JDAI Consultants
Book Companion · Appendix B

Remediation Triage Checklist

A companion triage checklist distilled from Appendix B of Responsible AI for the Small Law Firm. Five incident categories, first-hour actions, and the decisions that must be made the same day.

Use this in addition to Appendix B, not as a replacement for it. This checklist is triage. The appendix is the full framework.

If You Are Mid-Incident Right Now

Three moves before anything else.

  • Stop. Do not alter, edit, re-save, or reorganize any document related to the matter. The record as it stands is the record that matters.
  • Document. Capture what you found, when, and how. Timestamps, screenshots, and contemporaneous notes made at the moment of discovery are evidence. Reconstructed notes made later are not.
  • Call. If scope is unclear or the incident is active, engage ethics counsel before you act. In Florida, the Florida Bar Ethics Hotline is a resource, subject to its stated exceptions.
Active Incident - Contact JDAI
Scenario Triage

Which incident are you in?

Scenarios ordered from most severe (tightest clock) to out-of-scope. Identify which category fits before acting.

Scenario 1

Hallucinated citation already filed

Same-Day Response

A filing on the record contains a fabricated citation, a citation that stands for a different proposition, or a citation that has been reversed or superseded. Every day without correction compounds exposure under Rule 3.3 (candor) and Rule 8.4(c) (dishonesty).

First-hour actions
  • Pull the filing. Verify every citation on Westlaw, Lexis, or the official reporter.
  • Identify each hallucinated, mis-cited, or superseded authority specifically.
  • Begin drafting a motion to withdraw or correct - not a quiet replacement.
Same-day decisions
  • Court notification via motion to withdraw or correct (Rule 3.3(a)(1)).
  • Client notification of the material change (Rule 1.4).
  • Malpractice carrier notification per policy notice clause.
  • Bar self-report analysis (Rule 8.3) - made with ethics counsel if scope is unclear.
  • Check local court AI disclosure orders (e.g., Fla. 11th & 17th Judicial Circuits).

See: Appendix B, Scenario 1 · Chapter Six (verification protocol) · Appendix D (pull-out verification checklist).

Scenario 2

Confidential information entered into AI without informed consent

High Priority · Week One

Client financial records, medical history, or case facts were entered into a general-purpose AI tool before governance, consent, or data-handling questions were asked. Under Florida Bar Ethics Opinion 24-1 (or your state’s equivalent), Rule 1.6 is already implicated and the path forward is remediation.

First actions
  • Scope: what data, what tool, when, by whom.
  • Check the tool’s data retention, sharing, and training policy as it stood at the time of entry.
  • If vendor use for training or third-party sharing was permitted, treat data as having left your control.
Within the week
  • Written client notification: what, what tool, what date, what terms. Accurate, not minimized, not over-legalized.
  • Going-forward consent in writing - or written confirmation AI will not be used for this matter (see Appendix C, Variant 2).
  • Add the specific gap to the governance policy’s known-gaps list. Close it with a named control.

See: Appendix B, Scenario 2 · Appendix C (engagement letter AI disclosure).

Scenario 3

Unauthorized AI use by staff discovered

High Priority · Supervision Duty Implicated

A paralegal, legal assistant, or other non-lawyer staff member used an AI tool outside the firm’s approved list, or used an approved tool outside the approved workflow. Rule 5.3 supervision duty is already implicated.

Scope assessment
  • What tool, by whom, which matters, over what period, for what tasks.
  • Did the work product reach a client or a court?
  • Did confidential information enter the tool?
Branch rules
  • If confidential info entered an unauthorized tool → apply Scenario 2 for each affected matter.
  • If AI output reached a client or court without attorney review → apply Chapter Six verification protocol retroactively, matter by matter.
  • If the unauthorized use produced a hallucinated citation in a filing → Scenario 1 governs.
Remediation
  • Audit approved tool list against what staff are actually using. Treat each additional unauthorized tool as its own scope item.
  • Retrain every staff member who touches AI on the approved list, verification protocol, and reporting duty. Document acknowledgment in writing.
  • Tighten the governance policy to close the specific failure mode revealed.

See: Appendix B, Scenario 3 · Appendix A (governance policy template).

Scenario 4

Bar inquiry or disciplinary investigation related to AI use

Immediate · Self-Help Ends Here

The state bar has opened an inquiry or investigation that touches AI use. This is not a DIY scenario.

Immediately
  • Engage ethics counsel. Do not respond to the inquiry without ethics counsel engaged.
  • Preserve every record in its original form: the filing, the citations, AI tool outputs, governance policy, training records, verification documentation. Do not edit. Do not rewrite. Do not reorganize.
  • Stop self-helping on this matter. Do not call the Ethics Hotline about the specific inquiry. Do not seek informal advice about the facts under investigation.
  • Ethics counsel handles all communications with the Bar from the moment of engagement.

See: Appendix B, Scenario 4.

Scenario 5 · Out of Scope

Wire fraud or AI-adjacent security incident

Not an AI Governance Incident

Voice cloning, deepfake wire instructions, AI-assisted social engineering, and comparable security incidents belong to cyber liability insurance and IT security response, not AI governance. This appendix is not the playbook for a security incident.

First calls
  • Cyber liability carrier. Most policies require notice within 24-72 hours and maintain an approved panel of forensic and legal vendors - use the panel.
  • IT security vendor or managed service provider.
What not to do first
  • Do not reimage the affected device.
  • Do not reset credentials without a forensic image.
  • Do not communicate with the threat actor directly.

If your firm does not have a security incident response plan, building one is a separate project from AI governance, and it should not wait.

Cross-Cutting Principle 1

Document from the moment of discovery.

What was found, when, by whom, and what was done in response. The documentation of the response is the record that demonstrates reasonable professional conduct. Reconstructed notes are not the same as contemporaneous notes.

Cross-Cutting Principle 2

When scope is unclear, consult before acting.

Proportional response is what the Bar rules require. Proportional response requires knowing the scope. In Florida, the Bar Ethics Hotline is a resource subject to stated exceptions. Using it is evidence of the professional judgment the rules require.

If This Is Active

For firms facing an active AI incident that requires immediate professional guidance, reach out now. Triage conversations move faster than consulting engagements.

Contact JDAI Back to Book Page

This checklist is a condensed reference derived from Appendix B of Responsible AI for the Small Law Firm. It is not legal advice and does not substitute for consultation with ethics counsel or for the full framework in the book.