Securing Anthropic Claude
for Your Legal Practice

Understanding the Claude Product Landscape

Anthropic offers several ways to use Claude. Each has different privacy characteristics. Understanding which product you are using — and which terms govern it — is the essential first step.

Your Ethical Obligations (ABA Formal Opinion 512)

In July 2024, the ABA Standing Committee on Ethics and Professional Responsibility published Formal Opinion 512, its first formal guidance on lawyers’ use of generative AI. The opinion maps existing Model Rules to AI tools and creates specific obligations around data handling.

In practical terms, Opinion 512 requires you to answer three questions before using any Claude product with client data:

1. Can the AI provider access or retain my client’s information?
2. Could my client’s information be used to train AI models that serve other users?
3. Have I implemented adequate safeguards to prevent unauthorized disclosure?

The answers depend entirely on which Claude plan tier you are using.

Plan Tiers: A Risk-Based Comparison

Decision Flowchart: Can I Use Claude for This Client File?

Handling Confidential Client Files in Claude

When you upload a document to Claude — whether through the website, the desktop app, or Claude Code — the file is transmitted to Anthropic’s servers for processing. Understanding this data flow is essential.

How File Processing Works

Rules for Client Files

On a Claude for Work (Team/Enterprise) Account:

• Confirm your account is governed by Anthropic’s Commercial Terms (check with your firm administrator or account Primary Owner)
• Verify that the “Help improve Claude” setting is off at the organization level (Enterprise admins control this)
• Review Anthropic’s subprocessor list and Data Processing Addendum
• Before uploading, consider: does this file need to be uploaded in full, or can you redact identifying details first?
• Use Claude Projects to isolate client matters — do not mix clients in a single conversation
• Delete conversations containing client files after you have extracted the analysis you need
• Document your use of AI in the matter file, including what was uploaded and when

Claude Code with Client Source Material:

• Claude Code reads files from your local filesystem and sends their content to Anthropic’s servers
• If using a consumer plan (Free/Pro/Max), Claude Code data follows consumer retention and training policies
• If using a commercial API key, Claude Code data follows commercial terms (no training, shorter retention)
• Check which API key Claude Code is using: run /config in the CLI to verify
• For maximum protection, use Claude Code with a commercial API key that has Zero Data Retention enabled

If You Must Use a Consumer Plan: Minimum Safety Settings

If your firm is evaluating Claude before committing to a commercial plan, or if individual attorneys use personal accounts for non-client work, these settings are the absolute minimum configuration required.

Step 1: Disable Model Training

Navigate to:
  claude.ai → Settings → Privacy & Data Controls

Set the following:
  "Help improve Claude"  →  OFF

This prevents your conversations from being used
to train future AI models. Without this step, data
retention extends from 30 days to 5 YEARS.

Step 2: Disable Memory (If Available)

Navigate to:
  claude.ai → Settings → Memory

Set:
  Memory  →  OFF

Memory stores information about you across conversations.
If you discuss client matters in one conversation, that
context could surface in another.

Step 3: Delete Conversations After Use

Deleted conversations are removed from your history immediately and from Anthropic’s backend systems within 30 days. Deleted chats are excluded from training regardless of your settings. Make it a habit to delete any conversation that contained sensitive information.

Step 4: Review the Claude Desktop App

The Desktop app inherits the privacy settings of your claude.ai account. There are no separate privacy controls in the app itself. Ensure your web account settings are configured before using the desktop app.

Recommended Configuration: Claude for Work (Commercial Plans)

For any law firm handling confidential client information, Anthropic’s commercial plans are the appropriate choice. These are governed by separate Commercial Terms of Service that explicitly prohibit model training on your data.

Enterprise Plan Security Features

API with Zero Data Retention

For the highest level of protection, Anthropic offers a Zero Data Retention (ZDR) addendum for eligible API customers. Under ZDR, Anthropic does not store your inputs or outputs except where required by law or to combat misuse. This is the gold standard for firms handling highly sensitive matters.

Claude Code: Special Considerations

Claude Code is a command-line tool that operates directly on your filesystem. It can read files, write code, execute commands, and interact with your development environment. This creates unique risks in a law firm context.

What Claude Code Can Access

• Any file in the working directory (and subdirectories) that you grant it access to
• Code repositories, configuration files, and environment variables
• Terminal output and system information
• All of this content is sent to Anthropic’s servers for processing

Data Policies by Account Type

Preventing Accidental Exposure

# Create a .claudeignore file in your project root
# (similar to .gitignore) to exclude sensitive files:

# Client documents
/client-files/
*.pdf
*.docx

# Credentials and secrets
.env
*.pem
*.key

# Database files
*.sqlite
*.db

Developing Your Firm’s AI Usage Policy

ABA Formal Opinion 512 and Model Rules 5.1/5.3 require firms to establish clear policies governing AI use. Your policy should address, at minimum, the following areas:

1. Approved Tools and Plans

Specify which Claude products and plan tiers are approved for firm use. Consumer plans should be restricted to non-client research only. Maintain a list of approved AI tools and review it quarterly.

2. Data Classification

Define categories of information and which can be used with AI tools:

3. Client Disclosure and Consent

Draft a specific AI disclosure for engagement letters that goes beyond boilerplate language. Opinion 512 requires clients to understand how AI tools will be used in their matter, including what information may be processed by third-party AI services. Keep signed consent forms in the client file.

4. Training and Supervision

All attorneys and staff who use Claude must complete training covering: the difference between consumer and commercial plans, what information may and may not be entered, how to verify output accuracy, and how to report suspected data exposure. Document completion and refresh annually.

5. Incident Response

If confidential client data is inadvertently uploaded to a consumer Claude account:

1. Delete the conversation immediately (removed from backend within 30 days)
2. Document the incident, including what was uploaded and the account type
3. Assess whether the “Help improve Claude” setting was on — if so, data may already be in training pipelines
4. Contact Anthropic support to request data deletion if the setting was on
5. Evaluate notification obligations under your jurisdiction’s rules
6. Review whether client notification is required under Model Rule 1.4

Security Checklists

Print and complete these checklists with your IT administrator or developer. Retain the completed versions as documentation of your “reasonable efforts” under Model Rule 1.6.

Firm-Wide Configuration

• Determined which Claude plan(s) are in use across the firm
• Confirmed that accounts used for client work are on Commercial Terms (Team/Enterprise)
• Verified that “Help improve Claude” training toggle is OFF for all accounts
• Reviewed Anthropic’s Commercial Terms, Privacy Policy, and Data Processing Addendum
• Written AI usage policy is in place and distributed to all personnel
• Client consent language for AI use has been drafted and approved
• AI usage training has been completed by all attorneys and staff
• Incident response procedure for accidental data exposure is documented
• Quarterly review of AI tools and policies is scheduled

Individual Account Settings (Consumer Plans — Non-Client Work Only)

• “Help improve Claude” is toggled OFF in Settings → Privacy
• Memory is OFF (or managed carefully)
• Conversations containing any sensitive content are deleted after use
• No client files have been uploaded to this account
• Two-factor authentication is enabled on the account

Claude Code Configuration

• Verified API key type in use (/config) — commercial key for client-adjacent work
• Created .claudeignore to exclude client files and credentials
• Environment variables and .env files are excluded from Claude Code’s context
• Claude Code is not run in directories containing unrelated client files
• Staff understand that Claude Code sends file contents to Anthropic’s servers

Enterprise Plan Administration

• SSO/SAML is configured with the firm’s identity provider
• SCIM provisioning is active for automated user management
• Custom data retention period is set to align with firm retention policy
• Organization-wide training opt-out is confirmed in admin console
• User feedback settings are configured (review before enabling)
• Data export capabilities have been tested for eDiscovery readiness
• DPA is signed and on file

Resources & References

ABA Ethics Guidance

Anthropic Documentation

Third-Party Analysis