylvania advises of the issuance of a new opinion. The Committee on Legal Ethics and Professional Responsibility of the Pennsylvania Bar Association has issued Formal Opinion 2007-100 regarding “Client Files – Rights of Access, Possession, and Copying, along with Retention Considerations.”

This opinion examines the legal and ethical status of client files and records in light of Maleski v. Corporate Life Insurance Co., 163 Pa. Commw. 36, 641 A.2nd 1 (1994) and subsequent actions in other jurisdictions, along with newer considerations such as complicating factors arising from the use of email and electronic documents.

The Disciplinary Board of the Supreme Court of Pennsylvania has a brief synopsis posted to its site here. You can find the complete opinion here.

The opinion clarifies what constitutes the file, and particularly deals with the electronic information which constitutes part of the file, as well as lawyers’ notes and memoranda.


To return to the main page of the blog, click here. To return to the blog Index, click here.

WordPress Themes