When Bad Guys Attack Small to Mid-Sized Businesses: 20 Data Protection Tips

Ruth Binger

By Ruth Binger



A cyber incident will happen to your company. It is not a matter of if, but when. Small businesses make an appealing target because hackers know they don’t spend as much on security as larger businesses and are not as careful.

According to a Towergate Insurance study, 82 percent of small business owners claim that they are not targets for attack because there is nothing worth stealing. However, employee personal data and health information and customer data are always worth stealing. Symantec reports that 43 percent of cyber-attacks worldwide in 2016 were against small businesses with less than 250 workers. In fact, cyber crooks try to rob bank accounts via wire transfers, steal customers’ personal identify information, file fraudulent tax returns, commit Medicare fraud, etc.

IBM estimates that nearly two-thirds of all cyber-attacks hit small to mid-sized businesses. More disturbing, the U.S. National Cyber Security Alliance estimates that about 60 percent of those hit are forced to close six months after an attack. A 2016 Poneman Institute Breach Report advises that the average price a small business has to pay after a cyber attack is about $690,000.

According to the 2017 Verizon Data Breach Investigations Report:

  • 75 percent of the breaches were perpetrated by outsiders (with 51 percent involving organized criminal groups) and the remaining involved internal actors.
  • 62 percent of the breaches involved hacking
  • 81 percent of breaches involving hacking leveraged stolen and/or weak passwords
  • Not surprising, malware installed via malicious email attachments was present in 50 percent of the breaches involving hacking
  • The victims of data breaches are:
    • Financial organizations (24 percent)
    • Health care organizations (15 percent)
    • Public sector entities (12 percent)
    • Retail and accommodations (15 percent)
  • One in 14 users are tricked into following a link or opening an attachment with 25 percent of the users making the same mistake twice

It’s all about the money: Perpetrators of data breaches steal and exploit sensitive data for financial gain. They are opportunistic, using phishing to poke for weak points to use as entry points. Phishing, the most common tool, involves collecting sensitive information like login credentials and credit card information through legitimate-looking but fraudulent websites. Ninety-five percent of phishing attacks led to a breach that was followed by the installation of some sort of malicious software (malware).

Small to mid-sized businesses can take preventive steps to minimize damage. Here are 20 tactics to employ to protect your data. Continue reading »

Observing Corporate Formalities

David A. Zobel

By David A. Zobel



Written by David A. Zobel  with contribution from Jeffrey R. Schmitt

Part 8 of a 12-part series on Legal Considerations for Your Missouri Leasing Business: What You Should Consider Now, Later, and Throughout the Process

It is absolutely critical to keep in mind at all times that your limited liability company or corporation is not an alter ego or simply an extension of yourself. The entity’s bank account cannot be used as your personal bank account, you should not use the entity’s  money to cover personal debts, and, in general, your personal assets should not be relied on to continually cover your entity’s debts. This is true even if you are the sole member or shareholder. The entity is and must be treated as a separate “person” from yourself, with its own assets, activities, and representations.

Keeping that distance is often referred to as observing corporate formalities. Failing to do so can remove the very asset protections that your legal entity was designed to impart. Each business model is different and all necessary formalities cannot be listed for each company, but below are some general guidelines for observing the necessary formalities. Continue reading »

Recent Tax Sale Emphasizes Importance of Periodic Review of Your Entity’s Registered Agent and Contact Information

David A. Zobel

By David A. Zobel



A recent turn of events in a San Francisco neighborhood should prompt you and your entity to confirm that your contact information is up-to-date. As reported by the San Francisco Chronicle, residents of a private street, lined with multi-million dollar homes, recently learned that their street had been purchased by real estate investors at a tax sale after the homeowner’s association failed to pay its annual $14 property tax bill for several decades. The association claimed it was unaware of its tax obligations because the county tax bills were apparently sent to the address of a former accountant who hadn’t worked for the homeowners since the 1980s. The residents have filed a lawsuit seeking to undo the tax sale and while their success in that endeavor is uncertain, two things are certainly true—this was a costly and completely avoidable mistake.

While it is prudent to review all of your entity’s contact information to make sure creditors, vendors, and others can easily and consistently communicate with your entity, there are two specific records that are critically important—the contact information of your registered agent and the mailing address for your local real estate taxes. Continue reading »

The Reptilian Response to Missouri’s New Collateral Source Rule

Katherine M. Flett

By Katherine M. Flett



As discussed in “Statutory Changes in Missouri Lead to Blue Skies Ahead for Insurance Companies Facing Bad Faith Set-Ups and Collateral Source Rule Issues,” Missouri Governor Eric Greitens recently signed Missouri Senate Bill 31 into law bringing needed changes to Missouri’s collateral source rule.

Missouri Senate Bill 31 amended Missouri Revised Statute Section 490.715 to redefine the “value” of medical expenses as equating to the amount actually paid by or on behalf of a plaintiff, rather than the total amount of medical bills, prior to adjustments, contractual discounts, or write-offs.

Although the new amendment does not go into effect until August 28, 2017, one of the responses expected from the plaintiffs’ bar is one that has already been trending: refusing to proffer plaintiffs’ medical bills as evidence. This approach has been considered by some as an expansion of the “reptile approach,” an approach where the plaintiff’s attorney aims to influence the jury’s decision-making by using tactics to activate jurors’ survival instincts with the expectation that the jury will make decisions based on instinct rather than logic and reasoning. Continue reading »

Operational Considerations – Purchasing Real Estate – Loan Documentation

David A. Zobel

By David A. Zobel



Written by David A. Zobel with contribution from James M. Heffner

Part 7 of a 12-part series on Legal Considerations for Your Missouri Leasing Business: What You Should Consider Now, Later, and Throughout the Process

Once you’ve established your legal entity, the next step will be purchase the real estate you wish to lease (or invest in). The type of real estate which will be appropriate for your business will vary depending on a number of factors, including your location, level of investment, and potential tenant base. Not surprisingly, thorough research, inspections, and planning are critical to ensuring success. In this series of posts, we’re outlining several important issues when selecting a property to purchase: title insurance, indenture review, and ensuring appropriate loan documentation.

A Note on Loan Documentation

If you purchase your property with cash, you can skip over this section. However, if you are going to seek a loan from a traditional lender, you will want to make sure the loan is properly documented. This includes, to the extent possible, working with your lender to ensure the business entity (not the members/shareholders) is listed on the loan documents. Ideally, your entity will be listed as the borrower on the promissory note and the grantor of the deed of trust (mortgage) on the property to be acquired by your entity. This helps to distinguish the transaction as one of the business rather than that of the members and shareholders personally. Every lender is different and will have its own lending requirements.

As a side note, it is becoming increasingly common for real estate transactions to involve some form of tax credits as the credits can be critical in ensuring the economic success of a particular deal. The principles above concerning appropriate loan documentation are also applicable to seeking and securing tax credits.

Personal Guarantees and the Lender Exception to Asset Protection

When you seek a loan in the name of your company, the lender may still request the principals of the acquiring entity to personally guarantee the loan. This will be more likely the case with new entities, entities without other assets, and where the debt to equity ratio of the loan to property value is high. A personal guaranty of the principals helps assure the lender that if the company fails to pay the promissory note, the lender can still seek repayment from the individual(s) that caused the company to get the loan. Continue reading »

Statutory Changes in Missouri Lead to Blue Skies Ahead for Insurance Companies Facing Bad Faith Set-Ups and Collateral Source Rule Issues

Laura Gerdes Long

By Laura Gerdes Long



Recent legislation signed by Missouri Governor Eric Greitens is expected to promise procedural relief from bad faith set-ups in Missouri as well as provide clarity regarding the collateral source rule.

New Legislation Affecting Bad Faith Set-Ups

Section 537.065 of the Missouri Revised Statutes allows claimants and insureds to contract to limit recovery to insurance coverage. This statute is unique to Missouri, as no other states have established such a practice by statute. Typically, the insured, while knowing that he will not be held personally responsible, agrees to either settle the claim or to not legally oppose the tort victim’s prosecution of the claim at trial. Post-trial the insurer is limited to disputing only the legal conclusion of whether coverage existed and usually barred from re-litigating any other aspect of the suit. These agreements are often used to pressure the insurance company into providing a defense where there may not be coverage or to pay policy limits on questionable claims.  They are also used as schemes whereby insureds and claimants work in concert to obtain coverage and create inflated damage awards at uncontested bench trials.

Effective August 28, 2017, Missouri House Bills 339 and 714 repeal section 537.065 and enact a new section 537.058, as well as a revised section 537.065 (as signed by Gov. Greitens). The new law will help curb the abuses associated with section 537.065 agreements by allowing insurers to intervene in underlying lawsuits. By participating in the underlying lawsuit, the insurer will be able to present a more accurate picture on liability, damages, and coverage issues. The bills further provide that an insured cannot enter into such a settlement agreement with a claimant if the insurer is providing the insured a defense without reservation, under the reasoning that an insured should not be allowed to enter into an unauthorized settlement agreement if an insurer defends without qualification. When an insurer defends under the policy, the insurer is fulfilling its policy obligations and should expect the insured to comply with its corresponding policy obligations, including the duty to cooperate and refusal to pay provisions.  As such, section 537.065, as amended, adds the following procedural protections: Continue reading »

Operational Considerations – Purchasing Real Estate – Indenture Review

David A. Zobel

By David A. Zobel



Written by David A. Zobel  with contribution from Jeffrey R. Schmitt

Part 6 of a 12-part series on Legal Considerations for Your Missouri Leasing Business: What You Should Consider Now, Later, and Throughout the Process

Once you’ve established your legal entity, the next step will be purchase the real estate you wish to lease (or invest in). The type of real estate which will be appropriate for your business will vary depending on a number of factors, including your location, level of investment, and potential tenant base. Not surprisingly, thorough research, inspections, and planning are critical to ensuring success. In this series of posts, we’re outlining several important issues to consider when purchasing a property: title insurance, indenture review, and ensuring appropriate loan documentation.

Indenture Review

Most title searches will disclose that the property you are purchasing is subject to certain local rules and agreements between neighbors. The terms used for these neighbor agreements will vary depending on the nature of the property. Condominiums are subject to declarations and by-laws while houses are typically subject to neighborhood or subdivision indentures. (For simplicity, we’ll refer to all of these agreements as indentures.) Continue reading »

Operational Considerations – Purchasing Real Estate – Title Insurance

David A. Zobel

By David A. Zobel



Part 5 of a 12-part series by David A. Zobel on Legal Considerations for Your Missouri Leasing Business: What You Should Consider Now, Later, and Throughout the Process

Once you’ve established your legal entity, the next step will be to purchase the real estate you wish to lease (or invest in). The appropriate type of real estate for your business will vary depending on a number of factors, including your location, level of investment, and potential tenant base. Not surprisingly, thorough research, inspections, and planning are critical to ensuring success. In this and the next two posts in this series, we’ll outline several important issues at this juncture: title insurance, indenture review, and ensuring appropriate loan documentation.

Title Insurance

When you purchase real estate you may be purchasing more (and maybe less) than the land and improvements you actually see. The land is likely encumbered by third parties who may have rights (possibly superior to your rights) to your land which could restrict your use and ownership in various ways. Encumbrances can be minor, such as a minimum set-back restrictions simply preventing owners from building up to a property line, but others can be more severe, such as utility or access easements, and even unreleased mortgages and liens – requiring the purchaser to pay up or lose the property. Continue reading »

Your Entity’s Governing Documents

David A. Zobel

By David A. Zobel



Authored by David A. Zobel with contribution from Michael J. McKitrick

Part 4 of a 12-part series on Legal Considerations for Your Missouri Leasing Business: What You Should Consider Now, Later, and Throughout the Process

Simply put, every company should have an agreed-upon, written set of rules identifying how the company is to be run and by whom. The names for these sets of rules vary depending upon the type of entity you have, e.g. operating agreements, partnership agreements, and shareholder agreements, but they are generally known as the company’s governing documents.

Common issues described and controlled by these governing documents include:

  • Ownership structure of the company including the source and amount of owner contributions)
  • Capital contributions and division of profits and losses
  • Roles and restrictions of the owners in managing the company
  • Decision-making process for the company including notice and voting procedures
  • How and where the company’s books and records will be kept
  • Policy regarding transfer of owner interests
  • Dispute resolution
  • Wind up and dissolution of the company

Additionally, if certain owners make special agreements with the company, including arrangements for the company to use an owner’s vehicles, tools, or other personal property, the nature and scope of those arrangements should be stated in a written, signed agreement. This helps avoid confusion as to the extent of company assets and observance of corporate formalities. Continue reading »

Uncertainty Leads to Proposed Easing of Wellness Program Regulations

Laura Gerdes Long

By Laura Gerdes Long



Co-authored by Laura Gerdes Long and Katherine M. Flett

In response to many complaints about the trials and tribulations employers face when initiating a compliant wellness program due to the inconsistent requirements of HIPAA, EEOC, GINA, and the ADA, Congress has taken some corrective steps.  The House of Representatives reintroduced H.R. 1189, and the Senate reintroduced their own version of the bill, S.620.

The stated purpose of H.R. 1189 is to “clarify rules relating to nondiscriminatory employer wellness programs as such programs relate to premium discounts, rebates, or modifications to otherwise applicable cost sharing under group health plans.”  The bill declares that a workplace wellness program, by offering a reward to participants, does not violate the ADA or GINA, as long as the program complies with Public Health Service Act requirements.  These requirements can be found in 42 U.S.C. § 2705(j).

The bill also deems the collection of information about a family member’s manifested disease or disorder not an unlawful acquisition of genetic information with respect to another family member participating in a workplace wellness program. Continue reading »