Use of electronic technology and the Internet to conduct internal and external business continues to increase among all businesses, including design, architectural and engineering consultants. The Internet has become as important as traditional methods of communication. Documents transmitted electronically by your firm may include business ideas, confidential information such as project deliverables, design plans, legal contracts, the latest news regarding an innovative technology, financial data and other business transactions.

The use of electronic technology to transmit and store work products has many advantages including enhanced communication and customer service, and rapid access to information. The use of electronic technology and the associated web of systems also has disadvantages.

Disadvantages associated with electronic technology include the following:

• misdirected E-mail, unknown readers of E-mail, and forwarded E-mail;
• glitches in systems that may alter a file that is electronically transmitted;
• deliberate alteration of the work product;
• access to proprietary information by Internet intruders; and
• malfunction of the computer network.

The risk associated with misdirected E-mail will result in the recipient not receiving the transmittal or the information falling into the hands of a party that may be motivated to harm your firm.

The recipient of a work product that has been altered due to a glitch or incompatibility between computer systems may identify these alterations as errors or omissions. As a result, the engineering firm may be liable for damages for alteration to a work product that was beyond their control. Files that are prepared by design and engineering professionals may also be altered by their clients or third parties that have been provided access to the file. Such alterations may also introduce errors and omissions into the work product.

As long as your business is using the Internet for transmitting work products, sending E-mail and downloading information, there is also the possibility that one of your own employees or an outsider, possibly a determined competitor, will attack the firm’s computer network. Computer-related crimes such as spying and vandalism can result in computer failures, loss of proprietary information, financial loss and mistrust of personnel.

As businesses become more dependent upon the Internet to conduct business, the risks associated with the failure of the system should be considered with your firm’s business continuity planning.

Businesses can protect their work products and minimize their risks associated with operating in the electronic business world by developing and implementing a corporate electronic business policy. The policy may include guidelines pertaining to employee access to the Internet, prohibited activities and uses, communication information, virus detection, export restrictions, disclaimer of liability, waiver of privacy and compliance.

Risk Management Techniques

To minimize the risks with misdirected E-mail, senders should exercise care when typing E-mail addresses. While E-mail messages tend to be less thoughtful and formal than letters sent on company stationery, the sender should be mindful that in business litigation, E-mail is subject to the same discovery rules as paper documents. E-mail users should remind themselves not to send anything in an electronic message, including professional opinions, they would not feel comfortable sending on company stationery.

When sending work products prepared by your firm to your client or other interested party, the recipient should understand a hard copy of the document that bears the preparer’s seal and signature are considered to be a authorized work product. Engineering firms can include this clarification as a contractual provision. The contract language should prohibit your client and third parties from altering your work product unless authorized by a principal of the firm. Further, the contract language should include a clause that indemnifies your firm in the event your client or a third party alters your work product. Your firm can also write-protect a document to prevent unauthorized changes.

To protect sensitive documents that are transmitted over the Internet, firms can also use a digital signature. To create a digital signature, the sender uses a private key to sign the document. An authentic and signed document is created when the recipient uses the sender’s public key to access the document. Commercial security software that allows users to secure their documents with digital signatures is available through several software companies.

To address glitches or incompatibilities between computers that may result in altered work products sent between computer networks, engineering firms can include contract language that limits your firm’s liability if an unintended alteration occurs. Firms may also want to consider including a warning statement on work products that are electronically transmitted. The warning statement should caution the user that only a final hardcopy of the work product that bears the consultant’s seal and signature should be considered reliable.

To prevent an attack from deliberate or accidental internal sabotage or an outside malicious act, businesses using electronic technology should consider developing a security strategy. The most common means of protecting your network is using a firewall, which is a program that prohibits access to unauthorized users and maintains the security of a firm’s Intranet. A well-designed firewall can protect your firm’s bottom line and prevent valuable work products from falling into the wrong hands. The type of firewall utilized by your firm depends upon your firm’s type of Intranet connection. Firewalls can serve as a controller, filter, monitor, security guard and screener of your network users.

A malfunction or meltdown of your firm’s computer system caused by power outages, computer viruses or vandalism can result in the loss of irreplaceable electronic data. A malfunction of a firm’s computer system may also result in the loss of business opportunities. Firms should develop a business continuity plan that addresses the interruption of all components of electronic business. The business continuity plan should include a standard operating procedure for back-up of data and reinstallation of data.