• Services
  • Audit & Accounting
  • Tax Services
  • Forensic & Litigation Support
  • Business Valuations
  • Trust & Estate Accounting
  • Wealth Management
  • Family Office Services
  • Specialty Audits
    • Burden Fringe and Overhead Audits
    • Employee Benefit Plan Audits
    • Qualified Production Cost Audit for the Connecticut Film Credit
  • Cost Segregation
  • Financial Statements
  • Accounting Software Systems
  • Elder Care Services
• Industries
  • Manufacturing, Wholesale & Distribution
  • Construction
  • Waste Hauling/Environmental
  • Not-For-Profit Organizations
  • Real Estate
  • Healthcare Providers
  • Legal & Professional Service Firms
• Client Resources
  • Tax Documents
  • Helpful Links
  • Financial Tools
  • Affiliations
  • Client Newsletters
  • Updates & Notices
• News
  • News Releases
  • Our Articles
• Community Involvement
• About us
  • Our Story
  • Our Mission
  • Brochures
• Career Center
  • Culture
  • Why work for Konowitz, Kahn & Company?
  • Benefits of working for us
  • Submit Resume
• Staff
  • Principals
  • Professional Staff
  • Tax Department
  • Administrative Team
• Contact us
  • Contact us
  • Directions
    • North Haven Office
    • Middlebury Office
• Home

Our Articles

A Safe Way to Send Documents In Cyberspace:  Client portals offer far more security than e-mails

By Jill M. Kovalich, Director of Marketing for Konowitz, Kahn & Company, P.C.

This article is reprinted with permission from the June 15, 2009 issue of the Connecticut Law Tribune. © Copyright 2009. Incisive Media US Properties, LLC. All rights reserved. duplication without permission is prohibited. All rights reserved.

Law firms, CPA firms, physicians’ offices, and insurance companies use, store and share myriad documents — all containing the most personal of information on their clients. As fast as the pace of technology moves forward, so does the ingenuity of computer hackers, who rise ever higher to the next firewall challenge.
So, how do we protect our clients as we race to install more layers of security on our networks? What’s safe? What’s not?

Internet-facilitated document storage appears to be where it is all going. Our banking, e-mails, photos on Facebook — it’s all stored out there in cyberspace, no longer in our file cabinets or coffee table photo albums.
But Nancy Waterman, president of Network- IT, LLC, in Middletown, warns us that most e-mail systems are not secure. “If it could be damaging to you if the information you are sending got in the wrong hands, do not use e-mail,” Waterman states. In contrast, client portals “are one way to allow people to submit their information securely. File Transfer Protocol (FTP) transfers are another way [to move] information from one place to another over the Internet safely.”

FTP originated in the 1970s to address a standard means of exchanging files over a computer network. It was designed to be flexible, so it could accommodate file exchange among a variety of computers with minimal restrictions. Its design predates firewalls, through which a file must now pass when en route to its intended destination.  “Client portals are better when multiple pieces of information are required, such as filling out various fields of a form. Both are superior methods to e-mail when transmitting sensitive information,” Waterman stated.

A growing number of states, including Connecticut, have adopted laws affecting businesses that send e-mails containing clients’ personal information. Typically, e-mail is not encrypted, leaving both parties vulnerable to spam, hackers, and identity theft. Connecticut Public Act No. 08-167, which went into effect Oct. 1, 2008, addresses how to safeguard personal information, especially Social Security numbers. In fact, there’s a Privacy Protection Guaranty and Enforcement Account established that collects the civil penalties resulting from intentionally violating this act ($500 for each violation, not to exceed $5,000 for any single event).

“Exchanging files through e-mail can expose both parties to unnecessary risk, since e-mail is often unsecure,” said Joe Rotella, chief technical officer at Delphia Consulting LLC, in Columbus, Ohio “In addition, as companies impose limitations on the size and format of e-mail attachments, some files can be rejected making for a very frustrating experience.”

Instant Access
Law firms utilize web portals to access case administration reporting. For class action lawsuits, the legal team can instantly access the updated information, including the number of exclusions, objections, and correspondence. This type of immediate access streamlines the administrative processes of complex lawsuits.

As a public accounting firm entrusted with the managing of trusts, estates, closely- held businesses and the financials of high net worth individuals and families, Konowitz, Kahn & Company P.C. works with law firms as a regular course of business serving its clients’ needs.  “We continue to make significant investments in our technology,” says Armand Rossi, managing partner of Konowitz, Kahn & Company.  “Our clients know they can trust us to protect their information.”
Like others following suit, the nine-partner CPA firm has taken a proactive position in protecting its clients’ information by implementing a client portal for secure document exchange and storage.

“This client portal provides a secure file exchange providing clients a safe, convenient way to share files,” Rotella stated. “Anywhere they can surf the Web, they can now access and share files with confidence and ease, making it even easier to do business with” their CPA and law firms.


A client portal is designed to meet clients’ demands for secure virtual storage and document exchange and enhance client communication. Acting as a door to the Internet, the portal allows the client to control the key to the door through password- protected logins. The backbone of the portal is a secure, encryption-protected system. Clients can share documents with their CPAs and choose to store documents to which no one has access but themselves.

For the non-IT-savvy client, there is one way to be an informed consumer of client portal technology. Waterman advises users “to be sure there is a login required to enter the portal, and that the URL starts with ‘https’ – the ‘s’ indicating Secure Socket Layer.”  She explains: “This technology utilizes certificate exchange, data encryption, packet checking, and other means to be sure the data is read only by the intended machine.”

In October 2008, Nevada passed a law requiring all businesses in the state to encrypt personal information transmitted electronically. Massachusetts has a similar law, which goes into effect next year, regarding standards for protecting personal information and providing computer system security requirements. Rossi sees it as a matter of time before all states impose the same requirements.  “We want to be proactive, and our client portal is an excellent solution,” he says.