Cybersecurity health is increasingly necessary for lawyers to keep their and their clients’ information secure. The prevalence of “hacking,” “ransomware” and “phishing” attacks, scams and other unauthorized digital intrusions demonstrates the need to use reasonable and appropriate technology to safeguard confidential and privileged information. Doing so is mandated by New York’s Rules of Professional Conduct, as well as the recently enacted New York state “Stop Hacks and Improve Electronic Data Security” or “SHIELD Act,” which applies to all law firms, even to solo practitioners and small firms.
Lawyer’s Ethical Obligations
A lawyer must take reasonable care to affirmatively protect client confidential information and NYSBA Committee on Professional Ethics Op. 1019 provides that the duty of “reasonable care”:
does not require that the lawyer use special security measures if the method of communication affords a reasonable expectation of privacy. Special circumstances, however, may warrant special precautions. Factors to be considered to determining the reasonableness of the lawyer’s expectation of confidentiality include the sensitivity of the information and the extent to which the privacy of the communication is protected by law or by a confidentiality agreement.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]