The Federal Court of Australia’s decision in McClure v. Medibank emphasizes the complexity of maintaining privilege over forensic reports. Specifically, privilege hinges on the purpose of the report, its usage, and the audience who accessed it. This case, stemming from a significant data breach, highlighted the risks organizations face when these reports are not adequately protected under attorney-client privilege. The ruling demonstrated that mixed-purpose reports could lose privilege protections, underscoring the need for careful management of legal documents following breaches.
Privilege doesn't only depend on who commissioned the report - it hinges on why it was created, how it was used, and who saw it.
Protecting these reports under the attorney-client privilege or the work product doctrine isn't just a best practice - it's a critical step in managing legal risk after a breach.
Collection
[
|
...
]