The Attorney's Role in Cyber Security Compliance (Live Replay Webinar)
Tell a Friend About This EventTell a Friend
 

11/25/2019
When: Monday, Novembe 25, 2019
11:00 AM - 1:00 PM CT


Online registration is closed.
« Go to Upcoming Event List  

MCLE Accreditation
NE MCLE #184536.  2.0 Ethics Hours (Distance Learning)
**Webinars are conducted via the GoToMeeting platform.  Click here for system requirements.

Registration Fees
$130 – Regular Registration
$100 - NSBA Dues-Paying Member (Eligible for members to use their two free ethics credit)
$0 – Law Students

NSBA Dues Paying Members:  If you have not already claimed your 2 hours of FREE Ethics for 2019, please enter the Promo Code ethics2019 when checking out in store.  Be sure to click the "Apply" button to ensure the discount is applied.***

***PLEASE NOTE: As a voluntary dues-paying member you are only eligible to attend ONE NSBA two-hour FREE ethics program each year.  If you are unsure whether you have already used the promo code to attend one of the member benefit ethics CLE programs for free, then please contact Karla Roscoe at 402-475-7091 or email her at kroscoe@nebar.com before registering, otherwise you will be invoiced the full registration price.


Lawyers have an ethical obligation to ensure their systems and data are secure. Law firms have a wealth of confidential and valuable information making them an ever-growing target of cyber-attacks. On October 17, 2018, the American Bar Association Standing Committee on Ethics and Professional Responsibility issued Formal Op. 483, which reaffirms the duties and obligations of attorneys to safeguard client data and notify clients of a data breach, or a substantially likely breach, resulting from a cyber-attack. A “data breach” is defined as a “data event where material client confidential information is misappropriated, destroyed or otherwise compromised, or where a lawyer’s ability to perform the legal services for which the lawyer is hired is significantly impaired by the episode.”

A breach of a law firm’s information technology system is a breach of Neb. Ct. R. of Prof. Cond. §3-501.1 (6) which expects attorneys “to keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.” In other words, the duty of competence requires lawyers to be sufficiently competent in technology in order that they are able to safeguard client information in addition to being able to correctly administer, monitor and protect the technology they are using to prevent data breaches. Therefore, the duty of competence requires lawyers to undertake reasonable efforts to monitor their technology to ensure data breaches do not happen and if one does happen, then the lawyer must act reasonably to promptly stop the breach and mitigate damage resulting from the breach.

This session will cover:

  • Understanding expectations for ethical conduct
    • What makes information sensitive
    • What is the likelihood of information being disclosed
    • Implementing cyber security measures
    • Minimum standards a lawyer should meet
    • What are clients’ expectations
  • Ethics Opinion, Rules of Professional Conduct, Statutes/Regulations
    • ABA Formal Op. 477R
    • ABA Formal Op. 483
    • Neb. Ct. R. of Prof. Cond. §3-501.1 (Competence)
    • Neb. Ct. R. of Prof. Cond. §3-501.3 (Diligence)
    • Neb. Ct. R. of Prof. Cond. §3-501.6 (Confidentiality of Information)
    • Neb. Ct. R. of Prof. Cond. §3-501.15 (Safekeeping property)
    • Neb. Ct. R. of Prof. Cond. §3-503.2 (Expediting litigation)
    • Neb. Ct. R. of Prof. Cond. §3-503.3 (Candor to the Tribunal)
    • Neb. Ct. R. of Prof. Cond. §3-503.4 (Fairness to opposing party and counsel)
    • Neb. Ct. R. of Prof. Cond. §3-505.1 (Responsibilities of a partner or supervisory lawyer)
    • Neb. Ct. R. of Prof. Cond. §3-505.3 (Responsibilities regarding nonlawyer assistants)
    • Neb. Ct. R. of Prof. Cond. §3-508.4 (Misconduct)
  • Federal and State Statutes/Regulations
    • HIPAA
    • Gram Leach Bliley Act
    • Sarbanes Oxley
    • GDPR
    • LB 757 (2018) – Update to the Financial Data Protection and Consumer Notification of Data Security Breach Act of 2006

 

Todd Sexton, Chief Executive Officer, Identillect Technologies: Todd Sexton is an accomplished speaker and author in the field of cyber security and data handling regulation. Over the past 15 years, Todd has focused on cyber security compliance in an ever-changing landscape of regulatory requirements. Specifically focused on helping lawyers understand technology, he spends a tremendous amount of effort assisting the legal community on the advancing data handling regulations, cybersecurity threats, and wire fraud/data tampering.