Meeting Data Privacy Compliance in 50 States with the Cloud
Law is a highly regulated industry. While the medical industry has the advantage of a national regulatory scheme (e.g., HIPAA), regulation of the legal industry consists of a patchwork of 50 sets of state rules. It was just as challenging for LegalZoom to manage compliance across varying geographies within the United States as it is for multinational organizations managing requirements in different countries.
Furthermore, the psychographic profile of the average attorney is highly averse to risk. As a result, technology companies that want to develop a user base from the legal profession must study these rules and incorporate them into the earliest stages of the product design process.
One of the most prominent branches of regulation must deal with the “attorney-client relationship.” Once an attorney-client relationship has begun, all private communications between the attorney and client are subject to the strictest of confidence.
“Client-attorney confidentiality is a requirement that simply must not be breached,” said Richard Komaiko, Chief Executive Officer of LegalZoom Local. “If attorneys are caught violating the confidence of their clients, or using a tool that fails to protect confidence, and the incident is reported to the bar, they could be disbarred immediately. Unlike many industries, there is often no second chance.”
Thankfully, each of the 50 states has offered some guidance about how this confidence is to be honored in the age of cloud computing. As an industry leader seeking to demonstrate best practices, the engineering team at LegalZoom Local recently completed an overhaul of its architecture with a focus on ensuring the confidentiality of hosted communications