Lifecycle orchestration and shadow-AI audit for legal services.

Why this matters for Legal Services

How does Tenet preserve privilege during former-attorney access revocation?

Law firms and in-house legal teams have unique exposure: privilege preservation requires matter-specific access revocation, bar association ethics rules around data handling carry professional liability, and client outside-counsel guidelines increasingly require attested former-employee access controls. Meanwhile lawyers and paralegals are adopting AI legal research and AI drafting tools faster than ethics opinions can keep up.

SaaS per employee

20–35 apps/employee, with firm-wide matter-management overlay

Key regulatory pressure

State bar ethics rules on data handling, client outside-counsel guidelines, ABA Model Rule 1.6(c), cyber-insurance policy requirements, GDPR for firms with EU practices.

Shadow-AI angle

Lexis, Westlaw, Casetext, Harvey, and a dozen general-purpose LLMs are all in regular use by attorneys. When an attorney leaves, the trail of which matter data was exposed to which AI tool — and whether any is retained by the vendor — is frequently incomplete. Tenet makes this queryable.

Executive summary

What do client outside-counsel guidelines now expect from the former-employee audit trail?

Law firms and corporate legal departments at 500-5,000 employees operate under a legal-industry-specific lifecycle mental model that differs from any other vertical. Privilege preservation requires matter-specific access revocation — not firm-wide. Client outside-counsel guidelines (from Fortune 500 and regulated-industry clients) increasingly require attested former-attorney access controls with specific SLA and evidence requirements. ABA Model Rule 1.6(c) imposes a duty to make reasonable efforts to prevent unauthorized disclosure, and state bar ethics opinions (most prominently Formal Opinion 498 from the ABA Standing Committee on Ethics and Professional Responsibility on virtual law practice) have pushed toward more explicit information-security expectations.

Meanwhile, the legal-AI landscape has exploded in 2023-2026. Harvey, Casetext CoCounsel, Lexis+ AI, Westlaw Edge with AI, Thomson Reuters CoCounsel, and a dozen general-purpose LLMs (Claude, ChatGPT, Gemini) are all in regular use by attorneys and paralegals. The bar ethics opinions on AI use (CA Opinion 2023-201, FL 24-1, NYC Bar 2024-5, TX Opinion 705) are catching up, with most states now requiring attorneys to understand the technology and supervise its use. When an attorney leaves, the question 'which matter data was exposed to which AI tool, and is any retained at the vendor' is frequently unanswerable — creating malpractice exposure and cyber-insurance policy scrutiny. Tenet is built for this matter-level, privilege-preserving, AI-aware legal lifecycle reality.

Representative stack

How does Tenet track which legal AI tools touched which matter data?

Tenet plugs into the stack most legal services companies at 500–5,000 employees already run. You don’t switch HRIS. You don’t switch IAM. Tenet becomes the orchestration layer between them and the long tail of SaaS and AI tools where the audit evidence used to disappear.

• Paylocity / BambooHR (HRIS)
• Okta (IAM)
• iManage / NetDocuments (DMS)
• Microsoft 365 + Teams
• Salesforce / HighQ / Clio
• Legal AI tools (Harvey, Casetext, Lexis+ AI)

Use cases

How does Tenet enforce ethics walls for lateral-hire attorneys?

Implementation playbook

What does bar ethics compliance look like when attorneys use Harvey, Casetext, and Lexis+ AI?

Most legal services deployments complete the 4-phase playbook in 28 days. Accelerated deployments (14-21 days) are available for teams with pre-approved service accounts and existing Okta / HRIS investments.

1. Phase 1 · Week 1

   Connect

   Activities

   Service accounts for Paylocity or BambooHR HRIS, Okta IAM, iManage or NetDocuments DMS, Microsoft 365, Salesforce or HighQ or Clio (practice management), time-tracking platform, and legal AI tools (Harvey, Casetext, Lexis+ AI). CISO + Managing Partner + General Counsel approve scopes.

   Artifacts produced

   Integration scope matrix · Matter-level access baseline · Initial AI-tool inventory

2. Phase 2 · Week 2

   Baseline

   Activities

   Baseline audit: orphan matter access on departed attorneys, ethics wall compliance check, shadow-AI inventory across practice groups. Ethics violations (if any) flagged for General Counsel review. Orphan cleanup in dry-run with Managing Partner approval, then committed.

   Artifacts produced

   Matter-aware baseline audit · Ethics wall compliance report · Shadow-AI registry

3. Phase 3 · Week 3

   Activate

   Activities

   Attorney termination with matter-level revocation live. Matter closure automation live. Lateral-hire ethics wall enforcement live. Summer associate / contract attorney lifecycle live. Scheduled access reviews prepared for next bar compliance cycle or client audit.

   Artifacts produced

   Live termination automation · Matter closure receipt · Ethics wall enforcement receipt

4. Phase 4 · Week 4

   Audit-ready

   Activities

   First outside-counsel-guideline attestation dry-run for top-3 enterprise clients. First CCPA / CPRA DSAR dry-run. First bar ethics compliance report dry-run. General Counsel presents audit readiness to Managing Partner and Executive Committee.

   Artifacts produced

   Client attestation artifacts · DSAR artifact · Bar ethics report · Executive Committee briefing

Regulatory deep dive

How does Tenet support cyber-insurance renewal diligence for law firms?

Legal services at 500-5,000 employees operates under a primarily ethics-rule and client-contract-driven regulatory stack, distinct from the government-regulator-driven stack of fintech or healthtech. The American Bar Association Model Rule 1.6(c) imposes a duty on lawyers to make reasonable efforts to prevent inadvertent or unauthorized disclosure of client information. ABA Formal Opinion 477R (on lawyer cybersecurity) clarified that reasonable efforts include information-security-program maintenance. ABA Formal Opinion 498 (virtual law practice) further codified expectations.

State bar ethics opinions on AI use are rapidly developing. California State Bar Opinion 2023-201, Florida Bar Opinion 24-1, New York City Bar Opinion 2024-5, Texas Center for Legal Ethics Opinion 705, and similar opinions in 12+ states now require attorneys using generative AI to understand the technology, supervise its use, preserve client confidentiality (the BAA / DPA status with the AI vendor is often the operative question), and disclose use to clients where material. Tenet's shadow-AI registry captures the vendor posture per tool and the per-attorney usage pattern, supporting the bar-ethics-compliant documentation the 2023-2026 opinions expect.

Client outside-counsel guidelines from Fortune 500 clients, regulated-industry clients, and government clients routinely include specific cybersecurity requirements. The ACC (Association of Corporate Counsel) Model Cyber Risk Management Guidelines (2023 edition) have become the de-facto baseline for outside-counsel-guideline expectations. Specific clauses include former-attorney access revocation within specified SLA (24-72 hours), attestation of access controls, AI-tool inventory on request, and incident response cooperation. Tenet's matter-level lifecycle satisfies the revocation SLA; the per-client audit extract satisfies the attestation clause; the shadow-AI registry satisfies the AI-tool inventory clause.

Cyber-insurance carriers have tightened underwriting requirements on law firms in 2023-2026. Specific policy clauses now include access-control program certification, former-employee revocation attestation, and AI-tool governance evidence. Premium differentials of 20-40% between firms with mature lifecycle tools and firms with Google-sheet offboarding have become standard. Tenet's audit evidence is increasingly accepted as primary documentation in cyber-insurance renewal cycles.

State privacy laws (California CCPA / CPRA, Virginia CDPA, Colorado, Connecticut CTDPA, Texas TDPSA, Oregon OCPA) apply to law firms handling resident data. The 45-day DSAR window includes former attorneys and, for firms that process client personal data in a processor capacity, former client data as well. Tenet's per-subject export is matter-aware and client-aware, handling the citizen-request format without cross-matter confidentiality leakage.

For firms with European practices, GDPR applies. Article 17 (right to erasure), Article 28 (processor obligations), and Article 32 (security of processing) all impose duties that Tenet's lifecycle and audit supports.

Pricing context

What pricing looks like for legal services at buyer scale

At 1,000 attorneys plus staff in legal services (approx. 1,400-1,800 total employees), Tenet pricing typically lands $48,000-72,000 annual for the matter-aware lifecycle + shadow-AI + outside-counsel-guideline attestation stack. Competing enterprise IGA + legal-AI-governance combinations typically run $250,000-500,000 annual at the same scale. Most law firms justify the ACV against cyber-insurance premium reduction (often 20-40% year-one) and against single-client-contract-compliance incident avoidance. Managing Partner and General Counsel co-fund in most firms.

Frequently asked — Legal Services

What legal services buyers ask before signing

Does Tenet respect matter-specific access boundaries in iManage and NetDocuments?

Yes — Tenet reads matter-level access metadata from iManage and NetDocuments and revokes former-attorney access at the matter boundary rather than the document-management-system boundary, preserving the privilege-relevant distinctions that a firm-wide revocation would destroy. The audit trail per matter is queryable for client-requested attestations under outside-counsel guidelines.

How does Tenet enforce ethics walls for lateral hires with adverse-side conflicts?

Tenet's access policy engine enforces ethics walls at the DMS matter boundary. When a lateral is hired with adverse-side conflicts, Tenet enforces that the attorney cannot access the conflict-matter files and produces the audit trail showing no unauthorized access. This supports bar-ethics-investigator review and opposing-side disqualification-motion defense.

Does Tenet cover legal-AI tools like Harvey, Casetext, and Lexis+ AI?

Yes. Tenet's shadow-AI registry covers Harvey, Casetext CoCounsel, Lexis+ AI, Westlaw Edge with AI, Thomson Reuters CoCounsel, and general-purpose LLMs. For each tool, the BAA / DPA status, data-residency posture, retention policy, and per-attorney / per-matter usage are captured. This supports outside-counsel-guideline attestation and bar ethics opinion compliance.

Can Tenet support our outside-counsel-guideline attestation to enterprise clients?

Yes. Tenet produces the per-client attestation artifact naming every terminated employee (attorney, paralegal, staff) who had access to the client's matter data, the revocation timestamp, the policy basis, and the residual-flag status. The artifact is exportable in PDF and JSON for direct submission to the client's legal operations or vendor security team.

How does Tenet handle summer associate and contract attorney lifecycles?

Per-contract lifecycle — grant access at start, enforce matter scope, revoke at end. The AI-tool access granted for the engagement revokes with the rest. The per-subject trail supports the firm's annual bar-association compliance questionnaire and cyber-insurance renewal diligence.

Is Tenet's audit acceptable in cyber-insurance renewal underwriting for law firms?

Yes. Cyber-insurance carriers increasingly accept Tenet's audit evidence as primary documentation for the access-control and former-employee-revocation components of renewal underwriting. The premium differential between Tenet-equipped firms and spreadsheet-offboarding firms is 20-40% in the 2025-2026 renewal market.

How is Tenet different from Stitchflow?

Tenet is built for the 500-5,000 employee mid-market with shadow-AI discovery and state-privacy audit trails as first-class capabilities, priced for dept-head purchase ($500-2,000/mo entry), while Stitchflow is moving upmarket with an IT-first UX and enterprise pricing. Both orchestrate SaaS lifecycle across HRIS and IAM, but Tenet's spine is the audit line — every provision, revocation, and shadow-AI tool detection produces a record a state-privacy regulator can read, and VP People + CISO share one view instead of Stitchflow's IT-centric console.

What is the smallest company that actually needs Tenet?

Roughly 100 employees with more than 20 SaaS apps per person, or any company where an employee departure triggers a manual checklist across more than 5 systems. Below that threshold, spreadsheets still scale. Above it, the probability of a 90-day-old ghost account rises sharply, and that single ghost account is the fact pattern every state-privacy and EU AI Act audit begins with.

Does Tenet work with my HRIS — Rippling, BambooHR, Workday, or Gusto?

Yes, Tenet reads lifecycle events from Rippling, BambooHR, Workday, and Gusto at launch, with ADP, Deel, Justworks, and UKG on the 2026 roadmap. Tenet is designed as the unbundled orchestration layer that sits above your HRIS — you do not switch HRIS to adopt Tenet, and Tenet never tries to replace payroll, benefits, or time tracking. HRIS stays your system of record for people; Tenet becomes your system of record for what those people can access.

How does Tenet's shadow-AI audit trail satisfy EU AI Act and state privacy law requirements?

Tenet records every shadow-AI tool discovered in employee workflows, every provisioning and revocation event, and every policy decision as an immutable audit entry in a format that exports to the evidence templates expected under EU AI Act (effective August 2026), ISO 42001, NIST AI RMF, and state privacy laws including CCPA-CT and CPRA. The audit format is citizen-request-ready — when a former employee exercises access or deletion rights, Tenet produces the per-subject trail in minutes instead of the week most orgs currently budget. Regulated customers can also export to their existing GRC tooling (Vanta, Drata, Secureframe) via webhook.