Your firm’s computer network has been hacked and client data either exposed or likely exposed. What’s a law firm to do? The legal and regulatory reporting obligations are numerous, complex and are ignored at the firm’s peril, but ABA Formal Ethics Opinion No. 483 reminds lawyers that there are also independent ethical obligations triggered when a cyber-attack compromises confidential client information or incapacitates a law firm’s computers or network.
First and foremost, the duty of competence (Model Rule 1.1) “require[s] lawyers to understand technologies that are being used to deliver legal services to their clients … [and lawyers] must use and maintain those technologies in a manner that will reasonably safeguard property and information that has been entrusted to the lawyer.” (This obligation is discussed in depth in ABA Formal Ethics Opinion No. 477R (May 22, 2017) (Securing Communication of Protected Client Information).) Model Rules 5.1 and 5.3 impose an “obligation to safeguard and monitor the security of electronically stored client property and information.”
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]
