Breach Response Checklist for Law Firms

By Stew Smith

These days, data breaches have become almost commonplace.  It’s no longer if you get breached, but rather when you get breached.  While prevention is still key, it is important law firms implement procedures to quickly detect breaches and contain the damage once confirmed.  Likened to fire preparedness in an office building, cyber-security should be a non-negotiable component of a responsible workplace, regardless of size.  Don’t have a plan in place?  Here is a checklist of items to get you started: 

  • Review your state’s data breach laws and make a list of entities you have to contact.
  • Contact law enforcement or consumer protection agencies, if your state law requires it.
  • Contact your data security specialist or IT consultant.  If you don’t have one, you may want to hire someone to perform an IT security audit so you’re less likely to experience another data breach in the future.
  • Reach out to your insurance company if you have cyber liability insurance.  Your cyber liability insurance provider will pay for some of the costs associated with responding to a data breach, including (depending on your policy) crisis management, credit monitoring and data breach investigation.
  • Investigate the breach, compiling information as to where it occurred and what data was lost.  (If you’re not particularly tech-savvy, hiring a security consultant to perform an audit may be wise.)
  • Repair any security weaknesses, but keep records and evidence of the breach (which you might need to turn over to law enforcement agencies later).
  • Contact a credit monitoring company about fraud and IT theft prevention services you can offer your customers.
  • Set up a telephone line or e-mail address to handle incoming questions and concerns from customers.
  • Post an announcement on your website about the data breach and how customers may contact you with questions.
  • Notify individual customers (via e-mail, telephone or mail, in accordance with state regulations).

Post Assessment & Planning

  • Assess gaps and evaluate effectiveness of plans, procedures and staff training.
  • Adjust security and response plans and processes; communicate and train accordingly.
  • Stay current; test your plan often and remain aware of changing threats and law.
Failing to prepare is preparing to fail.  Take some time to review this checklist and get the ball rolling on a response plan today.  Educate yourself on best practices, seek guidance on where you might be most vulnerable, patch any weaknesses and develop a strong security response plan for potential incidents and recovery.
Stew Smith, CISM is Vice President of Business Development at Business Machine Technologies, Inc.  A 21-year member of the BMT team, Stew helps new clients get the most from BMT’s arsenal of services.  A former Senior Network Engineer, and Operations Manager, Stew has authored many of BMT’s procedures and policies.  Stew may be reached at [email protected].
Share this post: