In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to better prepare for and respond to data security incidents. The recommendation reflects a growing recognition across professional service industries—particularly law firms—of
5 Practice Tips for Law Firms as Data Breach Spotlight Swings Their Way
While data breach incidents affecting the entertainment, retail, healthcare, and financial industries have garnered more attention in past years, the data breach spotlight recently shifted to law firms.
This shift was triggered by media coverage of the breach and leak of the Panama Papers, and by reports that, in 2015, hackers breached the networks
Law Firm Fined for Filing Papers with Social Security Numbers
In another recent example of a law firm running afoul of privacy requirements in litigation (See also the discussion of Kim v. St. Elizabeth’s), U.S. District Judge Michael Davis recently assessed a $5,000 sanction against the law firm for electronically filing an affidavit that contained the Social Security numbers and dates of births