1.Overview

Comprehensive audit trails and ethical walls ensure compliance and prevent inadvertent conflicts. Every action within Sque is logged immutably, and ethical walls automatically enforce conflict restrictions.

2.Audit Trail Architecture

Every action within Sque is logged immutably:

1. User Action Logging

  • User login/logout events logged with timestamp
  • Document views logged with user identification and timestamp
  • Document downloads logged with user and date/time
  • Document modifications logged with change details

2. Immutable Log Storage

  • Logs are written to immutable storage (cannot be altered or deleted)
  • Logs include cryptographic signatures preventing forgery
  • Log retention meets legal and regulatory requirements

3. Log Accessibility

  • Audit logs are accessible to firm administrators and compliance officers
  • Log reports can be generated for specific time periods or users
  • Log export capability for litigation response or regulatory inquiry

3.Example Audit Trail

For a privileged document:

TimestampUserActionDetails
6/15 10:23 AMJohn SmithFile UploadMotion to Dismiss (16 pages)
6/15 10:25 AMSarah JohnsonViewMotion to Dismiss viewed
6/15 11:00 AMJohn SmithModifyDocument tagged as "Attorney Work Product"
6/16 2:30 PMClient Portal UserAttempted AccessBlocked - document is work product

4.Compliance Reporting

The system generates compliance reports for regulatory and legal obligations:

1. Data Access Reports

  • Report showing all data accessed by specific user
  • Report showing all users accessing specific document
  • Report showing all privileged documents accessed

2. Security Incident Reports

  • Failed login attempts
  • Unauthorized access attempts
  • Permission violations

3. Retention Compliance Reports

  • Documents deleted and retention period elapsed
  • Documents approaching retention expiration date
  • Litigation hold documentation

5.Ethical Walls and Conflict Prevention

When conflicts of interest are identified:

1. Ethical Wall Implementation

  • Conflicted attorney is automatically prevented from accessing adverse matter
  • System displays "Access Denied" when conflicted attorney attempts to access matter
  • All documents in adverse matter are inaccessible to conflicted attorney

2. Automatic Screening

  • System prevents email/chat communication about adverse matter reaching conflicted attorney
  • If conflicted attorney is copied on email about adverse matter, they are automatically removed from distribution
  • All team communications about adverse matter exclude conflicted attorney

3. Wall Violation Reporting

  • Any attempt to breach ethical wall is logged and reported
  • Violations are immediately escalated to firm administrator
  • Violation investigation is documented

Frequently asked questions

Each firm operates in an isolated tenant environment with tenant-specific encryption keys. Firm databases are completely separate with no shared tables or cross-firm data access—even through system error or vulnerability.

All data is encrypted in transit using TLS 1.2+ and at rest in databases and Briefcase. Encryption keys are stored in a separate key management system, never alongside encrypted data, with access restricted to authorized personnel.

Sque meets SOC 2 Type II compliance with annual third-party audits, GDPR compliance for European firms with data residency options, HIPAA-ready architecture for health information, and security architecture supporting professional liability insurance requirements.

When conflicts are identified, conflicted attorneys are automatically prevented from accessing adverse matters. The system screens email and chat communications, removes conflicted attorneys from adverse matter distributions, and logs and reports any wall violation attempts.