Posted in: LMICK Minute
April 17, 2025
LMICK Minute - Issue #55

News & Updates

LMICK Celebrates Its Newest Directors Emeriti

Congratulations to LMICK’s newest Directors Emeriti: Ruth H. Baxter; John G. Prather, Jr.; Daniel P. Stratton; and David L Yewell! Last month, LMICK celebrated its newest Directors Emeriti in Louisville. The event was attended by members of LMICK’s Board of Directors, past Directors and other LMICK friends. LMICK congratulates each new Director Emeritus and thanks them for their service to LMICK!

Kentucky Legal Food Frenzy EXTENDED

On March 18, 2025, Feeding Kentucky and the Office of the Attorney General, along with the KBA Young Lawyers Division, kicked off their 9th Annual Legal Food Frenzy. The Food Frenzy raises funds for Kentucky’s seven regional food banks to ensure they are fully stocked during the summer months and equipped to provide for Kentucky families in need. The Competition has now been extended to run until April 21, 2025. You may register your organization at this link. Please note that if your organization has multiple offices across the state, each office will need to register with their respective regional food bank. This is a great cause that undoubtedly will assist numerous individuals and families across the Commonwealth! LMICK is proud to support the Young Lawyers Division in the Legal Food Frenzy.

 

 

Practice Management

Guarding Client Privacy in the Age of AI

As part of LMICK’s continued AI series, this month LMICK focuses more on safeguarding client confidentiality and privacy when using AI technology. LMICK has previously discussed many of the ethical considerations lawyers face when using AI in their legal practice. But client confidentiality and protecting client information is paramount as denoted in SCR 3.130 (1.6) (Confidentiality of Information).

There are some primary concerns with confidentiality in AI.

Primary Concerns with confidentiality in AI:

  1. Confidentiality & Data Security
    • AI tools often require access to client data, which can pose risks if data is not adequately protected.
    • Unauthorized access or data breaches can compromise privileged information.
  2. Compliance with Legal & Ethical Standards
    • Lawyers must adhere to confidentiality rules under professional conduct regulations, including, but not limited to, SCR 3.130 (1.6) (Confidentiality of Information).
    • AI providers may not comply with legal industry-specific privacy standards.
  3. Third-Party Data Handling
    • Many AI tools rely on cloud-based processing, meaning client data is often processed by third parties, raising concerns about data control and ownership.
  4. Bias & Accuracy
    • AI systems may introduce bias or produce inaccurate results, leading to potential ethical and legal liabilities.
    • Inaccurate AI-generated legal insights could mislead lawyers or clients.

However, there are measures that you can take to ensure client privacy when using AI.

Measures to Ensure Client Privacy:

  1. Use Secure & Compliant AI Solutions
    • Select AI tools specifically designed for legal practice with strong encryption, access controls, and compliance with data protection laws (e.g., GDPR, HIPAA).
  2. Anonymization & Data Minimization
    • Remove or mask personally identifiable information (PII) before inputting data into AI tools.
    • Only provide AI systems with the minimum amount of necessary information.
  3. Confidentiality Agreements with AI Providers
    • Ensure AI vendors comply with legal confidentiality requirements. Don’t hesitate to ask AI vendors questions on these issues.
    • Use contractual safeguards to prevent misuse or unauthorized data access.
  4. On-Premises or Private Cloud AI Solutions
    • Instead of public AI services, consider deploying AI on secure, private servers or trusted legal-tech platforms.
  5. Regular Risk Assessments & Training
    • Conduct periodic audits to identify privacy vulnerabilities in AI systems.
    • Train lawyers and staff on AI-related risks and best practices for protecting client data.
  6. Human Oversight & Verification
    • AI should assist, not replace, legal judgment. Always verify AI-generated insights before relying on them.
    • Maintain a human-in-the-loop approach to ensure accuracy and ethical compliance.
  7. Follow Jurisdictional Privacy Laws
    • Ensure AI use aligns with client confidentiality laws in relevant jurisdictions.
    • Stay updated on evolving regulations related to AI in legal practice.

By implementing these measures, lawyers can responsibly leverage AI while safeguarding client privacy and maintaining an ethical legal practice.

Questions? Contact This email address is being protected from spambots. You need JavaScript enabled to view it. for more information.

Cybersecurity and Wire Fraud

CertifID [1], a leader in fraud protection for the real estate industry, recently published its “State of Wire Fraud 2025 Report.” The report states, “Losses from cybercrime reported to the FBI Internet Crime Compliant Center (IC3) exceeded $12.5 billion last year, a 22% increase in annual losses. Most of these losses reported to the IC3 are the result of fraud and scams.” The report further states, “Real estate has become a particular target, where the problem has grown to nearly $500 million in losses from business email compromise annually.”

Attorneys in every area of the law should be aware of the serious concerns regarding cybersecurity and wire fraud. However, this is especially true with real estate practitioners, given the sensitive information attorneys and their staff handle and the financial transactions involved with this type of legal work.

The report goes on to state, “52% of all consumers are “not aware” or only “somewhat aware” of the risks of wire fraud.” Further, the report states that, “Over 1 in 4 (26%) of home buyers and sellers reported receiving suspicious or fraudulent communications during their closing process.” Additionally, the report provides that among victims who realized they had become victims of their money being sent to the wrong place, “73% of consumers were able to recover all or most of their funds. However, that left 27% of consumers with less than half to no funds recovered.”

When it comes to assisting your clients who fell victim to wire transfer fraud, the report further provides, “In this time of crisis, first-time consumers turn to their title company or attorney the most…” The report continues, “56% of first-timers received help to attempt to recover funds from their title company or attorney.”

Accordingly, LMICK wishes to bring to your attention this important risk which exists when dealing with cybersecurity and wire fraud.

Some of the main concerns include:

  1. Email Spoofing and Business Email Compromise (BEC)
    • Threat: Hackers impersonate attorneys or clients to redirect wire transfers.
    • Impact: Funds can be irreversibly stolen if sent to fraudulent accounts.
    • Real-life scenario: A hacker gains access to an attorney’s email, monitors conversations, and at the right moment sends a fake wire instruction that appears legitimate.
  2. Phishing and Social Engineering
    • Threat: Attorneys and staff may receive convincing emails or calls designed to trick them into giving up credentials or downloading malware.
    • Impact: Compromised systems or access to sensitive client info.
    • Concern: High-value cases and confidential data make law firms prime targets.
  3. Inadequate Cybersecurity Measures
    • Threat: Weak passwords, unencrypted communications, lack of multi-factor authentication (MFA), or outdated software.
    • Impact: Makes it easier for attackers to breach systems.
    • Concern: Small or mid-sized firms often lack robust IT departments.
  4. Data Breaches and Client Confidentiality
    • Threat: Breach of client data (e.g., intellectual property, personal data, case strategies).
    • Impact: Legal liability, loss of trust, malpractice claims, bar complaints.
    • Concern: ABA Model Rules require attorneys to safeguard client data.
  5. Ransomware Attacks
    • Threat: Malware encrypts firm data and demands payment for release.
    • Impact: Operational downtime, reputational damage, financial loss.
    • Concern: Even firms with backups may face issues if client data is leaked or sold.
  6. Wire Transfer Protocol Vulnerabilities
    • Threat: Inconsistent or informal procedures for verifying fund transfers.
    • Impact: Increased risk of sending money to fraudulent accounts.
    • Best Practice: Always confirm transfer instructions by phone with a known contact.
  7. Regulatory and Ethical Compliance
    • Threat: Failure to meet obligations under data privacy laws (e.g., GDPR, HIPAA, CCPA).
    • Impact: Fines, sanctions, malpractice liability.
    • Concern: Attorneys must understand not only legal risk, but also technical standards. Please see SCR 3.130 (1.1) (Competence), Comment 6 (Technological Competence). Lawyers have a duty to stay abreast with the benefits and risks of relevant technology.
  8. Third-Party Vendor Risks
    • Threat: Cloud providers, court filing platforms, or e-discovery vendors may be less secure.
    • Impact: Data could be exposed via external systems.
    • Concern: Attorneys are still responsible for protecting client data, even when using outside services.

LMICK would like to provide the following Cybersecurity and Wire Fraud Checklist for you and your firm. While this list is certainly not exhaustive, it can at least help you and your firm begin to take the necessary steps to protect yours and your client’s interests regarding cybersecurity.

  1. Email & Communication Security
    • Enable multi-factor authentication (MFA) on all email accounts.
    • Use a custom domain email address (avoid Gmail/Yahoo/etc. for legal business).
    • Train staff to spot phishing, spoofed emails, and suspicious attachments. Consider random penetration testing by an outside vendor who will simulate a cyber attack.
    • Include 'DO NOT TRUST WIRE INSTRUCTIONS VIA EMAIL' warnings in email footers.
    • Encrypt sensitive emails using secure communication platforms.
  2. Wire Transfer Protocols
    • Verify all wiring instructions with a phone call to a known, trusted number.
    • Implement a dual-authorization system for outgoing wire transfers.
    • Never accept wire changes via email without independent verbal verification.
    • Educate clients about common wire fraud scams before transactions.
  3. Device & Network Security
    • Use endpoint protection (antivirus, anti-malware) on all devices.
    • Keep software and systems updated (including operating systems and plugins).
    • Encrypt laptops and mobile devices, especially if used outside the office.
    • Disable auto-forwarding of emails unless necessary for security audits.
  4. Staff Training & Awareness
    • Conduct mandatory cybersecurity training at least annually.
    • Create a cyber incident response plan and test it with drills.
    • Assign a cybersecurity point person or team within the firm.
  5. Data Protection & Backup
    • Regularly back up critical files (both locally and in the cloud).
    • Store backups offsite or in secure, encrypted cloud environments.
    • Use secure client portals for file sharing instead of email attachments.
  6. Vendor & Third-Party Risk Management
    • Vet all third-party services (e.g., cloud storage, case management systems) for security compliance.
    • Sign data protection agreements with vendors.
    • Avoid free or consumer-grade software for case-related work.
  7. Legal, Ethical, and Insurance Considerations
    • Review and comply with any applicable KBA and ABA cybersecurity ethics opinions.
    • Maintain cyber liability insurance (ensure it covers wire fraud, ransomware and theft).
    • Include cybersecurity clauses in engagement letters and retainer agreements.

LMICK also wishes to remind you that most cyber insurance policies do not cover theft. Thus, please be sure to have in place the appropriate safeguards necessary to ensure cybersecurity and protect you, your client and your firm from wire fraud and theft.

Questions? Contact This email address is being protected from spambots. You need JavaScript enabled to view it. for more information.

[1] CertifID is a leader in fraud protection for the real estate industry. The company safeguards billions of dollars every month with advanced software, digital payments, direct insurance, and proven recovery services. Trusted by title companies, law firms, lenders, realtors, and home buyers and sellers. To download a free copy of the State of Wire Fraud 2025 report, go to www.certifid.com/sowf.

 

 

Lawyer Well-Being

Do As I Say, Not As I Do

The Northern Kentucky Bar Association’s Lawyers Living Well Committee recently circulated an email that provided helpful strategies to lower your stress. The following tips and strategies can be implemented to help lower the stress in both your professional and personal lives.

Strategies to Lower Stress

  1. Resist giving a client your cell number. You likely have an office number, so provide that number instead.
  2. Stop eating lunch at your desk. Taking a break from your workspace provides a break from your day and helps your mind take a break as well.
  3. Walk into court knowing when your big upcoming hearings are so you don’t schedule yourself back-to-back. Calendaring is essential and will prevent unnecessary stress if you are able to manage your schedule and allow time for sufficient time between major cases.
  4. Try and limit the number of times per day your check your emails (or have a staff person triage them if you are lucky).
  5. Block schedule: block out time for consults, checking emails, drafting time, calling clients, etc. and stick to it.
  6. If you have children, when the school calendar comes out, immediately put all the “off days” in your work calendar and schedule court around them.
  7. For in-office days, after spending time at your desk, make time to get up and walk around your building or outside in the morning and once in the afternoon.
  8. If you have billable hours, do not leave before the end of the day without entering your time. If you don’t, this will only cause more stress down the road when billable time is due.
  9. Learn how to say, “No.” If you have enough on your plate already, there is no shame or harm in simply saying, “no”, to taking on that new case or adding another event to your already busy schedule.

Questions? Contact This email address is being protected from spambots. You need JavaScript enabled to view it. for more information.

  • Know That Help is Always Available

If you are struggling with grief, sadness, anxiety, or any other emotion or stressor that is negatively impacting your daily life, please reach out for help. All Kentucky lawyers are eligible for four free visits with a mental health professional through the Kentucky Lawyers Assistance Program. For more information about the variety of confidential resources KYLAP offers, please visit www.KYLAP.org.

 

 

Upcoming Events

We look forward to seeing you!

We are proud to support the organizations that support you and your work! We will be out and about this spring, leading CLEs and sponsoring events. We hope you can join us at one of these currently scheduled events (and make sure to come say hello)!

 

April 17: KJA The Art of Advocacy in Mediation, Zoom

April 22: KJA Advocating for the Vulnerable, Zoom

April 23: KJA Strategies for Reviewing and Negotiating Releases, Zoom

April 23-24: AAML, Louisville

April 24: KJA Ethics & Day at the Races, Frankfort/Lexington

May 6: KJA Exposing Bad Faith, Zoom

May 9: KJA From Investigations to Verdict, Louisville

May 13: KJA Workers’ Comp Essentials, Zoom

May 15-16: KJA Women Lawyers’ Caucus Seminar, Louisville

May 16: NKBA, Small and Solo Section, Zoom

May 21: KJA Judging the Law: Trends, Challenges and Judicial Decision-Making, Zoom

May 28: KJA You Just Got Removed, Now What?, Zoom

May 30: KJA When Insurers Want a Piece: Managing Subrogation in PI Cases, Louisville

June 4: KJA AI for Advocates: Practical Applications for PI Lawyers, Zoom

June 5-6: KBA Annual Convention, Lexington

June 10: KJA Foundational Mechanics of PI, Zoom

June 12-13: KJA Bumper to Bumper Auto Summit, Louisville

June 17: KJA Legends of the Courtroom, Zoom

June 18: KJA Plaintiff Litigation in the AI Era, Zoom

 

We want to hear from you! Have a CLE topic you would like to see? Send suggestions to This email address is being protected from spambots. You need JavaScript enabled to view it..

Need a CLE Speaker? We would love to speak to your group! You can check out our updated list of available topics and request to schedule, here.