My Car Was Broken Into - Who Covers My Property?
#FinancialWellnessWednesday for 10/19/16

Cyber Breach Prevention Ethical Duty for Law Firms

Shutterstock_254824216Hackers are executing sophisticated data breaches on large and small companies all over the world, making the need to protect your law firm from the dangers of cyber breach more important than ever.

Although many lawyers prefer to believe that their firm is unlikely to be the target of a hack, such thinking often proves to be naïve. Cyber criminals are continually adapting looking for easy targets and sources of potentially valuable data. Because law firms are essentially warehouses of client and employee data, they should acknowledge that they are not immune to such attacks.

Personally Identifiable Information

Law firms are often considered to be perfect targets by cyber criminals looking to hack into businesses that keep lots of data containing personally identifiable information (PII) but lack protective security. Some examples of PII include:

  • Names, identifying numbers, symbols, or other identifiers assigned to particular individuals
  • Information that describes anything about a person
  • Information that indicates actions done by or to a person
  • Information that indicates a person possesses certain characteristics

Most, if not all, law firms possess a great deal of PII. This information was historically kept in paper files, but is not stored electronically for the most part. The most commonly reported cyber breach reported by law firms is related to the loss or theft of a laptop, thumb drive, smart phone, tablet, or some other mobile device. If the information on the lost or stolen device was not encrypted and contained PII, a breach likely occurred. With access to office email and other law office networks, cyber criminals can gain access to and steal confidential information.

This is an ethical dilemma for attorneys for several reasons. Besides the common law duty owed by attorneys to protect the confidential information entrusted to them by clients, the ABA Rules of Professional Conduct requires an attorney to maintain the confidentiality of information related to the representation of current and former clients, and state and federal law also imposes a duty upon attorneys to protect PII for clients.

To learn more about data breach and cyber liability coverage, Jeremy Del Priore at USI Affinity today.

Comments

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)