The Panama Papers is the most well-known breach of a law firm, compromising 11.5 million documents from the law firm Mossack Fonseca. In it, 2.6 terabytes of client data were exposed, revealing information about 12 heads of state, 29 billionaires, 150 politicians, and many major financial institutions across the globe.
But Mossack Fonseca is hardly the only firm facing data breaches. Now, law firms everywhere are increasingly concerned about exposure of client data. During the panel "Lessons Learned from the Panama Papers" at Wolters Kluwer's ELM User conference, speakers discussed information governance practices from the perspectives of corporate legal departments, law firms and legal service providers. In doing so, they provided three ways in which legal professionals can reduce the risk of data breaches:
1. Ask better questions.
Marco Salcedo, senior counsel at Wolters Kluwer, said that working in a corporate legal department following the Panama Papers breach he routinely fields questions from clients who want to know what documents are being produced, where those documents are being stored, how they're being secured and who has access to them.
Ted Banks, an attorney at Scharf Banks Marmor, agreed that clients should be grilling their legal service providers about their data security practices before entrusting them with sensitive data. "Every corporate client should be worried about their data. You can't assume the law firm will protect it," he said.