Posted Aug 12, 2014 04:15 pm CDT
The ABA House of Delegates has adopted a policy encouraging private and public sector organizations to develop, implement and maintain an appropriate cybersecurity program. Such programs would need to comply with applicable ethical and legal obligations. They would also need to be tailored to the nature and scope of the organization, and to the data systems which need protecting.
The threat of cyberattacks on law firms is fast growing, and Resolution 109 was drafted to allow flexibility for small businesses, small law firms and solo practitioners. Last year the association published the ABA Cybersecurity Handbook: A Resource for Attorneys, Law Firms, and Business Professionals. It presents practical guidance and strategies and addresses the relationship and legal obligations between lawyers and clients when cyberattacks occur.
“We do not attempt to define any obligations pursuant to laws or ethical rules,” Neal Sonnet, a member of the Criminal Justice section, told the House of Delegates.