Byte of Prevention Blog

by Jay Reeves |

New York is First State to Require Cybersecurity CLE

New York has become the first state in the country to require lawyers to take a specific CLE course in Cybersecurity, Privacy and Data Protection.

Lawyers licensed in New York will soon have to complete at least one credit of cybersecurity, privacy and data protection training as part of their continuing legal education (“CLE”) requirements. The new requirement will take effect July 1, 2023.

The New York State Bar Association’s Committee on Technology and the Legal Profession initially recommended the new requirement in this 2020 report. In a joint order, the judicial departments of the Appellate Division of the New York State Supreme Court formally adopted the recommendation.

“NYSBA has a long history of being on the cutting edge of CLE requirements for lawyers,” says the New York State Bar Association report. “NYSBA considers technological competence in the practice of law to be essential to respond effectively to the needs of our changing society and a CLE requirement designed to educate lawyers on how to protect confidential and proprietary client and law firm electronic assets relates directly to legal competency.”

The new credit would be considered “Ethics and Professionalism” and would be included within the existing biennial “Ethics and Professionalism” requirement. 

“The required one hour of cybersecurity, data privacy and data protection training may be related to attorneys’ ethical obligations with respect data protection and count toward their ethics and professionalism CLE requirements. Alternatively, the credit may be related to general cybersecurity, data privacy and data protection issues and count toward attorneys’ general CLE requirements.”

Read the NYSBA report here.

The practice of law is always changing. But for lawyers in North Carolina, one thing has remained constant for nearly 40 years. Lawyers Mutual is here for you at every stage of your law career: from your first day on the job to your last day before retirement. Our Byte of Prevention blog features industry news, tips and valuable links on everything from work-life balance to winding down your practice. Our email newsletter “Practice Reimagined” brings cutting-edge insights straight to your in-box. And our skilled team of underwriters, claims counsel and risk management professionals are by your side when you need us most. Lawyers helping lawyers. It’s who we are, and it’s what we’ve been doing since 1977.


General Cyber CLE Credits

Following is from the NYSBA report

“General cybersecurity, privacy and data protection credits must relate to the practice of law, and may include, among other subjects:

  • technological aspects of protecting client and law office electronic data and communications (including sending, receiving and storing electronic information; cybersecurity features of technology used by law firms; network, hardware, software and mobile device security; preventing, mitigating and responding to cybersecurity threats, cyber attacks and data breaches);
  • vetting and assessing vendors and other third parties relating to policies, protocols and practices on protecting electronic data and communication;
  • applicable laws relating to cybersecurity (including data breach laws) and data privacy; and
  • law office cybersecurity, privacy and data protection policies and protocols.”


CLE on Data Protection and Privacy

Following is from the NYSBA report:

“Ethics-related cybersecurity, privacy and data protection credits must relate to lawyers’ ethical obligations and professional responsibilities regarding the protection of electronic data and communications, and may include, among other topics: 

  • sources of attorneys’ ethical obligations and professional responsibilities and their application to electronic data and communications;
  • protection of confidential, privileged and proprietary client and law office data and communication;
  • client counseling and consent regarding electronic data, communication and storage protection policies, protocols, risks and privacy implications;
  • security issues related to the protection of escrow funds;
  • inadvertent or unauthorized electronic disclosure of confidential information, including through social media, data breaches and cyber attacks; and
  • supervision of employees, vendors and third parties as it relates to electronic data and communication.”

Source: 3.-Report-and-recommendations-of-Committee-on-Technology-and-the-Legal-Profession-Agenda-Item-9-with-comments.pdf (


Why choose Lawyers Mutual for your financial protection? One reason is experience. Lawyers Mutual has been in business since 1977 and insures more than 8000 lawyers in North Carolina. We’ve been providing continuous protection from professional liability to NC lawyers longer than any other insurance company. Another reason is stability. The company’s financial strength is absolute. Since 1999, Lawyers Mutual has paid dividends fourteen times, with more than $8 million dollars returned to policyholders since 2011. Want even more reasons? Visit our website, give us a call, or ask a colleague why Lawyers Mutual is the smart choice for liability coverage.


About the Author

Jay Reeves

Jay Reeves practiced law in North Carolina and South Carolina. He was Legal Editor at Lawyers Weekly and Risk Manager at Lawyers Mutual. He is the author of The Most Powerful Attorney in the World, a collection of short stories from a law life well-lived, which as the seasons pass becomes less about law and liability and more about loss, love, longing, laughter and life's lasting luminescence.

Read More by Jay >

Related Posts