Your associates are already using AI.
Your firm’s policy probably hasn’t caught up.
Since ABA Formal Opinion 512, the question is no longer whether your firm uses AI. It is whether you can show a malpractice carrier, a client, or the bar that you use it responsibly. Wellforce scores where your firm stands in about 60 seconds.
Wellforce provides managed IT and AI security for law firms in Washington DC, Maryland, and Virginia, mapped to ABA Formal Opinion 512. We harden Microsoft 365 to legal-industry standards, monitor the dark web for attorney credentials, defend against email impersonation, and support the AI use policy your confidentiality duty under Rule 1.6 now requires. Start with a free 60-second scorecard of your firm’s exposure.
The exposure most firms can’t see.
Three things changed for law firms in the last 18 months, and they arrived faster than most firms’ IT did. Most DC firms are exposed on all three. Very few have looked.
-
AI walked in the side door.
Your people are using ChatGPT, Copilot, and Claude on client work right now. Most firms have no written policy that maps to Rule 1.6, which means the confidentiality risk sits on the responsible attorney personally.
-
Insurers started asking.
For the first time, 2026 cyber-insurance renewals are asking firms about AI governance. Some carriers have signaled they will contest claims where no policy was in place.
-
The bar set the standard.
ABA Formal Opinion 512 mapped six Model Rules onto AI use. State bars, including guidance relevant to DC, Maryland, and Virginia, are treating it as the baseline for AI competence.
The Law Firm AI Risk & IT Health Scorecard.
An external scan of your firm’s domain, returned as a branded report you can take to your next partner meeting or insurance renewal. No sales call required to get it.
The scan reports the security exposure carriers and clients now ask about. The Opinion 512 and Rule 1.6 readiness picture is then walked through with Scott Midgley, who leads our law firm practice, in an optional 20-minute review.
What the scan looks at
- Dark-web exposure of attorney and staff credentials
- Email impersonation risk — SPF, DKIM, and DMARC posture on your sending domain
- Partner-targeted BEC vectors — display-name lookalikes and executive email risk
- DNS health and copycat domains registered to impersonate your firm
- Public-facing exposure and web/privacy compliance signals
It is free, specific, and time-bound. The report is an external posture snapshot, not a penetration test.
An IT partner that speaks law firm.
Most managed IT providers will tell you they also serve law firms. Ask them what IOLTA compliance has to do with your IT, or how Opinion 512 changes your Microsoft 365 configuration, and the conversation gets thin.
Opinion 512 policy support, IOLTA-aware controls, and practice-management integrations. We know what the confidentiality duty means for your Microsoft 365 configuration.
Dark-web monitoring, email impersonation defense, and Microsoft 365 hardened to legal-industry standards. The same controls we run for healthcare and financial-services clients.
Scott Midgley leads the law firm practice and runs every scorecard review personally. You talk to the person who understands your exposure, not a sales rep.
From scan to clarity in three steps.
- 1
Run the scorecard.
Enter your firm domain. The external scan takes about 60 seconds to submit.
- 2
Get the report.
A branded report lands in your inbox, with grades and plain-English findings on your credential, email, and DNS exposure.
- 3
Walk it through (optional).
Book 20 minutes with Scott to review what the findings mean for your Opinion 512 posture and the fixes that matter most before your next renewal.
Have a quick Opinion 512 question?
Ask the Bar Bot below. It answers questions about ABA Opinion 512 and Rule 1.6 as they apply to law firm AI use. Or download the policy template to start from a real document.
Bar Bot
ABA Opinion 512 & Rule 1.6
The Law Firm AI Use Policy Template
A starting-point policy mapped to all six Opinion 512 Model Rules, with an approved-tools list, a confidentiality boundary, a verification rule, and a billing position. Adapt it with your own counsel.
Download the Law Firm AI Use Policy Template
A starting-point policy mapped to all six Opinion 512 Model Rules. Enter your work email and it's yours.
Want the background first? Read our plain-English guide to ABA Opinion 512, rule by rule.
About the law firm scorecard
Is the scorecard really free?
Yes. You get the report with no obligation. The optional 20-minute review with Scott Midgley is also free, and the report includes a one-click link to book it only if you want to.
Will you contact our whole firm?
No. The scorecard goes to the person who requests it. We do not blast your partners or add anyone to a drip sequence.
We already have an IT provider. Why would we run this?
Most firms run it precisely because they have a provider and want a second, law-firm-specific read on their AI and confidentiality exposure. The report is useful whether or not you ever work with Wellforce.
Do you only work with large firms?
No. We work with firms across DC, Maryland, and Virginia, from solo and small partnerships to mid-size firms. The Opinion 512 exposure is, if anything, larger at firms without a dedicated IT function.
What is ABA Opinion 512?
What does the scorecard actually scan?
It runs an external scan of your firm’s domain for dark-web credential exposure, email impersonation and spoofing risk, DNS posture, look-alike domains, and public-facing security signals. The Opinion 512 and Rule 1.6 readiness questions are then walked through with Scott in the optional review, not scored automatically.
Find out where your firm stands before your carrier does.
60 seconds. A branded report. No sales call required.
Or call (855) 885-7338