But, for lawyers, the notion of risk mostly starts and ends with the specter of committing malpractice.  With so many rules and laws governing the profession, attorneys are rightly concerned with screwing up — even if they do so without malice.  That’s why lawyers starting new firms are always looking to acquire malpractice insurance, in the first instance.

Before you rush to get a policy, however, there are some things you should know.

The When.  If you’re a new lawyer and you don’t have any clients, you don’t need malpractice insurance.  Who is going to report you, or sue you?  So, if you don’t anticipate taking on your first client for 6 months, don’t pay for insurance until you do.  The insurance acquisition process is relatively quick, and some providers now offer cloud-based application and renewal options. It’s important to note, as well, that professional liability insurance is a ‘claims-made’ policy.  That means that the insurance must be in place when the claim is made by the client, not when the alleged incident of malpractice occurred.  Practically speaking, then, even if it took you three weeks to get your malpractice insurance squared away, it’s very unlikely that your first client will be making a complaint about you in that window.  You could, of course, extend that window, and try to guess at which point your first complaint comes in, to try get away with not paying for malpractice insurance for a little while longer; but, that’s the most dangerous game — better to get the policy in place right after you sign your first client.  If you’re starting up with a historical practice behind you, of if you’re porting over a book of business, you’ll want to understand what ‘tail’ coverage options you have, in case claims arise out of your prior practice.  But, know that, in some states, like Massachusetts, malpractice insurance is not required: you’ll just have to report whether or not you have it.  Of course, you’d be crazy not to get it, even when you don’t, technically, have to.

The Where.  There are a number of sources for acquiring professional liability insurance for lawyers.  Many attorneys will turn, in the first instance, to bar associations, some of which have full-scale insurance agencies, but most of which maintain partnerships with insurance companies.  Just be careful here, because in many cases, that partnership means that the bar association provider will not be able to shop rates: they’re locked into working with their partner.  Similarly, you can buy malpractice insurance directly from large, name carriers, like Liberty Mutual or Travelers.  If you use a private insurance agency, you will have in your corner an agent, who can shop you around for the best rate.  But, regardless of whether you use an agent or not, you should compare several options before deciding on a policy.  Policy limits will be defined, mainly, by your risk profile and tolerance; but, keep in mind that, in some cases, especially if you’re being referred cases by branded networks, lawyer referral services or agencies (like title insurance companies), you may be required to maintain certain policy limits by those organizations.  Finally, since professional liability insurance is just another type of insurance, like your home, auto or life insurance, bundling it with other insurances may save you some money.

Claims Made. Not all malpractice insurance policies are created equal.  Your rate will depend on several factors.  If you are starting a law firm right out of law school, your rates will be lower, in part because, statistically, new lawyers are a low risk for malpractice claims (they’re still being careful), and in part because new lawyers have a ‘short tail’ or no tail at all — there are no past clients who can make a claim at the time the policy is signed.  Rates rise as the tail grows — as the list of past clients increases.  Your rates will also depend on your practice area.  Statistically, some practice areas (like family law) have higher incidences of claims than others.  And, if you decide to practice in those areas, you’ll pay for the privilege.  In certain cases, including patent law or intellectual property law, it may be difficult to find coverage at all, if you’re opening a solo or small firm law office.

Ride-Along.  Your rate will also be affected by the policy riders that you choose.  There are a number of different ‘riders’ that could attach to your basic malpractice insurance policy; these are additional coverages (like ‘full collision’ or rental car coverage on your auto insurance) that will push your rate upward.  Umbrella coverage of some kind is not uncommon.  Cyberinsurance, to protect against data breach, is increasing in popularity, for obvious reasons.

Once you have your malpractice insurance in place, you can practice with increased confidence; and, if you choose wisely, you can save money, while simultaneously covering as much of your risk profile as possible.

. . .

If you want to start your own law firm, join me for an exclusive workshop, coming up in Boston (August 24-26) and New York (September 7-9).

For more information, visit the official site: www.buildyourownlawfirm.com.

Social media hashtag: #BYOLF.

Visit our Sponsors:

LEAP

Answer1

Now, car radios are certainly simpler to access than legal software.  But, those tools are not totally dissimilar, including in terms of usage.  So, you know how to change the station and adjust the volume on your car radio.  What else do you know about how to use it?  You’ve probably picked up a few tricks here and there, over time — maybe you can favorite songs; but, if you read through the instruction manual, you’d find some more cool stuff, and you’d quickly be a car radio maven.  Your use of your car radio would be broader, more streamlined, better.  Not to mention all of the stuff that you can access through the refined radio menu of most cars: navigation features, paring phones, several levels of climate control, etc.  It’s the quite the array of access tools.  If you’re just turning down the volume, you’re not getting the whole experience.

It’s sort of the same deal when it comes to legal software, especially case management software.  You can use it for a limited function set — say, time and billing.  But, when you’re doing that, you’re definitely not getting your money’s worth.  And, if that’s all you want out of your software, there are a number of free, standalone time and billing programs at your disposal.  If you’re gonna get something robust, take advantage of as large a percentage of effective features as you can, consider integrations.

So, if you’re going to spend your money on a significant software solution for your law firm, read the instruction manual, get trained, involve your staff, invest in your future.  The more time you can spend upfront learning about the technology you use in your law firm, the more efficient you’ll be.

And, the more efficient you become now, the better equipped you’ll be to ward off the robot apocalypse later . . .

Liner Notes

‘Feel It Still’ by Portugal.  The Man

It’s not often that I’m into a currently-popular song; but, my kids discovered this one, and I really like it, too.

There’s a lot to like here.  A stripped-down version is also pretty good.  The band employs a guitarist in a wheelchair.  I’m Portuguese.  They cover Oasis.  And, it gave Aaron Paul a reason to jump on a treadmill.

Enter Embroker.

Embroker represents a new way for law firms to apply for and re-up on their professional liability insurance policies. Even as modern software invades the legal industry, insurance companies have been slow to react to the advantages offered by the cloud and the internet-based software it facilitates. Embroker offers a cloud-based platform for lawyers and law firms to apply for and to renew insurance policies. This approach eliminates the need for a traditional, paper-based application. Enter your information once, and update it on a yearly basis, to ensure that your policy remains in force. The whole process is rendered paperless; access all of your policy information and documents, at any time, through your Embroker account.

Embroker also allows you to better protect yourself by utilizing the data you provide to more easily locate gaps in your coverage — whether you need additional lines of insurance (umbrella, auto, home, etc.) or specialty coverage, like cyber insurance or a social engineering policy. Because Embroker collects data from law firms it insures across the country, it is able to benchmark your policies against policies maintained by similarly-situated law firms, so that you can be sure you’re getting the best rate. This level of transparency is a hallmark of Embroker’s operation.

Modern consumers expect control, cost savings and efficiency derived from technology; that triumvirate of advantages has now arrived for law firms buying professional liability insurance.

Read more about Embroker’s process, and visit their website. Embroker is commitment-free; try it out the next time you need to renew your professional liability insurance, and see what Embroker can do for you.

I do think that the vast majority of solo and small firm lawyers have a good sense of how to run a business.  The failure is often in the execution.  Development usually does not go beyond the business plan stage, if it ever even gets there.

Businesspersons often think of creating systems, and then choosing programs to run those systems.  The question is usually not asked in the reverse.  Hence, ‘here’s my paperless workflow, what system should I use now’ is a more common application than ‘I bought Adobe Acrobat, let me build a paperless workflow around its functions’.  I would submit that the second arrangement might be the better formulation.

If, in defining your law firm’s communication methodology, you based that determination on how you would use Slack, as an internal and external conversations driver, you might discover a more seamless approach than if you stumbled upon it later. If it’s true that a law practice management software is the most important product a law firm can invest in, doesn’t it make sense to choose that anchor software first, and then create your workflows based on its features?  Isn’t this a better approach than choosing the same old software, because you don’t want to test anything else, and then complaining, after you start using it, that it doesn’t do what you want it to do?  One of the reasons lawyers don’t like to adopt new technology (even when it’s better) is because they don’t want to undergo a learning curve.  Selecting a software product with a full understanding of its features, and building your practices around that, reduces or eliminates that learning curve.

With the current focus on attorney competence related to technology, taking a more proactive approach to software choice and implementation not only makes sense from an efficiency perspective, it may also be a new and improved way to ward off malpractice.

. . .

Liner Notes

‘Keep on Tryin’’ by Timothy B. Schmit

As usual, when something like this happens, people start freaking right the hell out.  However, when viewed through the lens of the already-existing obligations that attach to lawyers’ management of their clients’ data, the opinion does not lump any more responsibility upon law firms than that which already exists.  Essentially, the publication serves as a gentle reminder, to start walking the line, for lawyers who have not heeded the trend line of the new technology competence angle attached to Model Rule 1.1 (and the states’ heavy adoption of it) and the updates to Model Rule 1.6.

At this point, every state has a data security law.  Lawyers are not exempt from those laws; neither should they be.  If there are universal principles of those laws, they are as follows: (1) Make reasonable efforts to secure your clients’ data.  (2) Use encryption for particularly sensitive data categories, e.g. — social security numbers, financial account numbers.  (3) ‘Reasonable’ efforts are determined based on business-specific factors.  (4) Vet vendors who will retain your data.  (5) Determine vulnerabilities and address solutions, preferably in written format; update the risk assessment from time to time.  The new ABA opinion basically adopts these requirements.  So, if you’re following your state law covering data protection already, you’re likely to be at, or above, where the ABA wants you to be.

Of course, the majority of solo and small firm attorneys do not meet state requirements for data protection, in part because they are (perhaps ironically), taking a calculated risk — there have not been many high-profile data breach investigations made against or penalties imposed upon solo and small firm lawyers.  Now, that doesn’t mean there won’t be.  And, now that the ABA is highlighting, and offering tacit approval of, state law requirements, the less compliant your law firm is, the more likely you will be exposed to state- and bar-imposed penalties.

The ABA opinion also addresses a fact scenario in which a lawyer and a client have agreed to approach data security in a certain way.  The advice is that the lawyer should follow the terms of that agreement.  . . . Well, thank you, Captain Obvious.  Some state bars are more specific about this, and recommend that the genesis of that discussion derives from inside the fee agreement — the Massachusetts Bar Association has done so — and, I think that is the better approach; every lawyer knows or should know that her first obligation is to follow-through on promises made to clients.  The ABA opinion noses around suggesting such a fee agreement clause, but never quite gets there.  And, in the real world, it’s the rare instance where small firm lawyers and their clients are settling up a specific data security program for a particular client’s case.  Clients expect that lawyers will, and lawyers should, dictate the terms of that arrangement — which, yes, must represent a reasonably secure approach.

The ABA is also more generic than state law in determining what specific types of information are particularly sensitive, thus warranting a higher level of protection — some state laws also prescribe specific protection mechanisms and levels of protection.  Of course, the ABA is stacking generalities intentionally.  Lawyers lust after generalities, because as soon as you start defining down, you construct loopholes.  If ten items are included in a list, there are tens of thousands of items that could conceivably be excluded from that list.  It also makes good sense not to drill too deeply, given the pace of technological change in the legal industry; there is the risk of legislating against something that will become passé in three months’ time.  However, this is not just a philosophical choice.  The fact is that those who most frequently utilize ethics opinions (malpractice attorneys, bar overseers, bar associations) are ill-equipped to engage high-level discussion of the specifics of technology applications, including in the realm of data security.  A broad application allows those folks a larger sandbox in which to play, and reduces the technical knowledge outside of substantive law that they must bring to bear.

The Bottom Line

So, here’s the deal:

Formal Opinion 477 actually changes very little about your practical responsibilities as a law firm in terms of managing your clients’ data.

If you follow your state’s laws respecting data protection and/or strive for ‘best practices’ rather than ‘minimum competency’, you should be good not only in terms of your ethics and malpractice obligations, but also in terms of your clients’ belief in your ability to secure their data, and your own belief that you are doing everything you can to safeguard your client’s data.

Many solo and small firm lawyers complain about encryption because their clients complain about encryption, as evidenced in the comments to Bob’s post.  But, there are myriad ways to manage encryption, and also to educate clients on, not only the importance of data security, but also about how convenience often butts against security. Even so, delivering encrypted matter to clients is getting ever simpler; and, probably the easiest current market solution is the use of a client portal available through a law practice management system — which is a solution that the opinion itself alludes to on page 7.

Things I Like and Do Not Like

The problem with ethics opinions like these is that they almost always read like they were written by your Grandma(ma).  On page 5 of the opinion, reference is made to the purported fact that some information is so sensitive that it should not be transmitted electronically at all.  But, that’s a virtually impossible solution for a modern practice, and cuts against a lawyer’s ability to keep electronic records, which is essential in resolving malpractice disputes.  On page 5, there is also discussion of the potential for issues related to ‘message boards’.  And, let me tell you: message boards, chat rooms — they have been proxy harbingers of disasters lurking in ethics opinions since at least the mid-90s.  The problem is that there’s little to no definition about what these are, and how they work in a modern environment.  There are public communication tools (Reddit) and there are private communication tools (invite-only listservs); there are internal communication tools (Slack) and external communication tools (limited access client portals).  I think most attorneys are aware that you don’t directly solicit clients via ‘message boards’, and that you don’t post in public fora information about the case you’re working on.  For real, wake me up when someone writes an ethics opinion about Reddit.

That being said, I do think that, as far as ethics opinions go, there is a solid chunk of good, practical detail that is addressed.  For example, there is a great discussion at the end of page 7 about when and how privilege may be waived; for example: when clients communicate with their attorneys via their work-issued devices.  The application of disclaimers to email, as referenced at the top of page 8, is interesting, insofar as it will trigger the recipient lawyer’s responsibilities under Rule 4.4 — with respect to data security, most people think only of the obligation of the sender; but, lawyers are a special case.  I also like that there is an admission that it is not a measure of weakness for lawyers to ask for help on matters of data security, as outlined at page 9: ‘Any lack of individual competence by a lawyer to evaluate and employ safeguards to protect client confidences may be addressed through association with another lawyer or expert, or by education.’   (I mean, you could hire a law practice management consultant for that, if you wanted.  Just sayin’.  . . .  AHEM.)  Finally, and not for nothing; but, in attempting to write for an entire nation of lawyers, where various jurisdictions may expand on the principles outlined in this opinion, it’s probably better to go broad anyway.

Encore

Ultimately, even if a pronouncement like ABA Formal Opinion 477 is more sound than fury, it will hopefully serve as a jolt to those solo and small firm attorneys who don’t care a fig for data security, and provide them incentive to step up their respective games.  In turn, it will also be interesting to see whether a proclamation like this will empower bar ethics staff to more aggressively deter technology incompetence perpetrated by lawyers, where state laws have not been used to address issues present in the legal vertical.

We shall see what results.

. . .

Liner Notes

‘Luxury Liner’ by Emmylou Harris

Emmylou Harris had a siiiiiick backing band back in the day — Albert Lee is just an animal.  If the audio quality was better on my link, you would be hard-pressed to pick up the fact that this was a live show.

Also, replicable.

No, I’m not holding up a sign, and talking about the end times.  I am, however, addressing software versions.  Even now, I regularly run across law firms that operate different versions of local applications.  So, maybe three different vintages of Adobe Acrobat, with different settings and different costs, all ostensibly meant to do the same thing: manage PDFs.  Now, you might be thinking to yourself, ‘Hey, I have, like, seven different versions of Adobe Acrobat – it’s all good in the hood!’ However, running that many different versions of a software can be problematic, for a variety of reasons.

For one, thing it’s more difficult to train/update employees and troubleshoot existing issues.  Internally, someone trying to a question about how to use a program may be flummoxed by the fact that their process (built in one version) may not work for the questioner (who may be using another version).  That issue can also be exacerbated when clients deal with multiple staffpersons, who themselves are attached to different systems.  From a budget management perspective, your replacement table may be all over the board (meaning you won’t effectuate it — because it’s harder to do), and the different payment requirements for different versions means that it will be impossible for you to flatten your cost allocations.  Law firms are also historically bad at updating local software applications.  Not only does that mean that your systems won’t be working as effectively as they could be, it could also leave you exposed to viruses and nefarious data hacks.

Neither is this problem localized to non-cloud-based technology infrastructures.  There are plenty of law firms running different desktop versions of cloud-based software that they also utilize.  For example, there are a lot of law firms that use Office 365, along with other version of Office, all the way down to Office on XP — which is a dangerous thing to do.

This is all so much easier with cloud-based software.  Let the developers worry about the versions.  All you need to know is that, since the software is cloud-based, your version is always the latest version.  Everyone is working with the same tools, in the same way.  Clients are exposed to the same features.  Your payment schedule is synchronized and predictable.

Now, that’s a version of events you can stick to.

. . .

Liner Notes

The Eagles are alright; but, if you’re really talking about the evolution of the pop country sound, Poco is where it’s at.  They’re one of the most underrated bands of all-time, led by one of the most underrated band leaders of all-time: Richie Furay, who is less than famous.

Here’s a smattering:

‘Good Feelin’ To Know’

‘Just for You and Me’

‘Pickin’ Up the Pieces’

‘Grand Junction’

‘You Better Think Twice’

Man, that is SO good.

Know that I do celebrate Poco’s entire catalogue, and could go on — even though I won’t.

What this means is that various industries value the multiple skillsets that lawyers employ.  In an ironic twist, though — that’s not necessarily the case within the legal industry itself.

Law firms value substantive work and . . .  Well, they value substantive work.  Law firms haven’t yet found an effective way to integrate the broader attorney-business tool chest into what they do.  The question then becomes: What does a lawyer do, outside of substantive legal work, that provides, real, actual value to a law firm?  Rainmakers are valuable, of course; but, they’re the means to the end.  They’re stepping on the other side of the teeter totter, the shaft to the crank that becomes the next wave of billable work.  But, how about lawyers who are excellent business managers?  What about lawyers who have a keen degree of emotional intelligence?  That bears on marketing, yes; but, there are many other, as-yet-undiscovered applications.

What about attorneys who understand and effectively utilize technology? Especially with the recent spate of ethics rules changes, isn’t that a valuable skill for an attorney to utilize in a law firm context?  Certainly.  But, how does a lawyer who can develop workflows and manage processes and help to implement software and build an effective data protection plan for the law firm get valued?  It’s difficult for law firm management to quantify and reward such behaviors; and, this is especially true in small law firms, which exist in the barren valley between DIY and outsourcing: These law firms don’t have the time to do it themselves; but, they don’t have the money to outsource.  In that case, the obvious answer seems to be the fostering of internal solutions.

The good news is that small law firms are beginning to figure this out, mostly in the way that they utilize young lawyers.  More and more often, I am being approached by young lawyers, who have been assigned technology-related projects by the law firms they work for.  It used to be that these projects represented busy work: no one else at the firm wanted to deal with the issue, it was passed off to the noob, who would report back, and then nothing would get done.  Lately, however, I‘m beginning to see these projects bear fruit.  Law firm management is beginning to take technology more seriously — and, by extension, they’re taking those involved in managing those projects more seriously.

So, while it’s still ill-defined, there is a definitive shift to new lawyers in small firms having value attached to their preexisting or developed technology expertise.  How that shakes out in terms of job structure and compensation is yet to be seen.  But, it’s an awfully good place to start.

. . .

Liner Notes

‘Foreplay/Long Time’ by Boston

Everything in the legal field takes a long time to develop; and, the foreplay is far less exciting  . . . than the guitar licks linked above.

If it’s not one software license that gets shared, it’s that law firms are buying fewer licenses that they actually need, forcing users to double up.  Maybe there’s a shared log-in for staff.

Of course, this is less of a problem than it used to be.  Modern software allows for simultaneous log-ins, so no one’s getting booted anymore.

However, there’s one big problem with shared log-ins: it’s so much harder to manage tasks.  If there is a shared license, the name of the user to which that license is associated is irrelevant.  That ‘person’ has become a ‘group’ of people, by definition.  Let’s take that simple example of a shared staff log-in.  If three staffpersons are sharing a license, you’ve essentially made it impossible to assign specific tasks to any one of them, because you’re required to assign those tasks to the group, due to the way you’ve set up your system.  If you want to assign specific tasks to specific staffpersons, and to more effectively manage workflows, you must acquire a license for each of those staffpersons.

Lawyers who want to practice at the top of their law licenses need to delegate effectively.  Only then can you spend the most time performing those creative tasks that lawyers get paid the most to do.  To effectively delegate to individuals, lawyers must provide those individuals with their own software licenses.

The good news is that the cloud has brought down the price of software to such an extent that individual licenses are less costly than ever.

See what I did there: Don’t be cheap up-front, and you’ll make more in the long run.  That’s a beautiful thing.

. . .

Liner Notes

Speaking of which . . .

‘The Long Run’ by the Eagles

This is my jam, actually.

R.I.P. Glenn Frey.

Keeping more than one calendar invites transposition errors.  Plus, it’s more likely that any one person will fail to do two things, than any one person will fail to do one thing.  (Enter a meeting twice?  The chances of success go down from it happening once.)  Then there’s the whole ‘too many chefs’ thing.  And, though it won’t matter for ethics purposes, under the dual calendar system, it’s too easy for lawyers to pin scheduling mistakes on staff.

The justification for a dual calendar system made some sense prior to the internet age.  There wasn’t really a better solution.  (I imagine Bob Cratchit keeping two sets of books for Ebenezer Scrooge.)  Now, there is.

In 2017 (wow – that was weird), the better strategy by far is to maintain one calendar.  Of course, that doesn’t mean that you access only one calendar.  The rise of cloud computing, including the modern facility of integrating between systems, makes it possible to link several calendars.  Enter appointments and tasks into any of those calendars, and the events and responsibilities will populate to every other calendar you’ve linked to it.  In terms of streamlining that process, a preferred workflow would be to utilize your law practice management system calendar as your primary entry point, and sync it to your email system,  which method would also allow you access to each of those systems’ mobile applications.

Create once, and populate everywhere . . . Just don’t get a God complex about your newfound power.

And, if you don’t think calendar management is essential to law practice management, I can tell you that the number of ethics and malpractice claims that arise out of missed deadlines and appointments is staggering.

. . .

Liner Notes

That’s some ill communication right there.

‘Sabotage’ by Beastie Boys

Of course, usability is a two-way street.  Software vendors have to build and update truly useful platforms for law firms; but, law firms must also engage those platforms effectively.  Lawyers must decide to put the effort in to make the most of their use of software.  In the end, software requires data and direction.  Users must submit relevant information, and perform, or set in motion, certain functionality.  The typical lawyer’s dream, of a zero-effort installation, where the new software works just like the old software — right away, avoiding any initial productivity dip — is a fantasy.

In sum, if you don’t want to pay for licenses you’re not using, or if you want to use more than 5% of a program’s functionality, it is incumbent upon lawyers and staff to understand the software they’re attached to, at a more than superficial level.

The following represents a three-point strategery check, to help you figure out whether you’re getting the most out of your software.

Sherpas in the Low Altitudes.  Gladys Knight had the Pips.  Harold Melvin had the Blue Notes.  Ringo has his All-Starr Band.  Who you got?  Lawyers have traditionally leaned on often-younger, presumably more tech-savvy staff to act as in-house troubleshooters respecting the use of software programs.  If there is a candidate in your law firm, it can be tremendously helpful to have a resident ‘technology expert’; and, if that expert exists mostly to support one program, and if it is a high-use program, like an accounting software or a case management system, then that’s probably all right.  Finding someone on your staff who can perform this role can lighten the load on your IT staff (if you have one), will likely reduce your out-of-pocket support costs and can reduce the time you waste developing unnecessary workarounds.

Yeti in the High Altitudes.  Law firms have often applied the above-referenced formula to graft technology expertise onto an existing staffing infrastructure.  Far too often, however, such a scheme becomes a crutch, allowing attorneys a ready excuse to avoid learning about, and coming to a deeper understanding of, the software they regularly use.  Total reliance on staff, however, is a bad decision at a number of levels.  For one, it decreases your personal efficiency; and, for another, it places you at the mercy of a particular staffperson.  If you have ‘one person who knows how to use the software’, what happens if they want to leave, or if they want a raise?  Also, given new ethics requirements respecting technology competence for lawyers, it could be argued that a totally hands-off approach contravenes, at least the spirit, of those rules, as well as existing rules concerning the supervision of staff.

Knowing When to Call for Help.  Just as there is no perfect software, there is no perfect software user.  Unless you’re the law office equivalent of Bo Jackson in ‘Tecmo Super Bowl’, you’ll need a hand every now and then.  So, you want to be careful to pick a software program that features a robust knowledgebase and support structure, potentially including a paid support component.  Plans will differ for various providers; so, you should ask, and the select the option that works best for you.  If you can’t figure it out, and the support desk can’t help, it may be time to consider a consultant.

. . .

Liner Notes

My understanding is that this would have been the perfect song, if it wasn’t just a tribute.

‘Tribute’ by Tenacious D