What should a law firm review before using AI with confidential client data?
Quick Answer
A law firm using AI with confidential client data should review the tool, the task, the contract and the supervision record before any matter data is entered. If confidentiality, training use or human review cannot be evidenced, keep the data out of the tool.
Detailed Answer
Why confidential client data changes the AI decision
For a law firm, the question is not whether AI can help with research, drafting, intake, document review or matter triage. The real question is whether the specific tool can be used without weakening duties to the client. The WSBA advisory opinion treats AI-enabled tools as part of ordinary professional responsibility, not as a separate technology exception.
That means the firm needs evidence before use. The record should show what the tool does, what data it receives, what the vendor can do with that data, who checks the output and when the client should be told. A generic statement that a product is secure is not enough for a matter involving confidential or privileged information.
The safest review is tool, task, contract and supervision
A law firm should review four things before letting AI handle confidential client information: the tool, the task, the contract and the supervision model. If the tool is a public AI service, the firm should assume client data is unsafe unless the terms, settings and security evidence say otherwise. If the tool is a legal or business product, the firm still needs to read the contract and privacy terms rather than relying on marketing claims.
The review should ask whether the vendor stores prompts, uses client data for training, permits staff or subprocessors to inspect matter content, supports deletion, gives audit evidence and has controls that match the sensitivity of the work. The firm should also decide whether the client must be consulted or asked for informed consent, especially where the tool receives identifiable facts, privileged communications, litigation strategy or sensitive personal data.
Map AI data risks before rollout
What the source says about legal duties
The WSBA opinion links AI use to familiar duties. Competence means the lawyer must understand the technology well enough to use it consistently with professional obligations. Confidentiality means the lawyer must take reasonable steps to prevent client information reaching unintended recipients. Communication means the lawyer may need to explain AI use where the client’s objectives, preferences or data sensitivity make that necessary.
The opinion also points to supervision. Partners and managers cannot simply buy a tool, send a short email and hope the team uses it properly. Lawyers and nonlawyers need training on approved use cases, prohibited data, citation checking, output review and escalation. Vendors are part of the supervision problem too, because their contract terms and safeguards affect whether the firm can safely use the product.
A practical pre-use checklist
- Classify the matter data. Identify whether the tool would receive names, facts, privileged communications, litigation strategy, health data, financial data or other sensitive material.
- Classify the tool. Separate public AI tools, firm-approved legal AI tools, Copilot-style assistants and embedded AI features in existing software.
- Read the vendor terms. Check retention, training use, human review by the vendor, subprocessors, jurisdiction, deletion rights, breach notification and audit evidence.
- Set use-case boundaries. Define what the tool may do, such as summarising non-confidential material, and what it may not do, such as receiving privileged strategy in a public chat.
- Require human review. Record who checks legal accuracy, citations, factual claims, privilege risk and client-specific judgement before work leaves the firm.
- Record client communication. Decide when the engagement letter, matter plan or separate note should explain AI use, risks, alternatives and any consent obtained.
- Keep an audit trail. Save the approved tool, task, reviewer, date, data category, output check and final decision.
How to make the policy usable
The policy should be short enough for lawyers to follow under pressure. Start with a red, amber and green model. Red means no client data in the tool. Amber means use only with matter partner approval and documented safeguards. Green means approved use cases with defined data limits and normal review. This is easier to apply than a long policy that nobody reads.
The operating model should also handle change. AI products update their terms, add features and change retention settings. A firm should schedule recurring vendor reviews and require a fresh check before moving from low-risk internal use to matter-specific confidential use.
Keep AI governance current as tools change
Common failure points
The first failure point is treating an AI tool like ordinary search. A prompt can disclose more than expected because it contains names, facts, strategy or a chain of client instructions. The second is accepting output without verification. The WSBA opinion highlights the risk of non-existent or inaccurate citations and makes clear that the lawyer remains responsible for the work.
The third failure point is unclear billing and client communication. If AI materially changes how work is done, how a cost is charged or how confidential information is processed, the client may need a clearer explanation. The fourth is unmanaged shadow AI. If staff use personal tools because the official tool is slow or confusing, the firm has a policy on paper and a risk in practice.
Conclusion
A defensible law firm AI review is evidence-led. The firm should be able to show why the tool was suitable, why the data handling was acceptable, why the client communication was appropriate and why the output was checked by a responsible lawyer. That record is what turns AI use from an unmanaged shortcut into a controlled professional workflow.
Build approved AI workflows with the right controls
FAQ
Can a lawyer put confidential client data into ChatGPT?
Only if the firm can verify that the specific service, settings and terms protect confidentiality for that use. For most public AI use, the safer default is to keep identifiable client information out.
Does a legal AI vendor’s confidentiality claim settle the issue?
No. The firm still needs to review the contract, privacy terms, training use, access controls, deletion rights, subprocessors and security evidence against the sensitivity of the matter.
When should the client be told about AI use?
Client communication depends on the tool, the work and the data. Disclosure or consent is more likely to be needed where confidential information is processed, the client has specific preferences or AI materially affects the means of representation.
Who is responsible if AI output is wrong?
The lawyer remains responsible. AI output should be checked for legal accuracy, factual accuracy, citations, privilege risk and suitability for the client’s matter before it is used.
What should the audit trail include?
Record the approved tool, use case, data category, vendor review, client communication decision, human reviewer, output checks and final approval for matter use.
Need help implementing this?
If this question points to a live workflow, policy or supplier decision, the next step is usually to turn the answer into a controlled plan. These services are the most relevant starting points.
Secure AI implementation
Put privacy, supplier review, data boundaries, testing and staff guidance into the implementation plan from the start.
secure AI implementationAI governance consulting
Create policies, approval routes, ownership and controls that teams can actually use day to day.
AI governance consulting in the UKAI workflow automation
Turn repeatable admin, client service and reporting work into controlled workflows with clear human review points.
AI workflow automation support