Lawyers take note: Ethical obligations to secure confidential client data extend to providers

Prior to joining QuisLex, I spent my entire legal career with three of the largest U.S. banks, where I was part of a legal team that moved an entire enterprise to the cloud, stood up a privacy program and worked through two major data breaches. These experiences in a highly regulated environment gave me a unique skillset – building processes from scratch, maintaining existing successful processes and managing and remediating worst-case scenarios.

Legal operations as a functional area isn’t new, but many organizations are still establishing their programs or actively working to advance their current program to its next stage. In doing so, it’s always necessary to begin with a strategy, budget and, importantly, executive support. Even with those priorities, however, there are challenges faced by many organizations that often prevent growth and success.

Understanding the importance of a comprehensive and decisive timely response to a data breach can mean saving a company’s confidential data and millions of dollars. The two most important leaders within an organization to address this are the Chief Privacy Officer (CPO) and Chief Information Security Officer (CISO). Taking a collaborative approach and creating a proactive action plan will lead to a seamless implementation in the event of a dreaded incident.

Anyone who has seen the movie “The Princess Bride” undoubtedly remembers the character Vizzini, who often exclaimed “inconceivable!” when events did not go as expected.