The Working Guide to AI for Attorneys
AI for attorneys speeds up drafting, review, case law research, and redlining. Learn where it fits, how to spot a real legal tool, and how to adopt it.
AI is already inside legal work. Attorneys draft with it, research with it, and run first-pass document review through it, and the shift is not slowing. Over 75% of the AmLaw 100 and more than 142,000 legal professionals worldwide now work with Harvey, one sign of how fast the ground has moved. What hasn't kept pace is clear thinking about how to use these tools well, and the volume of best-tool lists keeps growing while the harder questions go unanswered.
The debate over whether attorneys should use AI has settled. The open question now is how to use it without compromising the judgment, confidentiality, and candor the profession runs on. That question gets harder as legal technology gets more capable and the marketing gets louder.
The stakes are concrete. Professional-responsibility duties attach the moment an attorney puts AI to work on client matters, and courts have sanctioned lawyers who filed briefs built on AI-invented citations. The difference between a tool that helps and one that creates exposure comes down to how its output is grounded and how carefully it gets checked. This article covers what AI does in legal work, how to distinguish purpose-built legal AI from general chatbots, the duties governing its use, and how firms of any size can adopt it effectively.
Legal AI Tools and the Quality Gap
AI for attorneys is software that uses large language models to research case law, draft and review documents, and analyze legal material. The useful distinction for a firm is between tools built for legal work, which ground answers in verifiable sources and protect client data, and general chatbots with a legal interface.
Underneath that definition, the work is familiar. These tools find and summarize case law, draft first versions of contracts and memos, review documents for risks and key terms, and pull answers out of long records. The demand for that help is settled.
The quality question is wide open. Two products can carry the same legal AI label and behave nothing alike once a real matter is in front of them. The difference usually comes down to grounding. The tools that hold up tie their answers to sources an attorney can open and check, and the ones that stumble are general models with a legal interface and nothing verifiable underneath.
So the purchase turns into a harder question. The measure that matters is how well a given tool does your firm's work, and that answer depends on the size of the firm buying it. A small firm and a large one make different bets with the same dollars, and the rest of this guide treats them as the different decisions they are.
The Attorney-Grade AI Standard for Law Firms
A standard turns a fuzzy question into a checklist. Five marks separate attorney-grade AI from software that only looks the part, and each one gives you something concrete to test.
Citation grounding
An attorney-grade tool ties every substantive answer to a verifiable source and shows the passage it drew from, so checking the output takes seconds. The red flag is confident prose with no citations or links that don't resolve when you click them. A tool that can't show its sources hands the whole checking burden back to you.
Security built for privileged data
Client information stays isolated per matter, never trains the underlying model, and sits behind enterprise access controls. The red flag is a phrase such as "bank-level security" with no details underneath. Ask where the data lives, whether it trains the model, and how long it's kept, and expect precise answers.
Trained on legal material
A model shaped on statutes, case law, and real legal documents reads a brief or a contract with context that a general model lacks. The red flag is a provider that can't say what the tool was trained on or grounded on. Vague answers here usually point to a general model with a thin legal wrapper.
Fit with existing software
Work should happen where it already does, inside your document store, your email, and your word processor, without copying text into a separate window. The red flag is a tool that lives on its own island and asks attorneys to change how they work to suit it. Friction that small kills adoption quietly.
Verification support
The tool should make checking fast, link straight to the source behind each claim, and record what it produced and who reviewed it. The red flag is output you can't trace and can't audit. Above every mark sits one rule the standard can't soften. A qualified lawyer must review AI-generated output before anyone relies on it, and no score removes that duty.
Where Firm Size Changes the AI Buying Decision
The five marks stay constant. What changes from one firm to the next is which mark carries the most weight and what the firm can afford to trade for it.
Small firms trade breadth of features for speed and low cost, and they can decide alone, in a week, without a committee. Large firms trade speed for governance, security review, and integration across practice groups, because scale raises the stakes on every mark at once. A misfire at a solo practice costs one attorney some wasted hours. The same misfire at a 300-lawyer firm repeats across hundreds of matters before anyone catches it.
Get the weighting right, and the choice gets simpler, because you stop grading a tool on marks that don't matter for a firm your size. The two sections that follow give the details, one for small and solo firms, one for midsize and large.
What Small and Solo Law Firms Should Look For in AI
For a small or solo firm, the decision comes down to cost, simplicity, and whether client data stays private. You can move on it this week, because the choice is yours and no one else's.
Look for pricing a small budget can absorb and predict, usually a flat per-seat plan with no surprise usage charges. Look for a fast setup that doesn't need dedicated IT staff to stand up. Look for a tool that keeps client data isolated and out of model training, and support you can reach without an internal help desk. A small firm has no room for legal software that takes a quarter to configure.
The advantage a small firm holds is real. AI closes part of the resource gap that used to decide which matters a small practice could take, letting a lean team run legal document review and research that once demanded headcount the firm didn't have. Work that would have gone to a larger competitor or gone undone becomes work a small firm can handle.
The constraint is where to spend attention. A small firm carries the checking time itself, on the owner's own billable hours, so citation grounding and verification support matter more here than any long feature list. This is the verification tax, the hours you pay back by hand when a tool produces confident text with no sources. A cheap tool that grounds nothing can cost more in rechecking than a grounded tool that costs a little more up front.
Test any tool the way you'll use it. Pull three or four of your own closed matters, the ones where you already know the right answer, and ask the tool the questions those matters turned on. Then drive it yourself on a messy real task the provider didn't hand you. A tool that misses on work you know cold will miss on the unfamiliar work too.
What Midsize and Large Law Firms Should Look For in AI
For a midsize or large firm, the decision turns on security, governance, and how well a tool integrates with the software attorneys already use. A mistake here propagates. It repeats across hundreds of matters and hundreds of lawyers before it surfaces.
Look for enterprise access controls and matter-level isolation that keep one client's data walled off from another's. Look for data-retention answers precise enough for a security team to accept in writing. Look for integration with your document store, email, and word processor, as well as an audit trail of what the tool produced and who reviewed it. Look for training that can reach many attorneys at once without stalling the work in front of them.
Standing this up takes real work. Security and information-security reviews, conflict handling at scale, and firm-wide adoption all require effort, and the buy has to account for them from the start. The firms that choose well name an owner for the effort and fund it as a real program with a budget and a timeline.
Test at scale, with the right people in the room. Run a structured pilot with IT, information security, and risk at the table. Get every security answer in writing, and put each tool through the same closed-matter test across your practice groups to keep the comparison fair. The duty to check doesn't lighten as more people touch the tool. A qualified lawyer still reviews AI-generated output before anyone relies on it.
Watch for the risk you create by doing nothing. When attorneys have no approved tool, they reach for a consumer chatbot on their own, and confidential facts start flowing into software no one vetted. That's shadow AI, and the fix is to give people a sanctioned option good enough that they stop looking elsewhere.
Domain-Specific AI Versus General-Purpose Tools
The line that matters most between tools is whether the output is grounded in sources you can open and check. Everything else follows from that.
A domain-specific legal tool trains on statutes, case law, and real legal documents, so it reads a contract or a brief with context that a general model doesn't carry. It isolates each matter, stores client data behind enterprise controls, and links its claims to verifiable sources. Point a general-purpose tool at the same task, and it starts from a blank slate, produces fluent text, and can't show you where any of it came from. That gap is tolerable for general reading and disqualifying for privileged work. Harvey is one platform built to this standard, grounding its answers in verifiable sources and running on models trained for legal work.
That's one example of the shape to look for. The standard is the point, so hold every tool to the same five marks and let the scorecard settle the comparison.
How to Build an Adoption Plan That Works
Before shopping for any tool, define the workflows worth automating, since legal workflow automation only pays off where the need is real. A firm that has named the tasks it wants to speed up, such as first-pass review, case law research, contract intelligence, and contract markup, buys against a real need. That focus skips the tools that solve problems it doesn't have.
From there, judge each tool against the same criteria. Confirm the grounding; the answers link to sources you can open. Confirm the security posture, the certifications, and the data-training policy, and get the answers in writing. Confirm the tool integrates with the software your firm already uses, such as Microsoft 365 and iManage, so attorneys can work where they always have.
Then scope a pilot. Pick one or two high-volume workflows, run the tool on real matters for a fixed window, and measure the result against how the work went without it. Train the people who'll use it, because a tool no one learns well is expensive at any price. Write down the governance, who may use the tool, for what, and how output gets reviewed, so the rules don't live only in one person's head.
Measure the return on one task before you commit to more, because law firm productivity gains are easiest to prove one workflow at a time. Take a first-pass contract review or a research memo, time it with the tool and without across a handful of matters, and set the hours saved against the annual price. If the gain isn't obvious, the tool is wrong for your firm, or the task is the wrong place to start.
Legal AI Worth Trusting as Tasks Grow More Complex
The tools are moving toward agentic work. AI agents for legal work now carry out a task through many steps with limited prompting and return something close to finished. Supervising a tool that completed a 10-step process is harder than checking a single draft, because you have to trust the grounding and the audit trail underneath the whole chain. That raises the stakes on buying to a standard for a firm of any size.
The right weighting still depends on the firm. A solo attorney will keep weighing cost and simplicity, and a large firm will keep weighing security and governance. Both will lean harder on grounding and verification as the tools take on more of the work. The standard holds as the tools change because it measures what doesn't.
Every mark in this guide points the same way. The legal AI worth buying grounds its answers, protects privileged data, and fits the work your attorneys already do. Harvey was built to meet that standard on all five marks, and the way to know is to hold it to the same checklist on your own matters. See where it lands, and request a demo.
Frequently Asked Questions About AI
Is AI safe to use for confidential client work?
Yes, with the right tool and the right habits. A tool built for legal work isolates each matter, keeps client data out of model training, and holds it behind enterprise access controls. Confirm those protections in writing before you trust any tool with privileged client material.
Does using AI to draft or research violate any ethics rules?
Using AI is permitted, and it doesn't change a lawyer's duties. The ABA's Formal Opinion 512 addresses obligations of competence, confidentiality, and candor when lawyers use these tools, and courts have sanctioned lawyers who filed AI-invented citations. You stay responsible for verifying every output before relying on it.
Can AI replace attorneys?
No. AI speeds the parts of legal work that are repeatable, such as first-pass review, research, and drafting, while the judgment, strategy, and accountability stay with the lawyer. The attorney stays responsible for the work, and the tool carries none of that duty. AI removes friction from legal work, and the lawyer stays at the center of it.
What separates legal AI from a general chatbot?
Three things. Legal AI trains on statutes, case law, and real legal documents, so it reads legal text with context a general model lacks. It grounds its answers in verifiable sources you can open and check. It isolates client data per matter and keeps it out of model training. A general chatbot does none of these reliably.
How should a firm start using AI?
Start narrow. Pick one high-volume workflow, such as first-pass contract review, case law research, or legal drafting, and choose a tool that grounds its answers and keeps client data private. Run it on real matters for a few weeks, confirm the security answers in writing, and measure the time saved before widening its use. Small steps that prove out beat a broad rollout no one asked for.





