Celesq® Programs

New Developments in Law Firms' Obligations to Protect Against Data Breaches

Much has been written in recent years about lawyers' duties to preserve the confidentiality of client information under the rules of professional conduct and to take reasonable precautions to strengthen cybersecurity in order to avoid data breaches. Executing those duties has become more difficult amid an increase in the frequency and sophistication of state-sponsored and criminal cyberattacks directed at law firms and their clients. Further complicating matters for lawyers is knowing when disclosure to clients of a law firm data breach is required by the rules of professional conduct even though the threat of exfiltration or loss of client confidential data is in doubt. We will examine American Bar Association opinions that offer some guidance on when client notification of a data breach is appropriate to ensure protection of client confidentiality and minimize exposure to legal malpractice liability. ABA Ethics Rules to be addressed will be Ethics Opinions 477R and 498 (2021)

 In addition, we will discuss the requirements of Bar Associations in various states and analyze law firms' exposure to potential professional liability.

• What should lawyers do when their firm is the victim of a data breach or ransomware attack?
• What obligations do lawyers have to notify their clients that their confidential data has been or may have been compromised or accessed by a hacker?
• Opinions of the American Bar Association and various states offer some guidance on when client notification of a data breach is appropriate to ensure protection of client confidentiality and minimize exposure to legal malpractice liability.

 

Available in States

• California
• Colorado
• Georgia
• New Jersey
• New York
• Texas Self Study

Program Categories

• Communications and Media Law
• Corporate and Securities Law
• Ethics & Professionalism
• Federal Courts
• In-House Counsel

PROGRAM CREDITS

• Legal Ethics : 1 Credit