Cloud Storage for Legal Documents
Attorneys and law firms are now using cloud storage to store legal documents. State bar associations have endorsed the use of cloud storage, as long as reasonable care is used to safeguard privacy and security.
Individuals can also store legal documents using cloud storage. Several safeguards must be followed. Storage accounts must use a strong password, consisting of upper and lower case letters, numbers and special characters. Avoid using words found in the dictionary, and avoid using the same password for multiple accounts.
In addition to strong password security, look for services that require or allow two-factor authentication. Two-factor authentication requires a password (something you know), plus your computer or cell phone (something you have). A password alone is not sufficient to gain access to the account.
Two-factor authentication will require you to use a known computer, recognized by a machine ID code, or to receive a text message on your cell phone. The text message will contain a temporary code number, that will expire in a few minutes. Only the person that has the cell phone will be able to receive the code number needed to access the cloud storage account.
Encryption versus Plain Text
Confidential files, including legal documents, kept in cloud storage, must not be stored in plain text format. With plain text documents, anyone that gains access to the account could read the contents of the document. For security, files must be encrypted before they are transferred on the internet (pre-internet encryption), and they must be stored in an encrypted format.
Some cloud storage vendors only encrypt the files during transfer, but then store the files in plain text format. That is not acceptable security.
The cloud storage vendor must not know the encryption key. Without the encryption key, anyone that gains access to the cloud storage account would only be able to see files that are encrypted, scrambled and unreadable.
SpiderOak Secure Cloud Storage
Only the user must have the encryption key, not the vendor. It must be private. This is known as Trust No One (TNO) security. The cloud storage vendor that I recommend is SpiderOak. They provide secure, encrypted cloud storage with TNO security.
For important legal documents, you can keep the original paper documents in a fire-proof safe. Store them inside of a sealed plastic bag to prevent moisture damage, You can scan a legal document into a PDF file to store a copy on your computer. Add a strong password to the PDF file.
You can store a local backup copy of the legal documents on a micro SDHC or micro SDXC memory card. The memory card is tiny and rugged and can be stored at a local offsite location, such as the home of a relative, or your attorney’s office, or a bank safe deposit box.
Secure cloud storage can be one additional offsite location as a backup. Cloud storage also provides a way to access an electronic copy of your documents, 24 hours a day, from any location that has internet access.
In case you become incapacitated, be sure to inform someone else, such as a family member, attorney, or the agent under your power of attorney, or the trustee of your trust, of the passwords needed to gain access to your secure PDF files and cloud storage account.
Update: July 23, 2015, SpiderOakONE version 6.0 released with new pricing plans
SpiderOakONE now offers a 2GB free trial for 60 days. Pricing plan choices include $7/month or $79/year for 30GB, $12/month or $129/year for 1TB, and $25/month or $279/year for 5TB.
That is plenty of space for storing personal and legal documents like a last will and testament, funeral and cemetery documents, living will, living trust, power of attorney, real estate deeds, life insurance documents, motor vehicle title, birth certificate, driver’s license, passport, social security card, military papers, home inventory, etc.
Medical Records, HIPAA Privacy
For privacy, you may wish to keep medical records in a separate account, and only allow access with a notarized HIPAA Authorization Form.