If you want your clients to trust and rely on you, then you absolutely must take security seriously.
Trust and responsibility are cornerstones of how I practice coaching. In my own practice, I follow the ethical guidelines of the International Coach Federation (ICF). One of the ICF guidelines that I happily follow concerns confidentially. In fact, I proactively brief clients on the, extremely, rare circumstances under which I will break that confidentially. Until one of those scenarios is reached the content and existence of the conversation remain between the me and my client.
Outside of intentional disclosure one issue that all coaches need to address in their practice is unintentional disclosure due to information security issues. As a coach, you need to develop security that protects your clients and your coaching practice.
Security is always evolving and your coaching practice will have different operational concerns. However, below I’ve outlined some best practices, that will help you get started.
Like all coaches, I find taking notes during a session on paper helpful. I also review these notes before future sessions to refresh myself on the client and their goals. Security around these notes is absolutely critical. Here are some best practices I recommend all coaches adopt:
- Never write the client’s name on a sheet of paper containing notes from the session.
- Never write the date or time of a session on a sheet with notes.
- Never bring a notebook with notes from another client to a session with a different client. If you do so, make sure to keep the book in your bag. A client could easily accidentally see details while you are turning a page.
- Move all notes to a secure digital format as soon as possible and shred the paper copies.
Remember that physical items are easily compromised.
Your Digital Setup
I’m a big advocate for using digital technology to help all people (coaches included!) scale their impact. However, it’s extremely important that you ensure your digital setup enhances rather than diminishes your security setup.
Ensure the following are always followed:
- Enable two-factor authentication on all services. If a product doesn’t have two-factor authentication don’t use it, ever. Also, avoid two-factor services that use sms.
- Use a different, strong password for every single service. Your passwords should be, at least, 20 characters and completely customized for each account.
- Never share accounts and ideally never used shared terminals. However, if you must use a shared computer use ‘Incognito mode’ as this will clear most information once you close the window.
Setting a long unique password for each service may seem impossible. Thankfully using a password manager, such as LastPass or 1Password, and make this super easy. These services will securely store and create passwords for you.
two-factor authentication means that you will be asked to supply a shortcode periodically on your devices and always on new devices. You can get the device from your phone using an app such as Authy or Google Authenticator. The beauty of this setup is that to gain access to your accounts someone would need not just your password but also your phone - massively increasing your security.
I do believe that using digital services to store coaching notes is compliant with good security. However, it’s essential that every service you use has a strong password and two-factor authentication enabled. This includes any and all devices this information syncs to (phone, tablet, etc). In addition, all these devices should be secured by passwords beyond the standard 4 digits. Using thumbprint technology is a great balance of convenience and security for mobile devices.
Personally, I use a combination of Google services and Evernote. There are multiple different combinations and solutions, but I find that these two give me all the tools I need, access to my coaching information where I need it and most importantly keep everything secure.
I hope you find the above steps helpful. One's security can seem both elusive and intensely technically complex to achieve. Thankfully tools like password managers can make you more secure while also making your digital life easier.