Lawyeringforlawyers
This can be deemed an advertisement in some jurisdictions.
  • Home
  • About Steve
  • Law Firm Blog
  • Humor Blog
  • Contact

SOME NEEDED INSURANCE IN THE LAW OFFICE

11/4/2015

1 Comment

 

 
 
                    We often joke that we lawyers knew more black letter law upon graduation from law school, or at the Bar Exam, than at any other time in our careers.  It is always that pesky change that affects what we know.  The statutory and the common law and the rules all change almost daily.  Maybe that is where the phrase “practicing law” came from because you have to constantly practice dealing with changes in order to survive as a lawyer.  In 1967 U.K. Prime Minister Harold Wilson said:  “He who rejects change is the architect of decay.”
                    In this changing environment, we all learned the basics of risk arising from the practice of law and most offices have comprehensive general liability policies for our offices and equipment and Lawyers’ Professional Liability (“LPL”) for negligence, errors or omissions with regard to client work.  While LPL is not required, most prudent lawyers do not want to risk their personal assets for such expected risk exposure.
                    Think now of the changes in your practice in just the most recent years.  Electronics have replaced the traditional pen and paper approach.  These changes then placed great emphasis on the protection of health and other private records that are now being used in electronic form.  You and your clients are now exposed to large costs and penalties if some of these records got loose in the process.  Well, the fact of the matter is that information in that form does get loose, probably far more so than when it was locked in your office in a file folder in a drawer. 
                    Let’s just look at this month’s news feed:
•    Office of Personnel Management said hackers stole 5.6 million fingerprints it had on file.  (All across the federal agencies)
 
•    Hackers stole federal personnel data on 21.5 million people including their social security numbers.
 
•    Excellus Blue Cross Blue Shield had 7 million files breached and its subsidiary Lifetime Healthcare Cos. had about 3.5 million exposed with all their personal and medical data.
 
•    15 million T-Mobile customer records (including encrypted information) were stolen via Experian’s site.
 
•    6400 American Bankers Association e-mails and passwords stolen and posted online.
 
•    Sony, Target, Anthem and Home Depot as just a few of the Fortune 500 to be breached in the past year.
 
                    So, if happened on this scale recently, it is likely that someone wanting something from your files has already done so, or will.   A law firm would be a great place to get sensitive and valuable proprietary materials, and a lot easier to hack than those listed above.  That just deals with the people trying to get in and obtain the information.  Add to that the inadvertent lost laptop with lots of medical data, etc., and you have plenty of risk and exposure from these changes in the practice.
                    So how well are you protected for this change and this new and unexpected risk?  You might have coverage if a client sues you, but then only for covered items and after your deductible under your LPL policy.  But the real cost of these types of breaches or data losses comes earlier from the immediate things not covered like:
•    Computer experts to discover all details and rebuild the hack;
 
•    Public relations costs;
 
•    Loss of reputation and business income losses;
 
•    Damages to injured parties, not necessarily your clients;
 
•    Notification costs;
 
•    Government investigations;
 
•    Employee claims.
 
                    The insurance industry responded quickly and began selling stand-alone cyber insurance policies.  Yet, it seems that few firms have such policies despite these being available from many sources with various types of protection at business acceptable cost.   Debra Cassens Weiss, reporting for the ABA Journal, noted a 2015 survey of 880 lawyers which had only 11% (of those responding) with cyber liability policies in place.  Significant numbers of those in this Bloomberg BNA’s Big Law Business survey did report that their firms had experienced computer viruses or hacking incidents.  Contrast all this with 80% of surveyed General Counsel of companies saying cyber security is their number one concern in 2015.  There is a human factors element involved with the law firms here also.  Lawyers do not want to reveal that their esteemed firm has been breached, and many also just do not know that they have been breached.
                    Dan Bressler in a recent Law Firm Risk Blog noted data from Mandiant which finds that 80 of the 100 biggest law firms in the U.S. have been hacked since 2011.  That being said, I believe the smaller your practice the easier it will be to be breached.
                    It does not appear this risk is a “Y2K” kind of issue that might not happen.  Just think of what you might need if all your files were breached.  Identifying who, what, when and where could cost a bunch.  How to fix it and how to notify all who had records with you would be a problem.  It would therefore appear reasonable to have such cyber insurance coverage and team up with experts to (1) help prevent the loss and (2) have all these resources on call if a firm laptop, for example, with class action medical files just disappears and the health care penalties have kicked in.

1 Comment
Connor Leon link
9/22/2023 06:14:27 pm

This was great to readd

Reply



Leave a Reply.

    Author

    Steve Crislip was the General Counsel and Loss Prevention Member to a 11 office and 7 jurisdiction law firm for 10 years and has been defending lawyers and firms for more than 25 years and litigating for 40 years.
    These articles reflect lessons learned for Law Firms.

    Archives

    October 2017
    September 2017
    August 2017
    April 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013
    December 2012
    November 2012

    Categories

    All
    Ames & Gough
    Checklists
    Computers And Lawyers
    Confidentialty And Lawyers
    Guidelines
    Law Firms
    Law Office Practice
    Law Office Practice
    Lawyers On Boards
    Legal Claims
    Legal Claims
    Legal Malpractice
    Legal Malpractice
    Loss Prevention
    Loss Prevention
    Loss Prevention In Law Firms
    Professional Liability
    Professional Liabilty

    RSS Feed

Powered by Create your own unique website with customizable templates.