We’re starting a new series of malpractice questions and answers presented by our faculty member, Allison Woods, who teaches ethics at Solo Practice University. It’s a quick, easy reminder to avoid making some serious mistakes. Look for them once a month. And hope you get an ‘A’. Can you answer our first question successfully?
In my previous column, I discussed how cyber liability is a serious risk management issue for lawyers, given our Rule 1.6 duty to maintain the confidentiality of client information. Given the high profile cyber attacks against Target, Sony Pictures Entertainment, the United States Government, and the Ashley Madison website; many law firms may believe they are not big enough to be a target, or they don’t have data that cyber criminals would find attractive. These law firms would be wrong on both counts.
Lawyers and firms who underestimate the risk of a cyber attack or who fail to take affirmative steps to protect their data, have an increased risk of becoming the subject of a disciplinary or malpractice claim. Rule 1.6 Confidentiality of Information, which prohibits lawyers from revealing confidential client information, also speaks to a lawyer’s duty to protect client information. What can you do to mitigate this risk?