In its seventh annual survey released this summer, Ames & Gough, a trusted risk and insurance adviser to the country’s largest law firms, provided data relating to legal malpractice claims submitted to insurers during 2016. Detailing the type, frequency, and severity of legal malpractice claims, the survey includes information obtained by polling nine leading insurance companies that insure approximately 80 percent of the Am Law 100 firms.
Overall, from the law firm and attorney perspective, the news is generally good in that the number of malpractice claims has remained relatively steady. For insurers, however, the news is less rosy; legal defense costs, claimed damages, and settlement sums continue to climb.
While the frequency of legal malpractice claims has remained near-constant on a year-over-year basis, it continues to remain well above the pre-recession level, perhaps indicating a “new normal.” Notwithstanding this relative stability of claim frequency, claim severity continues to be an issue.
Indeed, the data shows that legal malpractice claims are becoming more expensive, both in the potential damages and in the defense. With respect to damages, six out of nine insurers reported claims for which they maintained reserves exceeding $500,000, and at least one insurer paid a claim exceeding $100 million.
With respect to defense costs, all participating insurers reported an increase. The factors primarily driving these increases are claim complexity and e-discovery, along with defense rate increases. As to the latter, a majority of insurers reported at least a 2 percent increase in average rates paid to defense counsel.
Conflicts remain the most common error resulting in legal malpractice claims. Nearly all participating insurers cited conflicts as either the first or second biggest cause of claims. Interestingly, about half of participating insurers witnessed an increase in conflicts claims involving lateral hires, some of which stemmed from inadequate resolution of a conflict of interest.
Cyber-related malpractice claims have continued to rise, with the majority of insurers indicating more cyber claims last year than in prior years. Of those insurers, four noted that most cyber events involved hackers.
This new information, which provides real-time analysis of malpractice risks, is more than just interesting facts. These data points can be useful tools for attorneys and firms to identify potential areas of risk and prepare accordingly. In light of these trends, law firms may wish to consider the following tips to help avoid becoming another malpractice statistic.
1. Shore-Up Conflicts Protocols
The survey results show the importance of thorough conflict checks that use established systems and data. Attorneys and firms can also benefit from ensuring that, when they check for conflicts before beginning a representation, they are using complete and adequate information.
The system is only as good as the information it contains and the search being conducted. If an attorney is not thorough about which parties are actually involved in a litigation (whether as named parties, interested parties, or related entities), a conflict of interest may go completely unnoticed. This is particularly so in actions involving corporations with unnamed parents or related or interested parties.
In the case of lateral hires or law firm combinations, it is critical that firms do their due diligence. Conflict checks in these situations require special attention. When recruiting laterals or pursuing mergers, many law firms will consider the potential for conflicts and take appropriate measures to protect the firm against their consequences by addressing any conflict issue as soon as possible.
2. Implement or Update Technology Security Protocols
Technology enables attorneys to conduct business on the go, but it also puts client and firm data at risk. Law firms can minimize the risk of a data breach by implementing or revising protocols designed to protect information on the firm’s secure environment and on devices, like smart phones and laptops.
As the new data results show, hackers still pose a great risk to attorneys and law firms. This is confirmed by recent headlines. In May of this year, for example, the WannaCry ransomware attack impacted hundreds of thousands of computers in over 150 countries. More recently, the Petya/Petrwrap ransomware outbreak went global, infecting at least one large law firm. The threat posed by hackers is real.
There are things that firms can do to help protect their data. Encryption is one step that can help reduce the risk of data transmitted outside of a firm’s secure environment being intercepted. With software or the use of a VPN (virtual private network), law firm personnel can make sure that all data transmitted to third parties or over public networks is protected.
Regarding devices, many firms require highly secure passwords that must be changed regularly, both for access to firm systems and for access to the devices themselves. Some firms may also consider remote-wiping, which deletes all data or confidential information on a device that is lost or stolen. This can help reduce the risk from sophisticated hackers as well as from those who discover a lost device and then gain access to all a firm’s systems.
3. Consider Cyber Liability Insurance
Generally speaking, a lawyer’s professional liability insurance policy may cover a firm for a malpractice claim by a client that arises from a breach relating to data. However, many law firms mistakenly believe that their traditional malpractice policy will cover any number of cyber-related claims, even those that do not result in a traditional malpractice claim. This may not be the case. Typically, broadest coverage is provided by purchasing a policy that is specific to cyber-related issues, which are often unrelated to traditional legal malpractice claims.
Standalone cyber policies can help provide coverage for costs outside a traditional malpractice claim, such as those related to satisfying regulatory reporting requirements, internal costs to repair the firm’s systems, reputational costs, business interruption, and any damage to first-party data that would not otherwise be covered under a traditional professional liability policy.
By evaluating and incorporating some of these tips, law practices can lower the likelihood of receiving a claim with a potentially devastating impact.