intermediate

Legal Notification Checklist

Checklist for engaging legal counsel and managing legal aspects of incident response.

Ongoing5 steps10 checklist items

Summary

Framework for legal engagement during security incidents, including privilege considerations.

Step-by-Step Procedure

Initial Legal Notification

Engage legal counsel early.

Actions

Notify in-house legal immediately

Engage outside counsel if warranted

Discuss privilege protections

Document that investigation is at counsel direction

Regulatory Assessment

Assess notification requirements.

Actions

Identify applicable regulations

Determine notification timelines

Identify responsible regulatory bodies

Draft notification templates

Privilege Maintenance

Protect privileged communications.

Actions

Mark documents as privileged appropriately

Limit distribution of privileged materials

Ensure forensic reports are at counsel direction

Document privilege chain

Notification Execution

Execute required notifications.

Actions

File regulatory notifications by deadline

Send customer notifications if required

Document all notifications sent

Track notification acknowledgments

Documentation

Maintain legal documentation.

Actions

Document all legal decisions

Preserve notification records

Maintain privilege log

Store securely for potential litigation

Completion Checklist

In-house legal notified

Outside counsel engaged (if needed)

Privilege protections established

Applicable regulations identified

Notification deadlines documented

Notification templates drafted

Notifications sent by deadline

Customer notifications sent (if required)

Notifications acknowledged and tracked

Documentation preserved

Evidence to Collect

Legal engagement records
Regulatory assessment
Notification copies
Acknowledgment records
Privilege log

Join our community to discuss playbooks and share incident response experiences.