Issue link: http://read.uberflip.com/i/45522
"Exercise control over support service providers that have access to personal information." mechanisms in place to ensure that the lawyer's board member service does not conflict with existing duties to current and former clients. In many situations, conflicts that arise as a result of lawyers serving on boards of clients can be waived by the client. Usually as a condition to consent to waiver of conflict, it is expected that the lawyer/ board member will be screened from accessing client matter information for entities that are represented by the firm. DON'T FORGET ABOUT SUPPORT SERVICES Scanning hard copy documents has increased in firms as many legal teams prefer to manage matter information electronically. While some lawyers and secretaries do their own scanning, it is commonplace 38 Risky Business ILTA White Paper to delegate scanning tasks to either an internal or external office services department. Internal office services personnel will often scan hard copies and save those images to an open network drive. Depending upon the workflow and security measures established, these imaged documents may contain personal or confidential information that should be protected and made inaccessible to inappropriate parties within the firm. As stated earlier, there are several emerging privacy regulations to consider in these scenarios. Massachusetts 201 CMR 17:00 stipulates that email messages that contain personal information should be encrypted. HIPAA/HITECH also has provisions for protecting disclosure of personal health information (PHI). Both of these laws have breach notification