Team or Enterprise for the Confidential Stuff?
There’s real hesitation in law firms around running regulated client work through Claude’s Team plan. Team costs less and reads like the smaller, lighter option, so the worry is that the protections a firm needs for confidential matters, the ones that keep confidentiality and privilege intact, must sit higher up, on Enterprise.
When you look at what each plan does and doesn’t do for client data, that assumption mostly doesn’t hold.
The protections that matter for client data are the same on both, and the places where Enterprise pulls ahead are narrower than they sound.
So it’s useful to know the few situations that genuinely require Enterprise, and recognising that everything outside them runs fine on Team.
What Actually Keeps Client Data Safe
Your firm already trusts software with client data every day. Outlook keeps privileged correspondence, SharePoint keeps matter files, your DMS and PMS hold confidential material. None of those are breaches, they’re vendor relationships running under specific protections, and Claude is the same kind of relationship. The only real question is whether those protections are actually in place.
For a law firm they come down to five.
Encryption, so the data is scrambled in transit and at rest.
Access controls, so the firm decides who logs in and which connectors reach which sources.
The Data Processing Agreement, the binding contract that keeps your inputs out of training, out of other customers’ hands, and under a defined retention window.
Admin visibility, so the firm holds a record of who used the tool and how.
And Anthropic acting as a processor under your direction rather than an outside party using your data for its own ends - the piece that folds the vendor into the client relationship instead of leaving it on the outside.
On all five, Team and Enterprise are identical.
You don’t have to blindly trust Anthropic on this. You can see which compliance certifications each plan carries, audited by outside auditors, and you can pull it up yourself at trust.anthropic.com.
Team meets the same bar as Enterprise on five of the six that bear on client work - SOC 2, ISO 27001, ISO 42001, CSA STAR, and NIST 800-171, and the only row where Enterprise wins is HIPAA.
On the question partners raise first, whether Anthropic trains on your data, the answer is no on both plans, written into the same Commercial Terms that govern each.
When Enterprise Plan is the Right Call
There are real situations where a boutique should be on Enterprise:
A matter touches Protected Health Information, and you need the BAA that HIPAA requires. Team can’t sign it.
A client has written EU data residency into the engagement, or the data type itself is under EU localisation rules.
A client has demanded zero data retention from your vendors in writing - Team’s 30-day default won’t meet that.
A client requires custom contractual terms from your vendors that Anthropic’s standard agreement can’t be edited to match.
A client wants audit-grade evidence flowing through their own security stack, the kind the Enterprise Compliance API is built for.
Each one is a yes or no question, and each one is usually driven by a specific client rather than by AI itself. The same client would likely ask the same of your DMS and email vendors.
If none of them is a yes today, Team is the right plan. The pattern I’d suggest is to start on Team and move the day one of those becomes real, rather than overbuying for a future you can’t yet see.
How do They Compare on Cost?
Both plans start from the same base, around $20 per seat a month on annual billing, but there’s a big difference in what you get for that price.
Team gives each seat a fixed usage budget and a predictable monthly bill. Most lawyers stay well inside it on ordinary drafting and review, and for the “power user” who lives in Claude all day there’s a heavier seat with more headroom. You can mix the two across the firm and still know your number at the start of the month.
Enterprise drops the fixed budget and charges actual usage on top of the base, billed by what your team consumes. Now, for a firm doing normal client work at modest volumes, that generally means higher cost than Team’s per seat price, and less predictably. So on cost as much as on compliance, Enterprise earns its place when one of those earlier triggers makes it necessary, not before.
When is Team Enough?
If none of these 5 situations apply to you, Team is perfectly fine. And that is where most law firms sit. No PHI in the matters, no client-mandated residency, ZDR, or custom terms, no demand to feed audit data into a client’s own security stack. On everything that carries confidentiality and privilege, you’ve already seen the two plans match, so staying on Team costs you nothing on the protections that count.
What “enough” assumes is a plan you’ve set up, not one you’ve only paid for. Encryption and the DPA apply on their own. The rest are decisions the firm makes once: which connectors are live and who can authorise a new one, who gets access, and whether the 30-day retention window fits your records duty or needs an export to your DMS. They’re the same calls you already made for SharePoint and your PMS, and once they’re made, Team carries ordinary boutique client work.
Legal AI in Action
🎬 Is Claude Team Safe for Client Data? The Honest Answer
The compliance matrix Anthropic publishes on its own trust center, where Team and Enterprise actually differ once you strip out everything that doesn’t touch client work, the five situations that genuinely force a firm onto Enterprise, and a selfcheck to settle whether your firm needs it or Team already covers you.
🎙 The Math That Breaks the Billable Hour
Kaichen Xu spent two decades as a BigLaw partner across O’Melveny, DLA Piper and Bird & Bird, then as a unicorn’s general counsel and a legal-tech founder, and now runs AI Lawyer Lab, where he helps firms build semi-automated practices at least twice as efficient as the manual versions. We talked through why this AI wave finally reaches legal work when earlier ones didn’t, the 30 to 50% automation threshold where a fixed fee beats the billable hour, why redesigning a whole workflow beats automating tasks one at a time, and why he tells firms to run a pilot practice rather than pilot projects.
Coming up!
🎙 Next Tuesday at 2pm CET!
Next week’s guests on Rok’s Legal AI Conversations is Oscar Octavio Hinojosa Guerra, founder of HAA Legal, a Mexican corporate, real estate and patrimony boutique he started 21 years ago. Over 31 years of practice he’s turned that traditional firm into one now listed on the AI Firm Index.
We discuss how he encoded three decades of his own judgment into an operating system of 19 agents without writing a single line of code, the adversarial agent built to tear every draft apart before it reaches him, and why an established boutique’s experience is leverage the built-from-scratch AI-native firms can’t buy.
Each edition of Legal AI Brief brings practical lessons from firms using AI safely.