Privacy Tip #335 – Health Care Sector Continues to Be Hit with Ransomware

According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care sector shared that 66 percent of them had experienced a ransomware attack in 2021, which was an increase of 69 percent over 2020. This was the largest increase of all sectors surveyed.

If you look at the Office for Civil Rights data breach portal, you will see that a vast majority of breaches reported by health care providers and business associates are related to “Hacking/IT incident.” This confirms that the health care sector continues to be attacked by threat actors seeking to steal protected health information of patients.

If you are a patient who receives a breach notification letter from a health care provider or business associate, the letter will provide guidance on how to protect yourself following a data breach and may offer some protection guidance, including credit monitoring or fraud resolution. Such a letter has been sent to patients to comply with the breach notification requirements of HIPAA and state law. Part of those requirements includes that the patients be provided mitigation steps following the breach to protect themselves from fraud. Avail yourself of these protections in the event your information is compromised. Take the time to sign up for the mitigation offered. It is clear that these attacks will not subside any time soon.

Copyright © 2022 Robinson & Cole LLP. All rights reserved.

Small Businesses Don’t Recognize Risk of Cyberattack Despite Repeated Warnings

CNBC surveys over 2,000 small businesses each quarter to get their thoughts on the overall business environment and their small business’ health. According to the latest CNBC/SurveyMonkey Small Business Survey, despite repeated warnings by the Cybersecurity and Infrastructure Security Agency and the FBI that U.S.- based businesses are at an increased risk of a cyber-attack following Russia’s invasion of Ukraine, small business owners do not believe that it is an actual risk that will affect them, and they are not prepared for an attack. The latest survey shows that only five percent of small business owners reported cybersecurity to be the biggest risk to their company.

What is unfortunate, but not surprising, is the fact that this is the same percentage of small business owners who recognized a cyber attack as the biggest risk a year ago. There has been no change in the perception among business owners, even though there are repeated, dire warnings from the government. Also unfortunate is the statistic that only 33 percent of business owners with one to four employees are concerned about a cyber attack this year. In contrast, 61 percent of business owners with more than 50 employees have the same concern.

According to CNBC, “this general lack of concern among small business owners diverges from the sentiment among the general public….In SurveyMonkey’s polling, 55% of people in the U.S. say they would be less likely to continue to do business with brands who are victims of a cyber attack.” CNBC’s conclusion is that there is a disconnect between business owners’ appreciation of how much customers care about data security and that “[s]mall businesses that fail to take the cyber threat seriously risk losing customers, or much more, if a real threat emerges.” Statistics show that threat actors are targeting small to medium-sized businesses to stay under the law enforcement radar. With such a large target on their backs, business owners may wish to make cybersecurity a priority. It’s important to keep customers.

Copyright © 2022 Robinson & Cole LLP. All rights reserved.

DOJ Limits Application of Computer Fraud and Abuse Act, Providing Clarity for Ethical Hackers and Employees Paying Bills at Work Alike

On May 19, 2022, the Department of Justice announced it would not charge good-faith hackers who expose weaknesses in computer systems with violating the Computer Fraud and Abuse Act (CFAA or Act), 18 U.S.C. § 1030. Congress enacted the CFAA in 1986 to promote computer privacy and cybersecurity and amended the Act several times, most recently in 2008. However, the evolving cybersecurity landscape has left courts and commentators troubled by potential applications of the CFAA to circumstances unrelated to the CFAA’s original purpose, including prosecution of so-called “white hat” hackers. The new charging policy, which became effective immediately, seeks to advance the CFAA’s original purpose by clarifying when and how federal prosecutors are authorized to bring charges under the Act.

DOJ to Decline Prosecution of Good-Faith Security Research

The new policy exempts activity of white-hat hackers and states that “the government should decline prosecution if available evidence shows the defendant’s conduct consisted of, and the defendant intended, good-faith security research.” The policy defines “good-faith security research” as “accessing a computer solely for purposes of good-faith testing, investigation, and/or correction of a security flaw or vulnerability, where such activity is carried out in a manner designed to avoid any harm to individuals or the public, and where the information derived from the activity is used primarily to promote the security or safety of the class of devices, machines, or online services to which the accessed computer belongs, or those who use such devices, machines, or online services.”

In practice, this policy appears to provide, for example, protection from federal charges for the type of ethical hacking a St. Louis Post-Dispatch reporter performed in 2021. The reporter uncovered security flaws in a Missouri state website that exposed the Social Security numbers of over 100,000 teachers and other school employees. The Missouri governor’s office initiated an investigation into the reporter’s conduct for unauthorized computer access. While the DOJ’s policy would not affect prosecutions under state law, it would preclude federal prosecution for the conduct if determined to be good-faith security research.

The new policy also promises protection from prosecution for certain arguably common but contractually prohibited online conduct, including “[e]mbellishing an online dating profile contrary to the terms of service of the dating website; creating fictional accounts on hiring, housing, or rental websites; using a pseudonym on a social networking site that prohibits them; checking sports scores at work; paying bills at work; or violating an access restriction contained in a term of service.” Such activities resemble the facts of Van Buren v. United States, No. 19-783, which the Supreme Court decided in June 2021. In Van Buren, the 6-3 majority rejected the government’s broad interpretation of the CFAA’s prohibition on “unauthorized access” and held that a police officer who looked up license plate information on a law-enforcement database for personal use—in violation of his employer’s policy but without circumventing any access controls—did not violate the CFAA. The DOJ did not cite Van Buren as the basis for the new policy. Nor did the DOJ identify any another impetus for the change.

To Achieve More Consistent Application of Policy, All Federal Prosecutors Must Consult with Main Justice Before Bringing CFAA Charges

In addition to exempting good-faith security research from prosecution, the new policy specifies the steps for charging violations of the CFAA. To help distinguish between actual good-faith security research and pretextual claims of such research that mask a hacker’s malintent, federal prosecutors must consult with the Computer Crime and Intellectual Property Section (CCIPS) before bringing any charges. If CCIPS recommends declining charges, prosecutors must inform the Office of the Deputy Attorney General (DAG) and may need to obtain approval from the DAG before initiating charges.

©2022 Greenberg Traurig, LLP. All rights reserved.

Trade Mark Infringement – Muslim Dating App Meets its Match [.com]

A recent Intellectual Property Enterprise Court Decision (IPEC) on 20 April 2022 has decided that ‘Muzmatch’, an online matchmaking service to the Muslim Community has infringed Match.com’s registered trade marks.

The decision by Nicholas Caddick Q.C was that Muzmatch’s use of signs and its name amounted to trade mark infringement and/or passing off of Match.com’s trade marks. This case follows successful oppositions by Match.com to Muzmatch’s registration of its marks in 2018, and unsuccessful attempts by Match.com to purchase Muzmatch between 2017 and 2019.

Match.com is one of the largest and most recognisable dating platforms in the UK. It first registered a word mark ‘MATCH.COM’ in 1996 and also owns other dating-related brands including Tinder and Hinge with other marks including the word mark ‘TINDER’. Match.com used a 2012 TNS report to illustrate its goodwill and reputation and 70% of people surveyed would be able to recall Match.com if prompted, 44% unprompted and 31% of people would name Match.com as the first dating brand off the ‘top of their head.’

Muzmatch is a comparatively niche but growing dating platform, which aims to provide a halal (i.e. in compliance with Islamic law) way for single Muslim men and women to meet a partner. Muzmatch is comparatively much smaller and was founded in 2011 by Mr Shahzad Younas and now has had around 666,069 sign-ups in the UK alone.

The Court considered that the marks ‘Muzmatch’ and ‘MATCH.COM’ and each company’s graphical marks, had a high degree of similarity in the services provided. The marks were also similar in nature orally and conceptually and the addition of the prefix ‘Muz’ did not distinguish the two marks, nor could the lack of the suffix ‘.com’ or stylistic fonts/devices.

The key issue of the case relates to the idea of the term ‘Match’ which is used by both marks to describe the nature of the business: match[ing]. Muzmatch argued that as both marks share this descriptive common element, so it is difficult to conclude that there is a likelihood of confusion between the two marks as the term just describes what each business does.

 The Court found that finding that there is a likelihood of confusion for a common descriptive element is not impossible, as the descriptive element can be used distinctively. The average consumer would conclude that the portion ‘Match’ is the badge of origin for Match.com due to its reputation as a brand and the very substantial degree of distinctiveness in the dating industry. An average consumer would have seen the word ‘Match’ as the dominant element in the Match.com trade marks and Match.com is often referred to as just ‘Match’ in advertisements.

Aside from its marks, Muzmatch utilised a Search Engine Optimisation strategy from January 2012 whereby it utilised a list of around 5000 keywords which would take a user to a landing page on the its website. In the list of the keywords used, Muzmatch used the words ‘muslim-tinder’, ‘tinder’ and ‘halal-tinder’ which were accepted by Muzmatch during the litigation to have infringed Match’s trade marks of the Tinder brand including the word mark ‘TINDER’. Muzmatch’s SEO use was also found to cause confusion based on some of its keywords including ‘UK Muslim Match’, which again uses the term Match distinctively, therefore a consumer may confuse a link to ‘UK Muslim Match’ with ‘Match.com’.

Therefore, the Court found that there was likely to be confusion between Muzmatch and Match.com because of the distinctive nature of the term ‘Match’ in the world of dating platforms.  An average consumer would conclude that Muzmatch was connected in a material way with the Match.com marks, as if it was targeted at Muslim users as a sub-brand, so this confusion would be trade mark infringement under S10(2) of the Trade Marks Act 1994.

The Court also considered that Muzmatch had taken unfair advantage of Match.com’s trade marks and had therefore infringed those marks under S10(3) of the Trade Marks Act 1994. This was due to the reputation of Match.com’s trade marks and because a consumer would believe that Muzmatch was a sub-brand of Match.com.

The Court rejected Muzmatch’s defence of honest concurrent use and found that Match.com would also have an alternative claim in the tort of passing off.

Key Points:

  • The Court found that a common descriptive element can acquire distinctiveness in an area, solely because of a company’s reputation and influence in that market.
  • The use of Search Engine Optimisation strategies can also constitute a trade mark infringement.
  • The lack of the suffix ‘.com’ in a mark is not sufficient to distinguish use from a household brand such as Match.com, so care should be taken with brands such as ‘Match.com’, ‘Booking.com’[1]

Source:

[1] Match Group, LLC, Meetic SAS, Match.Com International Limited v Muzmatch Limited, Shahzad Younas [2022] EWHC 941 (IPEC)


[1] Note- Blog Post of July 6 2020 Relating to Booking.com- https://www.iptechblog.com/2020/07/us-supreme-court-opens-doors-to-generic-com-trademarks/

NCLC Tells FCC “Callers can easily avoid making calls to telephone numbers that have been reassigned….” – But Is it That Simple?

The National Consumer Law Center is at it again.

In response to the Department of Health and Human Services’ recent letter to the FCC seeking clarity on whether the TCPA applies to texts it would like to make to alert Americans of certain medical benefits, the NCLC–an organization that nominally represents consumers, but really seems to represent the interests of the plaintiff’s bar–has filed a comment.

Unsurprisingly, the NCLC takes the position that HHS needs no relief. Government contractors are covered by the TCPA–it says–but the texts at issue in HHS’ letter are consented, so they’re fine. (Although it later clarifies that only “many” but not “all” of the enrollees whom HHS wishes to call have “probably” given their telephone numbers as part of written enrollment agreements–so perhaps not.)

Hmmmm. Feels like a trap. But we’ll ignore that for now.

The critical piece here though is what the NCLC–very powerful voice, for better or (often) worse–is telling the FCC about the effectiveness of the new Reassigned Number Database:

3. Callers can easily avoid making calls to telephone numbers that have been reassigned to someone other than the enrollee

A primary source of TCPA litigation risk has been calls inadvertently made to numbers that are no longer assigned to the person who provided consent. Courts have held the caller liable for making automated calls to a cell phone number that has been reassigned to someone other than the person who provided consent to be called.29

The Commission has implemented the Reassigned Number Database specifically to address that risk of liability, as well as to limit the number of unwanted robocalls:

The FCC’s Reassigned Numbers Database (RND) is designed to prevent a consumer from getting unwanted calls intended for someone who previously held their phone number. Callers can use the database to determine whether a telephone number may have been reassigned so they can avoid calling consumers who do not want to receive the calls. Callers that use the database can also reduce their potential Telephone Consumer Protection Act (TCPA) liability by avoiding inadvertent calls to consumers who have not given consent for the call.31

The database has been fully operational since November 1, 2021. It provides a means for callers to find out before making a call if the phone number has been reassigned. If the database wrongly indicates that the number has not been reassigned, so long as the caller has used the database correctly, no TCPA liability will apply for reaching the wrong party. 32 Thus, as long as HHS’s callers make use of this simple, readily available database, they can be confident that they will not be held liable for making calls to reassigned numbers.

While I steadfastly support both the creation and use of the RND, it also must be observed that there are myriad problems with the RND as it currently exists. Most importantly, the data sets in the RND are only comprehensive through October 1, 2021 and spotty back to February, 2021 (beyond which there are no records!)

So for folks like HHS–and servicers of mortgages, and retailers, and credit card companies–who want to reach customers who provided their contact information before 10/2021 or 2/2021 the RND is simply not helpful.

The NCLC’s over simplification of a critical issue is not surprising. They once told Congress that the TCPA is “Straightforward and Clear” after all.

Full comment here: NCLC Comments-c3

We’ll keep an eye on developments on HHS’ letter and all the FCC goings ons.

© 2022 Troutman Firm

The Metaverse: A Legal Primer for the Hospitality Industry

The metaverse, regarded by many as the next frontier in digital commerce, does not, on its surface, appear to offer many benefits to an industry with a core mission of providing a physical space for guests to use and occupy. However, there are many opportunities that the metaverse may offer to owners, operators, licensors, managers, and other participants in the hospitality industry that should not be ignored.

What is the Metaverse?

The metaverse is a term used to describe a digital space that allows social interactions, frequently through use of a digital avatar by the user. Built largely using decentralized, blockchain technology instead of centralized servers, the metaverse consists of immersive, three-dimensional experiences, persistent and traceable digital assets, and a strong social component. The metaverse is still in its infancy, so many of the uses for the metaverse remain aspirational; however, metaverse platforms have already seen a great deal of activity and commerce. Meanwhile, technology companies are working to produce the next-generation consumer electronics that they hope will make the metaverse a more common location for commerce.

The Business Case for the Hospitality Industry

The hospitality industry may find the metaverse useful in enhancing marketing and guest experiences.

Immersive virtual tours of hotel properties and the surrounding area may allow potential customers to explore all aspects of the property and its surroundings before booking. Operators may also add additional booking options or promotions within the virtual tour to increase exposure to customers.

Creating hybrid, in-person and remote events, such as conferences, weddings, or other celebrations, is also possible through the metaverse. This would allow guests on-site to interact with those who are not physically present at the property for an integrated experience and possible additional revenue streams.

Significantly, numerous outlets have identified the metaverse as one of the top emerging trends in technology. As its popularity grows, the metaverse will become an important location for the hospitality industry to interact with and market to its customer base.

Legal Issues to Consider

  1. Select the right platform for you. There are multiple metaverse platforms, and they all have tradeoffs. Some, including Roblox and Fortnite, offer access to more consumers but generally give businesses less control over content within the programs. Others, such as Decentraland and the Sandbox, provide businesses with greater control but smaller audiences and higher barriers to entry. Each business should consider who its target audience is, what platform will be best to reach that audience, and its long term metaverse strategy before committing to a particular platform.
  2. Register your IP. Businesses should consider filing trademark applications covering core metaverse goods or services and securing any available blockchain domains, which can be used to facilitate metaverse payments and to direct users to blockchain content, such as websites and decentralized applications. Given the accelerating adoption of blockchain domains along with limited dispute resolution recourse available, we strongly encourage businesses to consider securing intellectual property rights now.
  3. Establish a dedicated legal entity. Businesses may want to consider setting up a new subsidiary or affiliate to hold digital assets, shield other parts of their business from metaverse-related liability, and isolate the potential tax consequences.
  4. Take custody of digital assets. Because of their digital character, digital assets such as cryptocurrency, which may be the primary method of payment in the metaverse, are uniquely vulnerable to loss and theft. Before acquiring cryptocurrency, businesses will need to set up a secure blockchain wallet and adopt appropriate access and security controls.
  5. Protect and enforce your IP. The decentralized nature of the metaverse poses a significant challenge to businesses and intellectual property owners. Avenues for enforcing intellectual property rights in the metaverse are constantly evolving and may require multiple tools to stop third-party infringements.
  6. Reserve metaverse rights. Each Business that licenses its IP, particularly those that do so on a geographic or territorial basis, should review existing license agreements to determine what rights, if any, its licensees have for metaverse-related uses. Moving forward, each brand owner is encouraged to expressly reserve rights for metaverse-related uses and exercise caution before authorizing any third party to deploy IP to the metaverse on a business’ behalf.
  7. Tax matters. Attention needs to be paid to how the tax law applies to metaverse transactions, despite the current tax law not fully addressing the metaverse. This is particularly the case for state and local sales and use, communications, and hotel taxes.

Ready to Enter?

As we move into the future, the metaverse appears poised to provide a tremendous opportunity for the hospitality industry to connect directly with consumers in an interactive way that was until recently considered science fiction. But like every new frontier, technological or otherwise, there are legal and regulatory hurdles to consider and overcome.

© 2022 ArentFox Schiff LLP

Alabama Enacts New Telemedicine Law

Alabama Governor Kay Ivey recently signed SB 272 into law, setting forth telemedicine practice standards and abolishing Alabama’s previous “special purpose license” that allowed physicians licensed in other states to practice across state lines into Alabama. The law is effective July 11, 2022.

The law creates a new article in the Code of Alabama (Sections 34-24-701 through 34-24-707 of Chapter 24, Title 34). The statutory language is lengthy, but the key provisions are summarized below.

Medical License

Unless the physician meets an exception to licensure (e.g., peer-to-peer consultations, irregular or infrequent services), a physician must obtain either a full Alabama medical license or a license via the Interstate Medical Licensure Compact in order to provide “telehealth medical services” to a patient located in Alabama.

  • Telehealth medical services means “[d]igital health, telehealth, telemedicine, and the applicable technologies and devices used in the delivery of telehealth. The term does not include incidental communications between a patient and a physician.
  • The term “irregular or infrequent” services refers to “telehealth medical services” occurring less than 10 days in a calendar year or involving fewer than 10 patients in a calendar year.

Defined Terms and Allowable Modalities

  • Telehealth is defined as “[t]he use of electronic and telecommunications technologies, including devices used for digital health, asynchronous and synchronous communications, or other methods, to support a range of medical care and public health services.”
  • Telemedicine is defined as “[a] form of telehealth referring to the provision of medical services by a physician at a distant site to a patient at an originating site via asynchronous or synchronous communications, or other devices that may adequately facilitate and support the appropriate delivery of care.” The term includes digital health, but does not include incidental communications between a patient and a physician.
  • Digital Health is defined as “[t]he delivery of health care services, patient education communications, or public health information via software applications, consumer devices, or other digital media.”
  • Asynchronous is defined as “[t]he electronic exchange of health care documents, images, and information that does not occur in real time, including, but not limited to, the collection and transmission of medical records, clinical data, or laboratory results.”
  • Synchronous is defined as “[t]he real-time exchange of medical information or provision of care between a patient and a physician via audio/visual technologies, audio only technologies, or other means.”

Physician-Patient Relationship

A physician-patient relationship may be formed via telehealth without a prior in-person exam.

Telemedicine Prescribing of Medications and Controlled Substances

A practitioner may prescribe a legend drug, medical supplies, or a controlled substance to a patient via telehealth. However, a prescription for a controlled substance may only be issued if:

  1. The telehealth visit includes synchronous audio or audio-visual communication using HIPAA compliant equipment;
  2. The practitioner has had at least one in-person encounter with the patient within the preceding 12 months; and
  3. The practitioner has established a legitimate medical purpose for issuing the prescription within the preceding 12 months.

In-Person Visit for Unresolved Medical Condition

If a physician or practice group provides telehealth medical services more than 4 times in a 12-month period to the same patient for the same medical condition without resolution, the physician must either see the patient in-person within 12 months or refer the patient to a physician who can provide the in-person care within 12 months. This in-person visit requirement does not apply to the provision of mental health services.

The Alabama Board of Medical Examiners and the Alabama Medical Licensure Commission are currently developing administrative rules in accordance with the new law.

© 2022 Foley & Lardner LLP

10 Law Firm Newsletter Ideas to Attract Clients

How to Start and Grow a Newsletter for a Law Firm

Email marketing often gets a bad rap. After all, we all know the annoyance of getting spam and promotional emails. Much of this content just ends up deep in our inbox. The same can happen to newsletters… especially boring ones.

Don’t let your law firm email newsletter fall to this fate. In this guide, I’ll talk about how to start a successful newsletter and use it to attract clients.

Plus, you’ll get 10 content ideas for creating an engaging newsletter.

Why start a newsletter?

A study conducted by Law Technology Today found that 86% of law firms fail to collect an email address when they acquire a new lead. Starting an email newsletter is one way to prioritize growing your email list and taking down information to nurture users into potential clients.

With this in mind, an email newsletter is about more than just sending a generic email every month; instead, it can be an effective tool for drumming up new business for your law firm. It also gives you a medium through which you can share firm news, build trust with your subscribers, and establish your law firm’s brand.

Benefits of starting a law firm newsletter

Email newsletter marketing offers many benefits to your law firm. Beyond simply sending updates to your email list, an email newsletter can bring the following perks:

  • Connection – A law firm newsletter builds connection with your new and potential clients by telling them more about your firm and offering a way for subscribers to respond directly to your email.
  • Traffic – An effective newsletter can work to drive more users to your website and social media pages.
  • Sales – Newsletters offer a convenient way for subscribers to reach out to your firm, increasing the likelihood that they will turn into new clients.
  • Community – Sending a consistent newsletter can help drive users to your social media accounts, therefore growing your community and visibility on social.
  • Reputation Management – Email provides an avenue for you to build rapport with your audience, get ahead of bad PR, and ultimately build trust in your firm.

How to write a law firm email newsletter

Before you sit down and start typing away at your newsletter, you’ll want to understand the fundamentals of what it takes to write and market a great newsletter. Here’s how to get started.

Define your target audience

Generalism is the killer of many marketing campaigns. If you don’t define your target audience – that is, the interests and persona of the people you are trying to reach – you risk offering the wrong type of content to the wrong audience. And disjointed messaging won’t bring the client-generating results that you want.

Instead, you’ll want to brainstorm a few factors to ensure you are writing for your ideal audience. These factors include:

  • What types of legal services your audience is interested in
  • What legal issues they are struggling with most
  • What questions they’re likely to have about the legal process
  • What their goals are when it comes to hiring a lawyer
  • What interests they have in understanding law, the legal system, etc.

If you’ve been in your field for a while, you’ll likely have an idea of how to answer these questions. If you’re more green, you can always ask your network, social media followers, and existing clients some of these questions to better understand their interests.

Grow your email list

Of course, before you can see results from an email newsletter you’ll need an audience to send it to! Now, building an email list organically takes time, but it’s worth it to build a list of subscribers who are actually interested in your content.

Never buy email subscribers, as these will likely be dead accounts or otherwise users who will never work with you. Instead, invest in blogging and website marketing in order to grow your community organically.

Here are some tips for growing your law firm email list:

  1. Embed a signup form on your website in order to capture users’ contact information (at the very least, their email address and name)
  2. Publish helpful blog content to drive organic search engine traffic and traffic from social media
  3. Offer downloadable content – like PDFs, infographics, guides, etc. – behind a sign-up wall to encourage users to subscribe
  4. Use email marketing software like Mailchimp to add email list signup forms to various pages or articles on your website
  5. Offer value with impactful content. If you’re able to demonstrate that you are an authority in your industry, people will be excited to subscribe for future updates

Plan your content

With your target audience in mind, you can begin to plan your newsletter content. I highly recommend choosing a “theme” and then building out a newsletter based on that theme.

For example, one month you may decide to talk about common mistakes people make in hiring a lawyer. So, you write four newsletters over the course of the month – each one addressing a different ‘mistake’ people make and how to avoid it.

You can use a notebook, Google Doc, or spreadsheet to plan your content and keep organized. Try to plan at least a month in advance so you are prepared with content ideas ahead of time. You can even write your content and schedule the delivery weeks or months out.

Write your newsletter

Whether you consider yourself a good writer or not, drafting a great email newsletter is relatively simple. There are just a few tips to keep in mind to help you produce engaging content every time:

  • Write an eye-catching subject line. Rather than simply say “newsletter”, you can include the actual subject of your email (e.g. ‘Don’t make this mistake…) to entice subscribers to click
  • Make it “scannable”. Instead of typing a long wall of text, break your email content into shorter paragraphs, sentences, or bulleted lists. This makes it easier for readers to ‘scan’ your content and find the content they are interested in.
  • ‘Close the loop’. This is a concept I got from an email copywriter. Open your email with a ‘hook’ – could be a tip, a question, or an intro to a story – and then resolve the hook at the end of your email. For example, you could open with “Many clients make a huge mistake in hiring a lawyer…” and then at the end of the email you say “Don’t want to make that mistake? Here’s how to avoid it…”. This keeps readers interested from start to finish.
  • Add a link. Include links to related blog posts, social media posts, videos, etc. to drive traffic to your other channels.
  • Include a call to action. Either encourage readers to respond to a question (e.g. “What do you think about…?”), contact you directly (e.g. “Respond now to schedule a consultation”), or visit your other platforms (e.g. “Visit our website to learn more about…”).

Use an email platform

Email marketing software like Mailchimp and ConvertKit makes it easy to write, format, schedule, and deliver your newsletter content. There’s no need to create a long CC chain to your subscribers and send your email manually. These tools allow you to send your newsletter to an entire list, schedule the delivery date, add media, and more.

Preview and test your newsletter

It’s always a good idea to preview your newsletter to check if you made any mistakes. Further, send yourself a test email to make sure there are no delivery issues. You can then also see how your newsletter looks on different devices and decide if you need to change up your content.

Send it out

Once your email template is complete, give it a final once-over for any selling issues or mistakes. When you’ve double-checked your content, you’re ready to send it to your email list.

Track results

Most email marketing tools will also provide analytics regarding your email open rate, subscriber growth, or unsubscribe rate. These metrics will help you determine the success of your newsletter and make adjustments over time. For example, if you see that your open rate is low, that may mean you need more engaging subject lines. Or, if there have been a lot of unsubscribes, this may mean users aren’t enjoying your content.

Try these creative law firm newsletter ideas

Now, the funnest part of publishing an email newsletter is the amount of creativity there is in thinking up content ideas. I strongly encourage you to be adventurous with your newsletter and not be afraid of veering from the same old script.

Here are some creative law firm newsletter ideas for you to consider:

1. Topic series

Produce a series of newsletters that cover a primary topic. For example, you can commit the month of November to talk about “DUI FYIs”, in which you reveal helpful tips in addressing a DUI over a series of emails. This approach gets subscribers looking forward to your upcoming emails and makes it easier for you to plan your content.

2. Q&A

The legal process can be super confusing for clients and the general public. With this idea, you can address a single question and answer via email over the course of the campaign. Again, this can encourage users to look forward to your upcoming Q&A sessions.

3. Interviews

Know an industry expert who has a perspective to share? Highlight this individual and provide value to your audience by including an interview in your newsletter. You can do this several times in your email marketing strategy. And, it can get subscribers to ask questions to your email campaign, which is great for deliverability and engagement.

4. Email course

Some topics warrant a deeper explanation. For subscribers wanting to learn more about the legal process or a particular topic, you can offer a multi-step email course. They will have to open each email to get new nuggets of information and to complete the course.

5. Videos

It’s no secret that today’s users love video content. Including videos in your emails is a good way to improve open rates and direct users to your video (typically, your YouTube channel or website). Be sure to include “Video:” in your email subject line to encourage subscribers to one your email.

6. Templates

Many email marketing platforms offer professional-looking email templates you can use so you don’t have to design your newsletter from scratch. A great-looking email could encourage users to engage with your content. Typically, these templates include social media icons as well, which can direct more traffic to these platforms. You can update colors, fonts, logos, images, and more.

7. ‘Get to know me’

When new subscribers join your newsletter, they may not know much about you. A “Get to know me” email can help introduce them to you, your interests, and your approach to law. Keep it fun by sharing interesting facts about yourself, likes and dislikes, hobbies, or whatever you think will be exciting to your audience.

8. Meet the team

Similarly, you can run a “Meet the team” series to introduce your entire staff to your list. This is a great way to build trust and provide that added human connection. If you have a large staff, consider breaking this out into several emails for even more content.

9. Storytime

Email subscribers love a good story. Now, while you don’t want to share any confidential information about your cases, you could share lessons learned from the industry, funny office stories, or a personal life story. You can even slowly tell the story over a course of emails to keep readers interested.

10. In the news

We’ve all come across hot news stories where celebrities land themselves in legal trouble or a large company is going under. Turn trending topics into legal lessons, offer your own unique spin, and make the legal process more relatable to your readers. We are all talking about these pop culture stories anyway, might as well use it for great email content!

Email newsletters build connection with your audience

An email newsletter is one of the best ways to build trust and connection with potential and existing clients. Remember, subscribers care less about “marketing content” and more about the value your firm can provide, the stories you tell, and how you can help them navigate their legal woes.

So, keep things fun and interesting with creative email content. Try different media, switch up topics, and, above all, stay consistent so you nurture a strong, engaged audience.

Copyright 2022 © Hennessey Digital

Article By Jason Hennessey with Hennessey Digital.

For more articles about law firm management, please visit the NLR Business of Law section.

A Lawyer’s Guide to Integrated Marketing

Like many lawyers, I did not learn about marketing in law school. I knew nothing about communications or media relations before law school, either. When I graduated and began practicing at a boutique matrimonial law firm, there was no internal or external marketing resource, and no direct conversations or plans about public relations or branding. One founding partner talked about the importance of reputation for connecting with potential clients and how his connections in the legal community resulted in many referrals, but he never mentioned marketing.

Yet, as I tagged along to bar association meetings, drafted articles that the partner published in a legal journal, and received encouragement to network at Inns of Court sessions, I saw this side of legal practice come to light. We didn’t call it marketing, or PR, and it was well before social media, but I understood that the partner was intentionally marketing the practice and generating awareness of the firm’s experience — an effort that resulted in new client engagements.

When I decided to leave law after a few years, I enrolled in a New York University course about marketing for professional services. As luck would have it, the instructor was Deborah Brightman Farone, an extraordinary legal marketer then and now — she was inducted into the Legal Marketing Association’s Hall of Fame at the organization’s 2022 annual conference. Deborah introduced me to the field of law firm marketing, and since then, I have worked with hundreds of lawyers and professional marketers on business development and integrated marketing plans, and have helped them make marketing part of their daily practice.

Most lawyers need to understand what this marketing thing is all about. I see firsthand their appreciation for the importance of building client relationships, cross-selling expertise within the firm, and networking. However, I don’t see an understanding of the terms and tactics of legal marketing as often. I think that with so much to learn in law school, there just isn’t time to learn the business side of law. Once a lawyer is practicing law, there may be little direction about how to reach prospects and referral sources, stand apart from other lawyers doing similar work, and find time to “market oneself.”

I frequently read articles where lawyers describe their routes to becoming partner or managing a practice or office. The words “PR” or “marketing” may not appear in their answers, but as someone who has advised lawyers about practice growth for more than 20 years, I know that positioning themselves as knowledge leaders played a role in the success of their relationship-building and practice development. And that, of course, is marketing.

This article will take you through five steps I always examine with lawyers who are just getting started with marketing, or participating in a firmwide marketing program.

  1. Acknowledge the Need for Education

Earning a JD and passing the bar exam prepare a lawyer for the practice of law, but not the business of law. My colleague Vivian Hood recently wrote, “Law schools focus on teaching the art of law, and not so much on the art of connections.” Courses about marketing, public relations, or social media are not part of the law school curriculum. Rather, law school teaches students to read cases and apply precedent, analyze facts and frame arguments, and spot the real issues and see the red herrings. Likewise, legal writing courses, moot court competitions, internships, and other hands-on work prepare them for practicing law. Their understanding of marketing may extend to billboards they see on their way to work, law firm ads in legal journals, or networking events with bar associations.

Lawyers know how to practice law, but do not know what marketing is or how it supports business development and revenue. Education is the first step to heightening awareness. On many occasions, I have explained how PR works so lawyers understand the events that result in being quoted in a trade publication, or the behind-the-scenes steps that go into earning a speaking engagement at an industry event.

  1. Discuss Perceptions of Marketing

The only way to know how an attorney perceives marketing is to ask, and then provide guidance about worthwhile and suitable marketing efforts.

Lawyers often shy away from marketing because they associate it with sales. My colleague Glennie Green explains, “Most attorneys envision some sort of sales when the idea of marketing and business development comes up. They see car salespeople, or aggressive pitches for timeshares. But that is the wrong mindset. Business development is not sales. Business development is cultivating and nurturing relationships.”

Relationships can be built in many ways. A common misconception is that marketing success is based on the ability to be a natural rainmaker who can walk into any room and instantly make connections for the firm. That belief can create unrealistic expectations and undue stress, because rainmakers are few and far between. Relationships can be built and nurtured without that unique rainmaker quality. Everyone adapts to situations differently ­— some of us are introverts, others extroverts, or a combination of traits.

  1. Assess the Impact of Previous Experiences

Lawyers may base their perceptions of marketing on prior experiences. Lawyers have told me, “I wrote many articles in the past, and they never amounted to any new business.”

“I traveled to speak at a conference, and not a single attendee turned out to be a new client.”

“I did an interview with a reporter who misquoted me.”

“I have a LinkedIn profile, but I’m not interested in doing anything with it; it’s just like Facebook.”

Many people fear failure, and many transactional lawyers and litigators are driven by winning. It is no surprise, then, that lawyers question the value of something that has not been a winner in the past. Understanding and acknowledging these hesitations can lead to productive discussions about marketing and, more specifically, about techniques that may be better suited for the lawyer.

  1. Discuss the Time Commitment

The billable-hour model of legal practice can affect a lawyer’s availability to market their practice. Too many business-driving commitments will inevitably frustrate a lawyer and diminish the success of marketing. It’s better to work with a distinct set of action items that can take only a few minutes a day rather than many hours each week.

Glennie Green has helped lawyers identify their advocates — assistants, paralegals, the firm’s librarians; people they can partner with to achieve their action items. One managing partner with a busy practice serves as an example of this effort. “He has made a commitment to conduct a certain number of meetings a month with current and potential referral sources,” she says. “He enlists a paralegal in the office to help schedule those meetings, as well as maintain his ‘marketing’ calendar. This allows him to keep his focus on his practice and manage the firm. He regularly checks his calendar for new appointments, and he says he looks forward to seeing whom he will meet with next. Once he realized that he didn’t have to do it all and enlisted some help, his plan and marketing goals became not only manageable but systematic.”

  1. Find the Comfort Zone

Marketing efforts must be tailored to a lawyer’s personality and interests. Everyone has a different comfort level. Some lawyers love to speak at conferences, and others would rather research a case and write an analysis for a journal. One lawyer may already enjoy engaging on social media, and another may feel crushed for time but would be amenable to doing a 30-minute interview with a reporter. Perhaps a lawyer may enjoy participating in an association’s events or committees. Green explains, “Knowing a lawyer’s areas of confidence, and recognizing what causes any discomfort, is crucial to establish the right marketing plan with the flexibility to change direction as needed.”

The avenues for marketing include website content and branding, social media posts and engagement, media relations, published quotes and articles, rankings submissions and awards, conferences and speaking opportunities, networking, events, and more. The questions and conversations I’ve provided lead to more precise choices of marketing tactics, as well as more informed expectations of results. An integrated marketing and business development program offers lawyers a selection of tactics, with deliberate matching to their preferences and the flexibility to change as needed.

© Copyright 2008-2022, Jaffe Associates

Cryptocurrency As Compensation: Beware Of The Risks

A small but growing number of employees are asking for cryptocurrency as a form of compensation.  Whether a substitute for wages or as part of an incentive package, offering cryptocurrency as compensation has become a way for some companies to differentiate themselves from others.  In a competitive labor market, this desire to provide innovative forms of compensation is understandable.  But any company thinking about cryptocurrency needs to be aware of the risks involved, including regulatory uncertainties and market volatility.

Form of Payment – Cash or Negotiable Instrument

The federal Fair Labor Standards Act requires employers to pay minimum and overtime wages in “cash or negotiable instrument payable at par.”  This has long been interpreted to include only fiat currencies—monies backed by a governmental authority.  As non-fiat currencies, cryptocurrencies therefore fall outside the FLSA’s definition of “cash or negotiable instrument.”  As a result, an employer who chooses to pay minimum and/or overtime wages in cryptocurrency may violate the FLSA by failing to pay workers with an accepted form of compensation.

In addition, various state laws make the form of wage payment question even more difficult.  For example, Maryland requires payment in United States currency or by check that “on demand is convertible at face value into United States currency.”  Pennsylvania requires that wages shall be made in “lawful money of the United States or check.”  And California prohibits compensation that is made through “coupon, cards or other thing[s] redeemable…otherwise than in money.”  It is largely unclear whether payment in cryptocurrency runs afoul of these state requirements.

Of note, the U.S. Department of Labor (“DOL”) allows employers to satisfy FLSA minimum wage and overtime regulations with foreign currencies as long as the conversion to U.S. dollars meets the required wage thresholds.  But neither the DOL nor courts have weighed in on whether certain cryptocurrencies (e.g., Bitcoin) are the equivalent, for FLSA purposes, of a foreign currency.

Volatility Concerns

When compared to the rather stable value of the U.S. dollar, the value of cryptocurrencies is subject to large fluctuations.  Bitcoin, for example, lost nearly 83% of its value in May 2013, approximately 50% of its value in March 2020, and recently lost and then gained 16% of its value in the span of approximately 15 minutes one day in February 2021.

Such volatility can give payroll vendors a nightmare and can, in some instances, lead to the under-payment of wages or violation of minimum wage or overtime requirements under the FLSA.

Tax and Benefits Considerations

Aside from wage and hour issues, the payment of cryptocurrency implicates a host of tax and benefits-related issues.  The IRS considers virtual currencies to be “property,” subject to capital gains tax rates.  It has also confirmed in guidance materials that any payment to employees in a virtual currency must be reported on a W-2 based upon the value of the currency in U.S. dollars at the time it was delivered to the employee.  This means that cryptocurrency wage payments are subject to Federal income tax withholding, Federal Insurance Contributions Act (FICA) tax, and Federal Unemployment Tax Act (FUTA) tax.

For 401k plan fiduciaries, the Department of Labor recently issued guidance that should serve as a stern warning to any fiduciary looking to invest 401k funds into cryptocurrencies.  Specifically, the DOL wrote: “[a]t this early stage in the history of cryptocurrencies, the Department has serious concerns about the prudence of a fiduciary’s decision to expose a 401(k) plan’s participants to direct investments in cryptocurrencies, or other products whose value is tied to cryptocurrencies.”  Given the risks inherent in cryptocurrency speculation, the DOL stated that any fiduciary allowing such investment options “should expect to be questioned [by the DOL] about how they can square their actions with their duties of prudence and loyalty in light of the risks.”

Considerations for Employers

Given the combination of uncertain and untested legal risks, employers should consider limiting cryptocurrency compensation models to payments that do not implicate the FLSA or applicable state wage and hour laws.  For example, an employer might provide an exempt employee’s base salary in U.S. dollars and any annual discretionary bonus in cryptocurrency.

Whether investing in cryptocurrencies themselves to pay employees or utilizing a third-party to convert US dollars into cryptocurrency, employers should also stay abreast of the evolving tax and benefits guidance in this area.

Ultimately, the only thing that is clear about cryptocurrency compensation is that any decision to provide such compensation to employees should be made with a careful eye towards the unique wage, tax, and benefits-related issues implicated by these transactions.

Copyright © 2022, Hunton Andrews Kurth LLP. All Rights Reserved.