Technology is now ubiquitous in our society and has been for some time. Cell phones, laptops or desktop computers, and tablets dominate our work and play time. Many businesses rely exclusively on digital documentation and often must retain correspondence such as emails under certain circumstances or face harsh consequences. Technology has streamlined business practices and made work more efficient for law firms but has also brought new and unique challenges.
Every attorney has an ethical duty to clients to provide competent representation, zealously advocate for them, and use or at least gain the requisite knowledge to represent them properly. This includes proficiency in using technology if it is utilized and safeguarding sensitive information.
In many cases, law firms require and possess personal information on clients such as social security numbers, tax ID numbers, addresses, tax information, debts owed, the value of assets, business valuations, trade secrets, health information, and other sensitive and confidential information. If such information is leaked or otherwise falls into the hands of adversaries or hackers seeking to blackmail or extort clients, it can have profound consequences for the law firm.
Data Breaches and Safeguards
Data breaches are not uncommon. Occasionally, there are major breaches involving foreign hackers demanding compensation in return for documents stolen from a business’s computer database. Other breaches may be caused by business rivals trying to gain an advantage in a business transaction. Malware can invade a law office’s database, remove or destroy client information, or simply copy it for the hacker’s benefit.
Regardless of the reason, law firms must take all necessary measures to safeguard client information or risk legal malpractice claims such as:
- Training all employees, including partners, associates, legal assistants, and paralegals, on use of technology and the precautions to take to protect client and law firm data
- Institute written policies and procedures on use of law firm computers, tablets, and cell phones
- Allow certain personnel to have access to all law office computers used by all employees to monitor use of resources and to identify possible misuse of information
- Use the most up-to-date cybersecurity software
- Consider cybersecurity insurance to cover breaches and loss of data by hackers and leakers
Failing to take all necessary and reasonable steps to protect client information can have grave consequences. A data breach that leads to a client sustaining significant losses, such as exposure to trade secrets, negotiating strategies, or a breach of contract, can result in a loss of substantial funds. Even in smaller matters such as personal injury or real estate transactions, where the defendant uses a plaintiff’s sensitive or privileged information to gain an advantage that otherwise was not subject to discovery, can lead to significant harm.
If You Suspect Breach or Unconsented Disclosure of Information
If certain information you entrusted to your attorney is exposed because of malware, a leak by an employee, or any other breach, you may have a legal malpractice claim. You do have to show that you did suffer verifiable damages and that the breach or unconsented exposure was the cause of your damages.
In such cases, you will need the experience and knowledge of a legal malpractice attorney who has successfully handled similar matters. The exposed information needs to be verified and shown how it was used to damage your case, or that it led to loss of property or funds that otherwise would not have occurred but for the exposure.
Your legal malpractice attorney can request that the defendant law firm or attorney demonstrate what written policies, if any, were in place to prevent such exposure, what training was provided to the defendant or the firm’s employees, and what other measures were taken to prevent such exposure. Simply having security software such as McAfee or other commercially available software may not be sufficient if the firm’s database were easily compromised or if an employee was able to obtain relevant information and sell it to another party.
Retain a Legal Malpractice Attorney from Burns and Jain
If you suspect legal malpractice because your personal information was exposed without your consent and you suffered significant damages, call a legal malpractice attorney from Burns and Jain. Our attorneys have extensive experience in legal malpractice claims and can properly advise you about your possible claim.