Sun. Oct 2nd, 2022
    en flag
    nl flag
    et flag
    fi flag
    fr flag
    de flag
    he flag
    ja flag
    lv flag
    pl flag
    pt flag
    es flag
    uk flag

    Content Assessment: A New York State of Mind? New Cybersecurity, Privacy, and Data Protection CLE Requirements in New York

    Information - 92%
    Insight - 90%
    Relevance - 90%
    Objectivity - 94%
    Authority - 95%

    92%

    Excellent

    A short percentage-based assessment of the qualitative benefit of the post highlighting the joint order by the judicial departments of the Appellate Division of the New York State Supreme Court requiring attorneys to complete at least one credit of cybersecurity, privacy, and data protection training as part of their continuing legal education requirements.

    Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

    To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.


    Background Note: According to a joint order signed on June 10, 2022, from the judicial departments of the Appellate Division of the New York State Supreme Court, New York state attorneys will be required to complete at least one credit of cybersecurity, privacy, and data protection training as part of their continuing legal education (CLE) requirements. The new requirement will take effect on July 1, 2023, and may be of interest to cybersecurity, information governance, and legal discovery professionals operating in the eDiscovery ecosystem seeking both educational and evangelistic opportunities for increasing awareness and understanding of cybersecurity, privacy, and data protection challenges and considerations.

    Selected Article Extracts and Complete Joint Order

    New York Becomes First State to Require CLE in Cybersecurity, Privacy and Data Protection

    Extract from Privacy & Information Security Law Blog – Hunton Andrews Kurth

    On June 10, 2022, New York became the first state to require attorneys to complete at least one credit of cybersecurity, privacy and data protection training as part of their continuing legal education (“CLE”) requirements. The new requirement will take effect July 1, 2023.

    The New York State Bar Association’s (“NYSBA”) Committee on Technology and the Legal Profession initially recommended the new requirement in a 2020 report. In a joint order, the judicial departments of the Appellate Division of the New York State Supreme Court formally adopted the recommendation.  

    The required one hour of cybersecurity, data privacy and data protection training may be related to attorneys’ ethical obligations with respect data protection and count toward their ethics and professionalism CLE requirements. Alternatively, the credit may be related to general cybersecurity, data privacy and data protection issues and count toward attorneys’ general CLE requirements.

    Read the original article.


    New York Becomes First State to Mandate CLE in Cybersecurity, Privacy and Data Protection

    Extract from LawSites – Bob Ambrogi

    The order creates two types of cybersecurity training, one focused on ethics and the other on practice. It describes the ethics training as follows:

    Cybersecurity, Privacy and Data Protection-Ethics must relate to lawyers’ ethical obligations and professional responsibilities regarding the protection of electronic data and communication and may include, among other things: sources of lawyers’ ethical obligations and professional responsibilities and their application to electronic data and communication; protection of confidential, privileged and proprietary client and law office data and communication; client counseling and consent regarding electronic data, communication and storage protection policies, protocols, risks and privacy implications; security issues related to the protection of escrow funds; inadvertent or unauthorized electronic disclosure of confidential information, including through social media, data breaches and cyber attacks; and supervision of employees, vendors and third parties as it relates to electronic data and communication.

    The rule describes the practice-related training this way:

    Cybersecurity, Privacy and Data Protection-General must relate to the practice of law and may include, among other things, technological aspects of protecting client and law office electronic data and communication (including sending, receiving and storing electronic information; cybersecurity features of technology used; network, hardware, software and mobile device security; preventing, mitigating, and responding to cybersecurity threats, cyber attacks and data breaches); vetting and assessing vendors and other third parties relating to policies, protocols and practices on protecting electronic data and communication; applicable laws relating to cybersecurity (including data breach laws) and data privacy; and law office cybersecurity, privacy and data protection policies and protocols.

    The rule allows lawyers to apply up to three hours of the ethics training to their total biennial ethics and professionalism requirement, which is six years for new attorneys and four years for other attorneys.

    Read the original article.


    Complete Joint Order of the Departments on the NY State Supreme Court – Appellate Division (PDF) – Mouseover to Scroll

    Joint Order Amending 22 NYCRR 1500 Cybersecurity CLE requirement - 06-10-22

    Additional Reading

    Source: ComplexDiscovery

     

    Have a Request?

    If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

    ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

    ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.

    Data Corpus Minimization? IDC Recognizes DISCO as Early Case Assessment Software Leader

    “As innovation continues to impact and disrupt the legal world, we’ve...

    Building a Cybersecurity Workforce? The European Cybersecurity Skills Framework

    According to ENISA's Executive Director, Juhan Lepassaar, "The future security of...

    Leaning Forward? The CISA 2023-2025 Strategic Plan

    The purpose of the CISA Strategic Plan is to communicate the...

    Continuous Risk Improvement? Q3 Cyber Round-Up From Cowbell Cyber

    According to Manu Singh, director of risk engineering at Cowbell, "Every...

    eDiscovery Mergers, Acquisitions, and Investments in Q3 2022

    From HaystackID and Relativity to Exterro and TCDI, the following findings,...

    Allegations and Denials? Nuix Notes ASIC Enforcement Proceedings

    The recent investor news update from Nuix on 29 September 2022,...

    Revealing Response? Nuix Responds to ASX Request for Information

    The following investor news update from Nuix shares a written response...

    Revealing Reports? Nuix Notes Press Speculation

    According to a September 9, 2022 market release from Nuix, the...

    On the Move? 2022 eDiscovery Market Kinetics: Five Areas of Interest

    Recently ComplexDiscovery was provided an opportunity to share with the eDiscovery...

    Trusting the Process? 2021 eDiscovery Processing Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    The Year in Review? 2021 eDiscovery Review Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    A 2021 Look at eDiscovery Collection: Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    Five Great Reads on Cyber, Data, and Legal Discovery for September 2022

    From privacy legislation and special masters to acquisitions and investigations, the...

    Five Great Reads on Cyber, Data, and Legal Discovery for August 2022

    From AI and Big Data challenges to intriguing financial and investment...

    Five Great Reads on Cyber, Data, and Legal Discovery for July 2022

    From lurking business undercurrents to captivating deepfake developments, the July 2022...

    Five Great Reads on Cyber, Data, and Legal Discovery for June 2022

    From eDiscovery ecosystem players and pricing to data breach investigations and...

    Bubble Trouble? eDiscovery Operational Metrics in the Fall of 2022

    In the fall of 2022, 89 eDiscovery Business Confidence Survey participants...

    Cooler Temperatures? Fall 2022 eDiscovery Business Confidence Survey Results

    Since January 2016, 2,874 individual responses to twenty-eight quarterly eDiscovery Business...

    Inflection or Deflection? An Aggregate Overview of Eight Semi-Annual eDiscovery Pricing Surveys

    Initiated in the winter of 2019 and conducted eight times with...

    Changing Currents? Eighteen Observations on eDiscovery Business Confidence in the Summer of 2022

    In the summer of 2022, 54.8% of survey respondents felt that...

    A Significant Operational Defeat? Ukraine Conflict Assessments in Maps (September 27 – October 1, 2022)

    According to a recent update from the Institute for the Study...

    Perception and Reality? Ukraine Conflict Assessments in Maps (September 22 – 26, 2022)

    According to a recent update from the Institute for the Study...

    Nuclear Options? Ukraine Conflict Assessments in Maps (September 17 – 21, 2022)

    According to a recent update from the Institute for the Study...

    Mass Graves and Torture Chambers? Ukraine Conflict Assessments in Maps (September 12 – 16, 2022)

    According to a recent update from the Institute for the Study...