Law.com Subscribers SAVE 30%

Call 855-808-4530 or email GroupSales@alm.com to receive your discount on a new subscription.

Get a (Law) Firm Grip on Data Breaches

By David Ray and Reggie Pool
June 02, 2015

Law firms are as much at risk for cyber attacks as any other industry, a point emphasized in a recent internal report at a major bank that warned employees about the threat of attacks on the networks and websites of big law firms, according to the New York Times. See, “Citigroup Report Chides Law Firms for Silence on Hackings.”'Because of the lack of reporting requirements in the industry, it is unclear how many breaches have actually occurred. Law firms have been relatively unwilling to share information about security breaches because of potential concerns about how that information would affect their credibility. In fact, digital security at many law firms, despite improvements, generally remains below the standards set for other industries. Fortunately, law firms are now recognizing the risk and beginning to take preventive action. This article describes some of the reasons law firms are cyber-attack targets, steps they can take to reduce their risk, and what clients are doing to encourage law firms in those efforts.

Law Firms As Targets

It should not be a surprise that law firms are ripe targets for data breaches. Their data and document repositories may contain a variety of sensitive information ' not only traditionally privileged information, but also competitive information related to their clients' business strategies and other forms of private data held in connection with client work. For example, a law firm may not accept credit cards, but it may have payment card information as part of a matter it is handling. Similarly, while a law firm may not be a covered entity under the Health Insurance Portability and Accountability Act (HIPAA), it might be considered a “business associate” under the Health Information Technology for Economic and Clinical Health Act (HITECH) because of the services it provides to HIPAA-covered entities.

Read These Next
Major Differences In UK, U.S. Copyright Laws Image

This article highlights how copyright law in the United Kingdom differs from U.S. copyright law, and points out differences that may be crucial to entertainment and media businesses familiar with U.S law that are interested in operating in the United Kingdom or under UK law. The article also briefly addresses contrasts in UK and U.S. trademark law.

Strategy vs. Tactics: Two Sides of a Difficult Coin Image

With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.

The Article 8 Opt In Image

The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.

Removing Restrictive Covenants In New York Image

In Rockwell v. Despart, the New York Supreme Court, Third Department, recently revisited a recurring question: When may a landowner seek judicial removal of a covenant restricting use of her land?

Fresh Filings Image

Notable recent court filings in entertainment law.