CSR's Legal Readiness®
State Courts Require You to Protect Client Data.
Failure to do so may Lead to Disciplinary Consequences and Data Disasters.
LEGAL READINESS: A WAY FOR LAWYERS TO TAKE ACTION
Evolving privacy laws and confidentiality rules are reshaping the legal profession. Are you protecting your client’s personally identifiable data in compliance with Professionals Rules of Conduct 1.1, 1.6(c), and 5.3?
Legal Readiness provides the framework for regulatory compliance and data breach risk mitigation.
By answering questions in Legal Readiness, lawyers evaluate their management of confidential and personally identifiable information ("PII"). Expert systems analyze the answers from a privacy perspective and generate a customized schedule of remediation tasks in order of priority.
Legal Readiness then provides guidance on privacy practices and access to information and solutions. It’s an extremely effective way to improve your data privacy practices and data security.
"Legal Readiness will be eye-opening. The fact that there are statutes out there that require more than the confidentiality rule will be informative for many attorneys."Michael J. Lingle, Thomas & Solomon LLP (Rochester)
Most lawyers try hard to protect confidential information. They believe completely in the principle of client confidentiality. But technology poses dangers that many lawyers have not mastered, and nearly all lawyers can significantly improve the way they handle PII and client confidential information, for both paper and digital data. Unfortunately, day-to-day business and urgent client demands get in the way. Now is the time to act with Legal Readiness. You can't fix what you don’t know is broken.
91% of data breaches are avoidable. Most breaches have human causes and result from human error – even the hacks you hear about. Don’t be the lawyer who thinks data security is an issue for an IT specialist or someone else - this is your issue. It is about how you conduct your legal business and about your compliance with the Rules of Professional Conduct and your adherence to the standard of care.
Download the Technical Specs on our privacy assessment for lawyers.
Download the Legal Readiness Product Overview.
Access detailed info on Legal Readiness: Visit Microsite.
Buy Legal Readiness today for $249. Currently available for NY Lawyers. Coming soon for other states.
Are you protecting your clients' confidential and personally identifiable information ("PII") in compliance with New York Rule of Professional Conduct 1.6(c) as amended in 2017?
Legal Readiness is the data privacy assessment designed for lawyers.
It provides a framework for regulatory compliance and data breach risk mitigation.
CLARION CALL: RULE 1.6(c)
Effective January 1, 2017, New York State Courts amended Rule 1.6(c) of the New York Rules of Professional Conduct. It now requires every lawyer to make “reasonable efforts” to safeguard confidential information against inadvertent or unauthorized disclosure or use and -- for the first time -- to safeguard confidential information against unauthorized access.
Legal Readiness is a data privacy assessment for lawyers developed by top compliance experts and evaluated by lawyers with substantial ethics experience. Legal Readiness identifies weak spots in your data handling and helps you fix them. Most data breaches result from human error, and no law firm – large or small – is immune, no matter how much it spends on IT. But you can reduce your exposure with strong procedures and training through Legal Readiness.
Data security is not an issue that can be delegated to an IT specialist or a secretary - it is your issue as a lawyer. It is about your legal practice, your compliance with the Rules of Professional Conduct, and your adherence to the standard of care. That’s why Legal Readiness is so valuable.
- A quick, convenient, and inexpensive framework for regulatory compliance and significant risk mitigation.
- A cost-effective way for you to learn how to comply with rapidly-changing privacy laws and with increasingly-demanding New York ethics rules on competence and confidentiality.
- Proof you are making reasonable efforts and taking action.
YOU WILL EXPERIENCE A DATA BREACH!
The question is not if a lawyer will experience a data breach—it’s when. More than one-quarter of lawyers at large law firms in the U.S. report they have experienced a security breach of some sort, according to the American Bar Association’s 2016 Legal Technology Survey. A breach can occur in a matter of minutes and go undetected for months. Lawyers possess a great deal of PII and other valuable data, which makes them an appealing target. Here are some of the common causes of breaches:
- Physical theft or loss of laptop or other device
- Error (e.g., sending an email to the wrong person)
- Phishing, hacking, malware and ransomware
FALLOOUT FROM A SECURITY BREACH...
The fallout after a data breach can be devastating. Here are just a few of the unfortunate side effects that lawyers can experience:
- Exposure of client data
- Damage to reputation
- Loss of billable hours and vital files
- Costly fees for dealing with the fallout
Professor Roy Simon, Author of Simon's New York Rules of Professional Conduct Annotated, discussing the impact of the 2017 amendment to Rule 1.6(c)
OUR DISTINGUISHED LEGAL ADVISORY COUNCIL
CSR is a data privacy authority. We have augmented our knowledge of data compliance and security with the legal expertise of a superb Legal Advisory Council. The Council is composed eleven esteemed New York lawyers:
- Professor Roy D. Simon, Author, Simon's New York Rules of Professional Conduct Annotated (New York City)
- Robert Barrer Barclay Damon LLP (Syracuse)
- Anne Reynolds Copps Copps DiPaola PLLC (Albany)
- Kenneth L. Gartner Lynn, Gartner, Dunne & Covello, LLP (Mineola)
- Sarah Jo Hamilton Scalise & Hamilton LLP (Scarsdale)
- Deborah E. Kaminetzky Kaminetzky & Associates, P.C (Cedarhurst)
- Thomas A. Leghorn London Fischer LLP (New York City)
- Michael J. Lingle Thomas & Solomon LLP (Rochester)
- Richard Raysman Holland & Knight LLP (New York City)
- Marian C. Rice L'Abbate, Balkan, Colavita, & Contini, LLP (Garden City)
- James Q. Walker Richards Kibbe & Orbe LLP (New York City)
WHAT ARE THE BENEFITS TO YOUR CAREER?
- Compliance with the latest privacy and confidentiality rules and legislation in order to meet professional conduct requirements
- 1.6(c), 1.1, 5.3, and more
- An award-winning data privacy self-assessment tailored specifically for the professional lawyer
- Evaluate how you handle data in your daily business dealings
- Gain access to the latest resources, policy templates, and best practices
- Create proof of your reasonable efforts to keep cleint data safe
- Risk mitigation: Decrease your chance of experiencing a security breach through improved processes and safeguards
- Avoid costly fines
- Reduce the risk of damage to your reputation
- Certification of Completion with an ID StaySafe Trust Shield Program seal for public display
- Provide peace of mind for current clients
- Earn business from potential clients who prioritize data security
- Preparation of applications for cybersecurity insurance
- Cyber insurance is getting harder to obtain. Legal Readiness is a perfect prep tool.
WHAT IS CYBERSECURITY INSURANCE?
A cybersecurity insurance policy is a safety net for organizations that conduct business online. If a security breach occurs, it helps offset the costs incurred during recovery. Cybersecurity insurance can be costly and difficult to obtain, and many organizations simply overlook its importance. In fact, around three-quarters of small businesses do not carry cybersecurity insurance.
Policies are becoming increasingly expensive and difficult to obtain. One major benefit of CSR's Legal Readiness is that it increases your chances of obtaining an affordable policy. CSR privacy experts reviewed the application procedures of eight major insurance companies to confirm that the services CSR provides can strengthen a lawyer’s applications through self-assessment and remediation.
CASE STUDY: LAWYER HACKED
Hacker Holds Florida Lawyer's Data Hostage
In 2016, a law firm in Florida was contacted by a hacker who claimed to have accessed one of the lawyer’s emails, wire transfer instructions, and client information including birth dates and Social Security numbers. The hacker demanded the firm pay 18 Bitcoins (approximately $34,500 at the time) or he would place the private data up for sale. To show the hacker meant business, he provided a data breach website with indisputable proof of the hacking. The law firm stayed fairly quiet about the experience, but it’s safe to say it cost them a great deal of time, money, and stress.
Confidentiality and 1.6(c)
In 2017 the New York Courts modified their Rules of Professional Conduct paragraph (c) of Rule 1.6 (“Confidentiality of Information”) to impose the obligation that lawyers
“…make reasonable efforts to safeguard confidential information against unauthorized access by third parties and against inadvertent or unauthorized disclosure...”
It is further noted in comment  to Rule 1.6 that
“…a lawyer may be required to take specific steps to safeguard a client’s information to comply with a court order (such as a protective order) or to comply with other law (such as state and federal laws or court rules that govern data privacy…)”
3 Simple Ways to Protect Client Confidentiality
Take some free advice. The “3 Simple Ways” download below will give you a taste of the straightforward advice and insight you can expect from the best practices available within Legal Readiness™. You know your business - and we know ours.
If you are doing all three of these things to protect you clients personally identifiable information, you are doing better than 95% of your peers. But you are still not doing enough.Download 3 Simple Ways