A UK law firm may find itself subject to significant penalties following reports of a data breach affecting thousands of people. The recent 2010 ABA Annual Meeting in San Francisco devoted two sessions to the topic, specifically dealing with “cloud computing,” and the risks and ethical issues it raises for law firms. As data privacy and security risks mount for all businesses, they are perhaps even more critical for law firms.
Law schools in the United States teach their students about a long-standing and fundamental tenet of the legal profession – the attorney-client privilege. It is indeed the general obligation of attorneys to keep client communications confidential. Law schools generally do not teach, at least not nearly to the same degree, how lawyers as law firm business owners ought to protect the personal information of their clients from unauthorized acquisition or access, without hampering their practice.
This primer is intended to provide a brief discussion of the key issues for law firms and some helpful steps for developing a plan to safeguard such information.