Online Intake Forms: An Ethical Concern or Duty?

Attorneys need to know as much about a prospective client’s legal issues – and the client – as possible in order to determine whether or not to accept the client.  Ethical rules prohibit representations where potential conflicts arise, and firms need to be aware of the financial and past legal background of new clients to properly ascertain the risks.  Agreeing to represent the wrong client can lead to a host of head-aches, including unpaid bills and ethical dilemmas.

Traditionally, firms used clunky paper intake forms and time-consuming client interviews to gather the information necessary to make the assessment. With the proliferation of practice management software, firms relied upon paralegals and administrative staff to transfer the information into various digital platforms; a data entry practice that is error prone and labor intensive.  For smaller firms without the resources to retain staff dedicated to data entry, the burden falls upon the attorneys.  Lexicata by Clio estimates that even small firms that handle only 30 matters a month, at a billing rate of $250/hour, spend up to 180 hours annually on intake data entry which adds up to a loss of up to $45,000 of billable hours a year.

Online Intake Forms

Instead of playing a high-stakes game of telephone with a potential client’s sensitive information, why not have them provide their information in a secure manner that automatically coalesces with the practice management software?

Online intake forms provide that option.

With online intake software, firms can tailor their intake forms any way they like. They can choose the questions, use multiple choice options or allow for freeform responses, and seamlessly integrate the client input with existing practice management software.

Eliminating time-consuming and unbillable data entry is only one of the ways online intake forms are cost-effective. It also reduces the costs of paper and toner as well as lower the firm’s carbon footprint for the eco-conscious.  For those that don’t oversee inventory, a recent survey by the Purdue University Department of Horticulture found that a single lawyer generates up to 100,000 sheets of paper a year. 10 reams of 500 sheets of all-purpose copy paper costs around $54.99. That comes out to just under $1,100 for each attorney.  In a competitive field, the firm which can both reduce its overhead and advertise to potential customers its eco-friendly practices may have the edge needed to succeed.

Of course, client satisfaction is also a paramount concern.  Granted, the personal touch of sitting down with a prospective client and hashing out the particulars of a matter has not entirely gone out of fashion. There’s also the contention that a $50 million client isn’t going to want to sit in the lobby filling out a form on an iPad.  However, a recent Usabilla report found that 54% of people polled said they would always choose an automated customer service option over human interaction if it saved them 10 minutes.

Automation isn’t just convenient for practices, it allows clients to explain their situations on their own time, at their own pace, and with a mitigated fear of judgment.  As noted above, the time savings captured from online intake forms will provide attorneys with the additional time to really focus on providing personal and meaningful advice and attention towards properly vetted clients.

Another consideration is that online intake forms offer features unavailable in the old paper forms or even PDF and word processing programs. By incorporating automated client reminders, online intake forms ensure that prospective clients don’t fall through the cracks early in the process.  Online intake forms’ web-based format allows for a more user-friendly experience on mobile devices in a way that PDFs and word processors cannot.

Ethical Concerns

Secure and encrypted online intake forms comply with the ethical requirements for the safekeeping of sensitive client data.

Rule 1.6 addresses the confidentiality of information. The chief concern in terms of online intake forms comes from the need to keep the client’s information safe from cyber-attacks. Intake forms by their very nature can contain sensitive information like social security numbers, financial data, and personal details.

In the past, this information would be kept under lock and key in file rooms with access restricted to attorneys and their staff. One thing that paper records will always have over digital data is that paper can’t be remotely hacked. Law firms are one of the biggest targets for hackers due to the sensitive information that is their stock and trade, and switching intake forms to an online format may raise alarm bells with a firm’s ethics counsel or IT personnel.

However, these concerns fail to hold water with the realization that most (if not all) paper records are eventually scanned into practice management software anyway. The inherent risks of maintaining digital records have become a given in a society that conducts most of its business online. Still, this does not relieve firms of their responsibility to vigilantly protect their client’s confidence.

The ABA insists that law firms take “affirmative steps to prevent the unauthorized access of client information.” According to cybersecurity authority Symantec, “80% of breaches can be prevented by using multifactor authentication.” Multifactor authentication offers an additional level of verification beyond the standard password. It can be anything from a security USB token to a retinal scan.

Additionally, the ABA offers this checklist from Arlan McMillan, the chief security officer at Chicago firm Kirkland & Ellis, of best practices for defending a firm from cyber-assault:

  1. Aggressively patch your computer systems (laptops, servers, etc.). Microsoft releases patches every month, and program patches are released regularly. “If you’re patching, it makes it much harder for hackers to take advantage of your computer systems.” On average, an unpatched computer exposed to the internet will be hacked within 90 minutes.
  2. Be a regular user, not an administrator. “Administrator” and “user” are designations that define how much authority you have to make changes on a computer system. Logging in as an “admin” exposes the computer to hacking; it’s more secure to log in as a “user.”
  3. Use strong passwords. McMillan recommends using passphrases instead of passwords.
  4. Invest in email message and attachment scanning tools. This will help protect from phishing attacks.
  5. Invest in web-filtering tools. This will help you guard against malicious websites.

Rule 1.1 presents a different challenge. It states:

“A lawyer shall provide competent representation to a client. Competent representation requires the legal knowledge, skill, thoroughness and preparation reasonably necessary for the representation.”

Encompassed within the competency requirements of Rule 1.1 is the use of technology in a manner that doesn’t harm the interests of the client. This means not only instituting useful technology like online intake forms, but also implementing standardized cybersecurity best practices and staying abreast of updates, breakthroughs, benefits, and risks associated with the use of said technology.

As technology has advanced, this duty of competence has grown to encompass maintaining a working knowledge of advances that can be used to provide improved or more complete representation. The implications of this are important. It means that remaining a Luddite out of personal convenience constitutes a failure to maintain a duty of competency, potentially allowing for disciplinary action.

Whether a firm uses online intake forms or maintains outdated paper forms, the ethical rules require that a firm implement stringent cybersecurity policies to safeguard its client’s sensitive and confidential data.


The legal profession has the option to either voluntarily step into the future or be dragged kicking and screaming into the present. Either way, these technological boons (and the potential security burdens that accompany them) show no signs of going away any time soon.

In the face of a tool that makes client intake easier for both clients and practices, automatically organizes client data for future use and potential data mining, and frees up time for different – i.e. billable –  tasks, what reason is there not to take advantage of it?

Check Also

NFTs And The Law: What Do I Actually Own?

A quick look into NFTs, and how they fit into a legal landscape that isn’t ready for them.