On August 17, 2022, New York announced an amendment to the Continuing Legal Education (CLE) Program Rules, which adds a requirement for attorneys to complete at least one CLE credit hour in Cybersecurity, Privacy, and Data Protection as part of fulfilling their CLE requirements.
New York barred attorneys will be required to comply starting July 1, 2023.
Subjects that will satisfy the new requirement will include:
-
Cyberthreats
-
Cyberattacks
-
Data breaches
-
Securing and protecting electronic data and communication
-
Appropriate cybersecurity and privacy policies and protocols
-
Compliance with professional and ethical obligations to protect confidential client and law firm data.
Even in-house counsel and law firms outside New York should consider training to ensure an understanding of the data privacy and security laws, as attacks against law firms have increased, ethical rules are tightening, and data privacy and security are becoming increasingly important to clients.