When it comes to cyber security, there is a tremendous emphasis on protecting your clients’ confidential and financial information. You need to invest in security measures that keep your clients safe when you, or anyone in your law firm, operates at all on the internet. This includes, but isn’t limited to, cloud software, cloud storage, hosting, your website, social media, email, your server, your network, and the list goes on and on.
What this emphasis doesn’t address, however, is the question of who is protecting you and your firm?
In truth, addressing these cyber security concerns will be a step in the right direction to protect you and your firm but it is not enough. There are additional steps you can take to protect your firm from threat, harm, and loss that not only includes data but financial theft as well. Consider these five best practice ideas when it comes to protecting you and your firm from cyber security threats:
1. Improve your engagement agreement.
Identify the contractual terms of your relationship with your clients including the parameters of your responsibility for security breaches, hacks, and loss of confidential information. If your state bar rules allow it, consider a hold harmless and indemnification provision against loss to the client.
2. Read your state bar rules.
Has your state implemented any rules related to cyber security, data control, and practices you must have in your office? Has your state business office? Do you know? Knowing now how to protect your firm and what is required of you before there is a problem is extremely important.
3. Determine what your malpractice insurance covers.
When it comes to these issues, how does your malpractice insurance company protect you? Does it protect you? Does it require you to take certain steps in your engagement agreement or have certain policies in your practice before it will protect you? If you don’t know, read your policy. If your policy is unclear, schedule a meeting with your provider right now.
4. Additional insurance policies.
There are business liability, cyber security, and cyber terrorism policies out there to protect your business. Depending on the limits of your malpractice policy, now may be the time to invest in one. Determine where gaps in your coverage are and then determine what you need to best protect your law firm.
5. Terms and conditions that govern you.
Most of us don’t read the terms and conditions governing our relationships. If we did, we probably wouldn’t agree to do or use anything anymore. When it comes to third party relationships, however, you need to know what your responsibilities are and how to be prepared for them. Be sure to read them, know where you assume liability in your practice, and what to do in the event of hack or security breach.