Recognizing that law firms are “inviting targets for hackers,” the American Bar Association’s Standing Committee on Ethics and Professional Responsibility outlined lawyers’ ethical obligations after clients’ confidential information is compromised by a data breach.

The committee said they picked up where they left off over a year ago in ABA Formal Op. 477R. That opinion discussed lawyers’ ethical obligations to protect clients’ confidential information transmitted over the internet.

In this latest opinion, the committee emphasized duties of technological competence, confidentiality, and keeping the client informed in the event a client’s data is compromised or the lawyer’s ability to serve...