One of the primary responsibilities of an attorney is keeping client information confidential and secure. As most information is now stored electronically, keeping data confidential is in some ways more difficult than it was in the past. Law firm cyber security breaches often involve the leakage of client or employee information, which can be damaging for all involved. While breaches of cyber security have become increasingly common over the years, many fail to realize how susceptible they truly are to such attacks. However, the threat cyber hacking is particularly threatening for law firms. In fact, in 2009 the FBI issued an official warning that hackers were specifically targeting law firms.
Beyond hacking, are three main causes for Law Firm data leaks:
1. negligent disposal of client records
2. theft or ruin of devices
3. improper use of internal security
While steps may be taken to prevent a data breach from occurring in the first place, the consequences of such an occurrence are so great that law firms are advised to invest in cyber liability insurance.
Cyber data breaches may result in a series of harmful consequences for those involved. As attorneys are by law obligated to protect client information, following a data leak, firms may be presented with malpractice claims and lawsuits. Depending on the state in which you practice, laws regarding the appropriate treatment and disposal of client information vary. The consequences your firm will face following a cyber attack are often unpredictable, but recovery from a data leak is almost always an expensive process.
Cyber Liability Insurance For Your Firm
According to the Ponemon Institute, in 2013 the average cost of a data breach, for one company, was 3.5 million. The full study may be read here. Security breaches often result in unexpected costs, such as those related to hiring an IT investigator to determine what went wrong and allowed the breach to occur in the first place. There are costs related to public relations, alerting those whose information has been leaked, and managing any resulting legal expenses. Many believe cyber liability is covered under legal professional liability insurance. While traditional insurance may cover certain aspects of a cyber attack, there are many grey areas that remain exposed. The only way to truly protect your firm from the costs of a cyber data breach is by investing in cyber liability insurance.
Cyber liability insurance ranges widely in coverage and protection, to fit the needs of your firm. You should ask your insurance provider to conduct a cyber risk review to ensure your plan meets your needs. Consider whether or not you want your insurance to cover the following:
- costs related to hiring an IT investigator following a data breach
- third party claims (violation of one’s right to privacy, ect.)
- meetings with PR firms
- business interruption
For more tips on cyber safety, look here.