Lane Powell Shareholder Darin Sands authored an article in the April issue of Oregon Business magazine titled “Into the Breach: Tips for Effectively Partnering With Outside Counsel in the Data Breach Planning Process.” In the article, Sands discussed the various strategies businesses should consider when structuring their breach response plans. Among stakeholders, a question often asked is, what role should outside counsel play?
Unfortunately, that question is too often answered at one of two extremes: 1) either by outside counsel who present themselves as the primary (and expensive) driver of the process, often at the expense of important business, technical, public relations and marketing objectives; or 2) by non-legal stakeholders who view the primary role of legal counsel as a reactive one, only to be engaged after a breach. Each extreme has the potential to result in costly mistakes in the event of a breach. …
… In order to ensure that all key players can communicate freely and obtain timely legal advice, the breach response planning process must include a strategy to cloak the response effort in attorney-client privilege. To benefit from that protection, a breach response must be: (1) formally directed by counsel; (2) confidential; and (3) made to assist counsel in providing legal advice. Any breach response plan must be designed with the above goals in mind.
Before proceeding, please note: If you are not a current client of Lane Powell PC, please do not include any information in this email that you or someone else considers to be confidential or secret in nature. Prior to the establishment of a lawyer-client relationship, unsolicited emails from non-clients containing confidential or secret information cannot be protected from disclosure.