Yesterday the Oregon Attorney General shared important advice about the Equifax data breach. Here are the key takeaways:
Read the full post, including AG Rosenblum’s reasoning for avoiding the Equifax website, here.
Attorney General Ellen Rosenblum is urging the Oregon legislature to update Oregon’s data breach law:
“Data breach and the distribution of personal information is a growing risk for Oregonians. Nationally, data breaches in 2013 exposed an estimated 546 million piece of personal information. The Oregon Identity Theft Prevention Act of 2007 requires businesses and governmental agencies to notify consumers of digital data breaches and develop safeguards for personal information but provides no protection for medical, insurance or biometric information. By extending enforcement power to the Oregon Department of Justice, Oregon will be able to use the effective enforcement tools of the already-existing Unlawful Trade Practices Act .” Read more here.
Track the status of legislative action on this issue and in other areas that affect your practice by using the Oregon State Bar 2015 Regular Session Bill Tracking tool.
The 2015 Oregon State Bar Law Improvement Proposals are found here. The 2015 Oregon State Bar Legislative Priorities include improvements to court funding in general, eCourt funding in particular, and legal services to the poor. Read more here.
“Cyber threat is one of the most serious economic and national security challenges we face as a nation.” Barack Obama, President of the United States
The Identity Theft Resource Center has documented over 500 data breaches in 2014 through early September. This represents a 26.2% increase over the same time period last year. The news isn’t any better for the legal profession.
The latest ABA Legal Technology Survey Report notes that “Nearly half of law firms were infected with viruses, spyware or malware last year.” Fourteen percent of law firms “experienced a security breach last year in the form of a lost or stolen computer or smartphone, a hacker, a break-in or a website exploit.”
Where to Start
With such staggering numbers, it is easy to become overwhelmed. If you are concerned about cyber security but don’t know where to start, begin here at the ABA Web site. If you are a prolific user of mobile devices, be sure to check out the ABA’s suggestions for Security on the Go. To understand the state of security in US law firms, read this post by Bob Ambrogi.
Make Encryption Your Best Friend
Encryption is a powerful way to protect sensitive data belonging to you and your clients. The ABA post Playing it Safe provides a good overview. Since TrueCyrpt is no longer available, check out the following reviews of encryption software: LIfehacker, GFI, PC World, and Gizmo.
You’ve Heard it Before: Use Strong Passwords
It seems we are reminding lawyers every other day about the importance of using strong passwords unique to each account or Web site. See these recent posts on the ABA Law Technology Today blog:
Firewalls, Anti-Spam, Anti-Virus, Malware Protection
The best protection is comprehensive. This excerpt from The 2014 Solo and Small Firm Technology Guide provides guidance. Don’t be afraid to hire an IT expert to help.
Purchase Cyber Liability and Data Breach Coverage
The Professional Liability Fund (PLF) Excess Claims Made Plan automatically includes a cyber liability and data breach response endorsement with these features:
If you aren’t eligible or don’t wish to purchase excess coverage through the PLF, contact a commercial carrier.
Protect Yourself Against Scams
The security measures outlined above are a good start toward protecting your firm and your clients from scams. For more complete protection, get educated. Order the free PLF CLE: “Protecting Your Firm and Your Client from Scams, Fraud, and Financial Loss,” and talk to your bank about fraud protection services.
[All Rights Reserved – 2014 – Beverly Michaelis]
With data breaches in the news on an almost daily basis, how do you protect your law firm’s assets? What advice should you give to your clients?
The FTC offers a list of 13 data security resources to help you get started. From mobile apps to digital copiers and shutting down spam, there is a ton of good advice to be culled from these posts and PDFs: Continue reading
Oregon Law Practice Management 