Germer Gertz Improves Productivity with Secure Document Delivery

Most importantly, sending medical records and documents via e-mail can cause compliance issues with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Act, which protects individuals' personal health information, requires entities handling that information to ensure it is secure when stored, delivered or shared. In 2009, HIPAA compliance was extended to associates of healthcare providers, including law firms. If an organization breaches HIPAA compliance, it is open to steep fines, public notification of the breach, and other stiff penalties.

In order to electronically secure medical information and patients' records, they must be encrypted both at rest and in transit, sent only to authenticated recipients, and be able to demonstrate recall capabilities if misaddressed. Since e-mail doesn't conform completely to these basic security parameters, sending medical information through it can lead to noncompliance concerns. This wasn't an option for Germer Gertz.

Increasing Administrative Burden

Germer Gertz has more than 60 attorneys in Austin, Houston and Beaumont, TX. The firm focuses on diverse practice areas including class action, employment, healthcare, insurance, personal injury and pharmaceutical. The firm is committed to providing the highest level of security for its clients' information while also ensuring that lawyers and litigation support specialists have the tools needed to efficiently perform their tasks. As more and more challenges regarding e-mail surfaced, it spurred us to examine alternative delivery methods.

Mailboxes can grow infinitely in a law firm, especially when 70-plus legal professionals are using the e-mail system for storage and archiving. The firm's e-mail storage needs were increasing at a substantial rate. Attachments such as large documents or high-resolution images took up a large portion of the firm's mail server, potentially straining performance as well as requiring investment in the expansion of physical storage capacity.

But the burden extended beyond equipment, especially when it came to transferring large documents or files. e-Mails were being rejected by our server or the recipients' servers due to size. Additional personnel, such as file clerks or IT, would then have to get involved to ensure the documents could be exchanged, which could mean everything from breaking the files into smaller sizes or burning them to a CD or thumb drive for physical delivery. Often, the firm would resort to certified delivery to have a record of receipt. Physical delivery was time consuming and presented the additional risk of lost or stolen data if the package was intercepted or delivered incorrectly.

Uncompromised Security for Document Delivery

With these concerns in mind, I began researching document delivery solutions to ensure secure delivery of large files and HIPAA-related information. Biscom stood out as a clear leader in the field.

Using Biscom's simple e-mail-like Web interface or the integrated Outlook add-in, legal professionals are able to set up secure deliveries of documents as easily as they send an e-mail. As with e-mail, the user addresses the delivery to intended recipients, uploads files (there is no size limit for files sent via Biscom), and clicks “Send.”

With Biscom's Outlook add-in, the e-mail and attachments are sent as an encrypted Biscom delivery. On the other end of the transmission, recipients receive an e-mail notice that they have a Biscom delivery waiting. The recipients then click on that link to access the message and any attachments. Our firm requires that all external recipients go through an authentication process for security purposes. Unlike many of the file sharing services IT considered, Biscom provides the recipient with a self-registration process that relieves IT of the administration involved in creating external user accounts and permissions. Once registered and authenticated, the recipient can then access the delivery to view and download the files. Biscom's audit capabilities log who has received, viewed and accessed each delivery. Our attorneys particularly like the e-mailed verification of receipt they receive when the recipient views the deliveries and downloads the files.

Biscom also offers a better mechanism than traditional file transfer methods (i.e., e-mail, FTP or physical media) for the attorneys to keep track of the exchange of documents with clients and outside counsel. Tracking and following e-mail threads can be a cumbersome process at best. Biscom's secure reply allows a recipient to reply back to the attorney from within the Biscom interface. All of the replies, including the involved documents, are recorded as threads of the original delivery as well as tracked in the transaction logs. Biscom's interface allows the attorney to go to a single view for the complete history of the document exchange. Biscom also provides tracking for chain of evidence and non-repudiation of receipt and saves a considerable amount of record keeping effort for the attorney.

Most importantly, Biscom offers the high level of security needed to protect client data and comply with HIPAA, including encryption during transit and storage, the ability to restrict who can access the documents or view them, and the dependable functionality of being able to recall a delivery as necessary. Biscom even offers secure delivery for iPads.

The firm began by deploying Biscom's Web-based interface for creating secure deliveries. The software is so noninvasive that it practically installed itself. IT can make configurations from anywhere thanks to the Web-based console. Encouraging user adoption was effortless because Biscom is so easy to use. The Austin office has also deployed Biscom's Outlook add-in, which the attorneys really appreciate. Now they have peace of mind knowing that an e-mail containing HIPAA-related data is being sent securely through Biscom.

Secure Document Delivery and Real Results

Since rolling out Biscom in all three offices a year ago, document delivery has been secured and simplified at Germer Gertz. With a dedicated solution to handle electronic file transfers now in-house, the firm has realized multiple benefits.

The rapid growth rate of e-mail storage has now vastly decelerated, thanks to Biscom and its ability to take over large file transfers. We can now manage that growth instead of react to it. In one recent week, about 250 attachments (about 600 MB) were sent. Biscom delivered 240 of those files, sparing our e-mail server that burden. We actually have Biscom set up to automatically redirect e-mails as Biscom deliveries based on size parameters.

Biscom has also resulted in other savings. Because we've reduced the delivery of physical media, we have cut down on staff time needed to prepare these deliveries and the expenses associated with certified delivery. This has reduced the need to expand staff required to support an increasing level of attorney activity. It also negates any security concerns associated with a package lost or stolen en route. In fact, we can effectively track the receipt of ' and access to ' all of our Biscom deliveries, meaning that opposing counsel cannot repudiate receipt.

Prior to adopting Biscom, misaddressing an e-mail could lead to large problems. While it used to be very difficult to recall an e-mail, we can now easily recall a delivery with Biscom by canceling the delivery or removing a specific file or recipient from a delivery, thus reducing the risk of liability related to an e-mail falling into the wrong hands. One person described the capability as the “oh no” button, which undoes mistaken sends.

Biscom has vastly simplified the firm's process for securely exchanging sensitive files and data. The firm will soon be adding Biscom's latest mobile security feature, which secures deliveries via iPads ' a great boon for lawyers on the go. Now, and moving forward, Germer Gertz is confident that Biscom will help us meet mandated requirements as well as keep the exchange of information within and outside of our practice secure.

Susan Whitmire is IT manager for Germer Gertz, L.L.P., a law firm that handles civil litigation and general business matters with three offices in Texas. In this role, she focuses on initiatives including disaster recovery planning, ongoing data retention and storage assessment, wide area network management and the implementation of user productivity tools.

When you send a document to someone electronically, what's your preferred tool? Do you turn to File Transfer Protocol (FTP)? Or perhaps a thumb drive? For many lawyers and legal professionals (and this won't come as a surprise), the go-to tool is e-mail. It is easy and lawyers get it. But from an IT perspective, e-mail poses many problems.

Does Send Equal Secure?

e-Mail is so ubiquitous in the workplace that people use it with a false sense of security. e-Mails can be intercepted or forwarded to unauthorized individuals. There is no remote verification of the recipient. Despite the most stringent security, accounts can be hacked. If you misaddress an e-mail and hit send, recall efforts are next to impossible. And what about e-mail devices? People can now e-mail from desktops, laptops, tablets and phones. How can you ensure e-mail delivery is secure through all devices?

Most importantly, sending medical records and documents via e-mail can cause compliance issues with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Act, which protects individuals' personal health information, requires entities handling that information to ensure it is secure when stored, delivered or shared. In 2009, HIPAA compliance was extended to associates of healthcare providers, including law firms. If an organization breaches HIPAA compliance, it is open to steep fines, public notification of the breach, and other stiff penalties.

In order to electronically secure medical information and patients' records, they must be encrypted both at rest and in transit, sent only to authenticated recipients, and be able to demonstrate recall capabilities if misaddressed. Since e-mail doesn't conform completely to these basic security parameters, sending medical information through it can lead to noncompliance concerns. This wasn't an option for Germer Gertz.

Increasing Administrative Burden

Germer Gertz has more than 60 attorneys in Austin, Houston and Beaumont, TX. The firm focuses on diverse practice areas including class action, employment, healthcare, insurance, personal injury and pharmaceutical. The firm is committed to providing the highest level of security for its clients' information while also ensuring that lawyers and litigation support specialists have the tools needed to efficiently perform their tasks. As more and more challenges regarding e-mail surfaced, it spurred us to examine alternative delivery methods.

Mailboxes can grow infinitely in a law firm, especially when 70-plus legal professionals are using the e-mail system for storage and archiving. The firm's e-mail storage needs were increasing at a substantial rate. Attachments such as large documents or high-resolution images took up a large portion of the firm's mail server, potentially straining performance as well as requiring investment in the expansion of physical storage capacity.

But the burden extended beyond equipment, especially when it came to transferring large documents or files. e-Mails were being rejected by our server or the recipients' servers due to size. Additional personnel, such as file clerks or IT, would then have to get involved to ensure the documents could be exchanged, which could mean everything from breaking the files into smaller sizes or burning them to a CD or thumb drive for physical delivery. Often, the firm would resort to certified delivery to have a record of receipt. Physical delivery was time consuming and presented the additional risk of lost or stolen data if the package was intercepted or delivered incorrectly.

Uncompromised Security for Document Delivery

With these concerns in mind, I began researching document delivery solutions to ensure secure delivery of large files and HIPAA-related information. Biscom stood out as a clear leader in the field.

Using Biscom's simple e-mail-like Web interface or the integrated Outlook add-in, legal professionals are able to set up secure deliveries of documents as easily as they send an e-mail. As with e-mail, the user addresses the delivery to intended recipients, uploads files (there is no size limit for files sent via Biscom), and clicks “Send.”

With Biscom's Outlook add-in, the e-mail and attachments are sent as an encrypted Biscom delivery. On the other end of the transmission, recipients receive an e-mail notice that they have a Biscom delivery waiting. The recipients then click on that link to access the message and any attachments. Our firm requires that all external recipients go through an authentication process for security purposes. Unlike many of the file sharing services IT considered, Biscom provides the recipient with a self-registration process that relieves IT of the administration involved in creating external user accounts and permissions. Once registered and authenticated, the recipient can then access the delivery to view and download the files. Biscom's audit capabilities log who has received, viewed and accessed each delivery. Our attorneys particularly like the e-mailed verification of receipt they receive when the recipient views the deliveries and downloads the files.

Biscom also offers a better mechanism than traditional file transfer methods (i.e., e-mail, FTP or physical media) for the attorneys to keep track of the exchange of documents with clients and outside counsel. Tracking and following e-mail threads can be a cumbersome process at best. Biscom's secure reply allows a recipient to reply back to the attorney from within the Biscom interface. All of the replies, including the involved documents, are recorded as threads of the original delivery as well as tracked in the transaction logs. Biscom's interface allows the attorney to go to a single view for the complete history of the document exchange. Biscom also provides tracking for chain of evidence and non-repudiation of receipt and saves a considerable amount of record keeping effort for the attorney.

Most importantly, Biscom offers the high level of security needed to protect client data and comply with HIPAA, including encryption during transit and storage, the ability to restrict who can access the documents or view them, and the dependable functionality of being able to recall a delivery as necessary. Biscom even offers secure delivery for iPads.

The firm began by deploying Biscom's Web-based interface for creating secure deliveries. The software is so noninvasive that it practically installed itself. IT can make configurations from anywhere thanks to the Web-based console. Encouraging user adoption was effortless because Biscom is so easy to use. The Austin office has also deployed Biscom's Outlook add-in, which the attorneys really appreciate. Now they have peace of mind knowing that an e-mail containing HIPAA-related data is being sent securely through Biscom.

Secure Document Delivery and Real Results

Since rolling out Biscom in all three offices a year ago, document delivery has been secured and simplified at Germer Gertz. With a dedicated solution to handle electronic file transfers now in-house, the firm has realized multiple benefits.

The rapid growth rate of e-mail storage has now vastly decelerated, thanks to Biscom and its ability to take over large file transfers. We can now manage that growth instead of react to it. In one recent week, about 250 attachments (about 600 MB) were sent. Biscom delivered 240 of those files, sparing our e-mail server that burden. We actually have Biscom set up to automatically redirect e-mails as Biscom deliveries based on size parameters.

Biscom has also resulted in other savings. Because we've reduced the delivery of physical media, we have cut down on staff time needed to prepare these deliveries and the expenses associated with certified delivery. This has reduced the need to expand staff required to support an increasing level of attorney activity. It also negates any security concerns associated with a package lost or stolen en route. In fact, we can effectively track the receipt of ' and access to ' all of our Biscom deliveries, meaning that opposing counsel cannot repudiate receipt.

Prior to adopting Biscom, misaddressing an e-mail could lead to large problems. While it used to be very difficult to recall an e-mail, we can now easily recall a delivery with Biscom by canceling the delivery or removing a specific file or recipient from a delivery, thus reducing the risk of liability related to an e-mail falling into the wrong hands. One person described the capability as the “oh no” button, which undoes mistaken sends.

Biscom has vastly simplified the firm's process for securely exchanging sensitive files and data. The firm will soon be adding Biscom's latest mobile security feature, which secures deliveries via iPads ' a great boon for lawyers on the go. Now, and moving forward, Germer Gertz is confident that Biscom will help us meet mandated requirements as well as keep the exchange of information within and outside of our practice secure.

Susan Whitmire is IT manager for Germer Gertz, L.L.P., a law firm that handles civil litigation and general business matters with three offices in Texas. In this role, she focuses on initiatives including disaster recovery planning, ongoing data retention and storage assessment, wide area network management and the implementation of user productivity tools.