The Association of Corporate Counsel (ACC) has issued its first-ever data security guidelines, which outline basic data security measures that in-house counsel can use to evaluate their outside counsel.

Most companies these days are auditing their law firms’ data security measures, but since data breaches occurred at some of the largest U.S. based law firms last year, more attention is being paid to questioning law firms about data security. According to the American Bar Association, big law firms, with 500 or more lawyers, are the most vulnerable to a cyber-attack in the legal industry.

The goal of the guidelines is to standardize key terms that can be used by clients to evaluate their outside firms’ data security measures (apples to apples), and also to assist law firms in not having to respond to multiple forms and questions, which can be quite burdensome.