Would your firm's workflow survive a discovery motion?
Eight questions about how your firm stores matter files, communicates with clients, and offboards departing personnel. Each answer is graded against the architectural property that defends privilege — not the policy that hopes to.
We'll grade your workflow as defensible, questionable, or exposed by question — and give you the structural reason for each. No signup. No email collected. Shareable result.
Answer each question with the option that best matches your firm's current workflow. We'll grade the privilege defensibility of the answers — not the firm.
- 01
Where do you currently store client matter files?
Files include intake forms, retainer agreements, evidence, drafts, correspondence.
- 02
How do you share documents with co-counsel at other firms?
Co-counsel relationships often involve sharing privileged work product across firm boundaries.
- 03
Where do you draft sensitive memos (settlement, M&A, board materials)?
Working drafts often contain the most candid attorney analysis — and the most damaging if exposed.
- 04
How do you communicate with clients about pending matters?
Attorney-client communications must remain privileged at the cryptography layer, not just the policy layer.
- 05
Who at your firm's workspace vendor has admin access to your data?
Vendor-side admin access is the structural answer to "could a vendor employee read this?"
- 06
If a discovery motion targets your workspace vendor directly, what could the vendor produce?
Discovery counterparties have served subpoenas on Google, Microsoft, Slack, etc. seeking attorney-client communications. The vendor's response capacity is the test.
- 07
When an associate, paralegal, or contractor leaves the firm, what access do they retain?
Departing personnel are the highest-frequency source of accidental privilege exposure.
- 08
If your firm's workspace vendor announces a breach tomorrow, what's exposed?
Every major workspace vendor will be breached eventually. The question is what an attacker walks away with.
Answer all 8 questions to see your grade.
This audit is not legal advice. The grading reflects general architectural properties that affect privilege defensibility — actual privilege determinations are made by courts, on facts, and depend on the specific jurisdiction and matter. Use this as a checklist for conversation with your firm's GC or compliance counsel, not as a substitute. The questions and analysis are at /security and can be audited there.
Put this audit on your legal-tech publication.
Bar journals, legal-ops blogs, GC newsletters: paste one iframe tag and the audit runs natively on your site. No reader signup, no tracking. Free for editorial use.
Get embed code →