When personal information is on a work computer

Lawyers often use their workplace computers for personal correspondence, email and other documents of a private nature. While this practice is not a problem in itself, some safeguards are helpful for the sake of privacy.

A law firm or other workplace usually has policies on who, within the workplace, are entitled to access other people’s computers and whether or not users of the computer system can have an expectation of privacy. Lawyers can take these policies into account, including whether their own personal information could be read inadvertently by others in the workplace.

But there are also circumstances in which a third party from outside the workplace may gain access to a computer hard drive or network drive and the information on it. This includes

  • a Law Society auditor charged with reviewing a lawyer’s books, records and accounts under Law Society Rules 3-79 or 4-43; and
  • the custodian of a law practice appointed under section 50 of the Legal Profession Act.

If personal information is co-mingled with practice information on a firm’s computer systems, the information might be seen by an auditor in the course of a review or by a custodian when dealing with the property of the law practice. Although most lawyers will not face these situations, they are worth noting.

A prudent step is to save personal information — and to archive personal email messages — to a medium other than the practice computer hard drive or network (such as to a CD or flash drive). Failing that, personal information can be saved in folders distinct from those containing the records of the practice and of clients. The latter step will not preclude authorized access, but may assist a lawyer in identifying and asserting a claim of confidentiality over personal records.

From a practical perspective, a lawyer who keeps personal information separate from practice records will also find it easier to “pack up” when moving to a new practice.