Cybersecurity Safeguard rules per the ABA (American Bar Association)
- The ABA rules focus on safeguarding client data related to communication, competence, and supervision.
- The rules require lawyers to use competent and reasonable measures to safeguard the confidentiality of client information – this should be communicated with clients regarding a law firm’s use of technology.
- Consent should be garnered from clients when necessary and appropriate with respect to the firm’s use of technology
- Firms should supervise attorneys regarding the use of technology –, both business and personal – to ensure compliance when dealing with confidential client information
- According to the ABA, firms should familiarize themselves with 3 Opinions:
- ABA Formal Opinion 477R, “Securing Communication of Protected Client Information” (May 2017)
- ABA Formal Opinion 483, “Lawyers’ Obligations After an Electronic Data Breach or Cyberattack” (October 2018)
- ABA Formal Opinion 498, “Virtual Practice” (March 2021)
