New York is first state to require CLE course in cybersecurity

  • Print

cybersecurity words on keyboard

Image from Shutterstock.

Lawyers in New York will have to take at least a one-hour cybersecurity course as part of their continuing legal education requirements beginning in July 2023.

Although Florida and North Carolina require some technology training as part of their CLE requirements, New York is the first state to require coursework in cybersecurity, data privacy or data protection, LawSites reports.

New York has already adopted an ethical duty of technology competence for lawyers. The new CLE requirement, adopted in June, requires one hour of CLE related to cybersecurity, privacy and data protection every two years. The hour can be related to lawyers’ ethical obligations regarding data protection or to technological aspects of protecting law office and client data.

The mandated one-hour training counts toward the 32-hour CLE requirement for new lawyers in their first two years after admission to the bar. It counts toward the 24-hour biennial CLE requirement for other lawyers.

Lawyers can apply up to three hours of cybersecurity ethics training toward their ethics and professionalism CLE requirement. Mandated professionalism training is six hours over two years for new lawyers and four hours over two years for other lawyers.

The New York State Supreme Court’s Appellate Division adopted the cybersecurity CLE requirement based on a recommendation from the New York State Bar Association’s Committee on Technology and the Legal Profession. The NYSBA approved the committee report in June 2020, according to the bar’s news center.

Give us feedback, share a story tip or update, or report an error.