Information-Governance and Data-Security Policies
The Mayerson Firm PLLC's policies on information governance are set forth in our engagement letters with our clients, so that the client upfront understands comunication protocols, encryption policies, document-retention policies, and the like. Our clients therefore know our standards for ensuring the integrity of electronic communications between us and the client, our data-security standards (and heightened HIPAA protocols where needed), and records-management policies, including definining what materials are the client's files and what are the Firm's records and related document-destruction protocols. As a matter of information-management and efficiency, the Mayerson Firm PLLC operates generally in a "paperless" environment, though when hard-copy is generated the material then is securely shredded using an approved secure shredding service. Our paperless practice platform also means that wherever we may be we can secure access to needed material so that we can respond diligently and promptly to our clients' needs, whenever they arise.
Our engagement letter spells out how we use outside vendors and the standards employed by them for data security. Moreover, to the extent any client requires higher degrees of data security, we set forth these when appropriate in a separate agreement with the client that provides for greater encryption or the like to be used by the Firm and its vendors.