Confidentiality is expected by legal services clients. Despite shortcomings in many laypersons’ understanding of the workings of the legal profession, privacy and information security are widely recognized as core responsibilities of legal professionals. Moreover, many legal professional groups and regulating agencies, such as the American Bar Association and state bars, have been emphasizing and clarifying their rules regarding information security practices—especially as they relate to privacy and technology—over the past decade.

Lawyers, legal administrators and other law firm staff should keep up to date with the available technology tools to help them prevent negative data security events and provide industry-leading secure client service. The consequences of data breaches involve more than technology downtime, as government agencies are increasingly requiring victims of improper information disclosure to notify affected clients and publish notices of the breach online (including on some state attorneys general websites), opening up the possibility of reputation damage.