On May 12, Anthropic released more than 20 integrations connecting Claude directly to the software that law firms run on. iManage. NetDocuments. Relativity. Everlaw. DocuSign. Thomson Reuters CoCounsel. Twelve practice-area plugins covering litigation, corporate, employment, IP, and more.

This isn’t a chatbot you paste documents into. This is an AI that can reach into your document management system, your eDiscovery platform, and your billing software with live access to your data.

That’s a different animal entirely.

What actually shipped

The integrations use something called MCP (Model Context Protocol) connectors. In plain terms: Claude can now talk directly to the applications your firm already uses, pull data from them, and take actions within them, all while respecting your existing permissions and ethical walls.

The practice-area plugins are more interesting than they sound. Each one starts with what Anthropic calls a “setup interview” that learns your firm’s specific playbooks, escalation chains, risk calibration, and house style. Then it operates within those parameters. It’s less “generic AI assistant” and more “junior associate who already read the firm’s procedures manual.”

Anthropic also announced that Claude now works across Microsoft Word, Outlook, Excel, and PowerPoint with shared context. A redline done in Word carries over to the cover note in Outlook without re-explaining what you’re working on.

The Thomson Reuters angle

Thomson Reuters built CoCounsel on Claude’s technology. Now Claude can also call CoCounsel as a tool. The foundation model is simultaneously powering the application layer AND competing with it.

This bidirectional relationship is going to reshape legal tech pricing. When the AI platform that your vendor built on can also do the job directly, the vendor’s value proposition narrows to their proprietary data and their workflow packaging. That’s still valuable, but it’s a different conversation than “we’re the only way to get AI-powered legal research.”

Clio, by the way, quietly announced it hit $500 million in annual recurring revenue the same day. The practice management market is consolidating fast around a few dominant platforms, and all of them are racing to embed AI before the AI platforms embed their features.

Why this creates a governance problem

When AI could only see what you manually pasted into a chat window, the worst case was limited. You accidentally shared something sensitive, you realized it, you stopped.

When AI has persistent, credentialed access to your entire document repository, the risk profile changes completely:

Ethical walls. If Claude can see all matters in your DMS, how do you ensure it doesn’t surface information across conflicted representations? Anthropic says they preserve existing permissions, but who verifies that on an ongoing basis?
Data boundaries. These integrations connect to cloud-hosted platforms. Where does your client data go during processing? What gets logged? What’s retained?
Privilege and work product. After Heppner, courts are looking at whether AI-processed legal work retains privilege protection. Enterprise deployments with contractual protections are “materially different” from consumer AI, but someone has to set up and maintain those contractual protections.
Audit trails. When a human associate reviews a document, there’s a record. When Claude reviews 500 documents through an MCP connector, who’s logging what it accessed, what it concluded, and whether those conclusions were verified?
Shadow integrations. Most organizations with competent IT management require admin approval for OAuth consent grants, which blocks users from authorizing third-party apps on their own. But “most” isn’t “all,” and not every firm has that control in place. If yours doesn’t, an attorney could authorize a Claude integration without anyone in IT knowing about it.

What your firm should be doing

If you’re a firm that’s already using AI tools (or suspects employees are using them without permission), this announcement changes the urgency level:

Inventory what’s connected. Check your Microsoft 365 admin center for OAuth consent grants. Check your DMS admin panel for API connections. Know what has access to what.

Revisit your AI acceptable use policy. A policy that says “don’t paste client data into ChatGPT” doesn’t cover the scenario where Claude has live access to your DMS through an authorized integration. The policy needs to address which integrations are approved, who can authorize them, and what oversight applies.

Understand the ethical walls question. If your firm handles conflicted matters (and most do), you need to understand exactly how AI tools respect matter-level permissions before connecting them to your repository.

Decide who owns this. AI governance isn’t a one-time project. It’s an ongoing operational function. Someone needs to be reviewing integration permissions, auditing AI access patterns, and staying current on the competence requirements that state bars are starting to mandate.

So who manages all of this?

A year ago, the question was “is AI good enough to use in legal work?” That’s settled. Thomson Reuters, Clio, Anthropic, and every major legal tech vendor are competing on integration depth and workflow coverage now.

The harder question: who manages the boundaries? The consent grants, the ethical walls, the audit trails, the ongoing verification that permissions are still configured correctly as these tools ship updates every few weeks.

For most small and mid-size firms, that’s going to land on whoever manages their IT environment. And it’s landing faster than most of them expected.