Y O U N G L A W Y E R S J O U R N A L

LAW FIRMS NOT IMMUNE TO THIS EVOLVING THREAT

The Benefits of Having an Incident

Response Plan for a Law Firm

By Brian C. Eaton

D

ata breaches today are becoming

more of an inevitability than a

possibility. Law firms are not

immune to the evolving threat of data

breaches. Most notably with the “Panama

Papers” breach of Mossack Fonseca, to high

profile New York firms, and the recent class

action suit against a Chicago based firm,

the legal profession has faced their share of

very public data security issues. Law firms

that are not prepared to deal with a breach

are vulnerable to a worst-case scenario

fallout from the event.

Data breaches in law firms are becoming

more of a trend than an anomaly because

law firms are a rich target for hackers.

They can be storage houses of sensitive

personal information, inside information

on mergers and acquisitions, health care

information and other types of data that

can be used for identity theft. They are

also generally perceived to be softer targets

than some of their clients when it pertains

to data security; thus, making them more

appealing. Smaller to mid-size firms, may

not be able to afford the substantial time

and financial investments to stay protected.

Large firms generally have to fend off

more attacks because of the vast amount

of information they hold. Also, while law

firms may not have collected the health

information or other data directly from

individuals, under HIPPA and state breach

34

NOVEMBER 2017