Monthly Archives: December 2014

Steps to Take When Your Sensitive Data is Breached

Roughly 267 million records were exposed during data breaches just in 2012 alone, the global information services organization Experian estimates. With numbers like these, most businesses find that it’s not a matter of “if” their data will be breached, but “when” it’s going to happen.

With data breaches becoming such a common problem for people and businesses alike, occurring roughly eight million times each month according to IBM, it’s important to know the steps to take once you become aware a data breach has occurred in order to properly protect your business, your reputation and your financial interests.

Create a Data Breach Action Plan

It’s necessary now, before breaches occur, to create an action plan to follow when they do occur. These are a few of the steps small business owners should include in any response plans involving data breaches.

  • Discover and investigate the breach internally.
  • Contact law enforcement officers if this is a case where that might apply (hacking is a crime).
  • Notify financial institutions you do business with. Change account numbers or close accounts as appropriate.
  • Engage the services of professionals to assist with the investigation as well as the potential fallout for your business. This may include computer forensic investigation firms, data recovery specialists, law firms, crisis management teams and/or PR firms.
  • Notify customers and employees who have been directly affected by the breach and purchase identify theft protection services for those who were affected. Many states have laws regarding notifications involving data breaches. Make sure you know the law in your state so that you’re in compliance.
  • Get ahead of the breach in the media. It’s best to be proactive with statements regarding the breach, so that you control the narrative. This protect you from the need to do damage control after someone else goes public with their version of events first.
  • Keep those who were affected by the breach up to date about what’s going on through notifications in the mail or via email. Give customers and employees details, facts and information about what’s going on and steps they can take to protect themselves.
  • Respond to questions and inquiries. Transparency dispels thoughts that you are trying to hide things from a concerned public. For small businesses this may involve hiring someone to field calls and calm concerns.

The key is to stay on top of things from start to finish. How you deal with the fallout says a lot about you as a business and will determine whether or not your customers choose to ride out the storm with you.

Be on the lookout for our next data breach article in the series involving data breach notification.

Tax Audit Red Flag – Money Losing Business(es)

Californial Dental CPAThe fifth article in our series about IRS audit red flags focuses on claims about businesses losing money. It’s one thing to have an occasional loss, especially during economic downturns when businesses everywhere are losing money. Rest assured, however, that the IRS knows the current trends of businesses and industries on a local and national level. If something smells rotten in the state of Denmark, or Small Town, USA, they are sure to do enough digging to get to the bottom of the story.

If your dental practice fails to turn a profit for three of the past five years, IRS professionals are going to want more than a little evidence of efforts to turn a profit. It’s a huge red flag to wave and a serious indication that perhaps there are ulterior motives for owning and operating your practice.

And watch out if you claim a business that is really a hobby. The IRS isn’t keen on the idea of taxpayers writing off expenses for their hobby that they label as a “business.”

A start-up business may not make a profit in Year One or perhaps even in Year Two, but when no profit is made in the third year or succeeding years, the IRS will begin to think that this “business” is really a hobby because it is not making money. The IRS offers more insight into the determination of a business or hobby here.

Other things that get extra scrutiny from the IRS for small businesses include putting relatives on the payroll, over-estimating business expenses and using a company car for personal reasons.

In the event that this red flag triggers an audit for you, be sure to keep meticulous financial records. In addition, do other things, such as having business cards and a business license, to demonstrate that you own and operate a real business.

Avoiding these red flags is not always possible, but you can minimize them by giving the IRS fewer flags flying and making your business a less attractive target for their further inspection.

Why Small Businesses Need Agreements in Writing

Small businesses often capitalize on their less formal, more personal, approach to their customers and clients. While there is nothing wrong with this approach in general, it should not extend to business agreements and legal matters. On the contrary, a small business, including dental practices, should insist on reducing all agreements to writing just like their larger counterparts do.

Regardless of what type of small business you own, chances are your customers or clients are drawn to the fact that you are able to provide more personalized attention without the need for them to follow inflexible procedures or go through three different people before they can speak to someone who can help them. The informality of your business, however, should stop there.

Unfortunately, disputes occur in all businesses. Whether it is a dispute with a supplier, an advertiser, a customer, or a landlord, it can-and most likely will-happen at some point in time. When a dispute arises, documentation is the key to settling the dispute. If your dispute ends up in court the law always favors a written agreement over a verbal agreement. Having the agreement in writing to begin with, however, creates an excellent chance that you will be able to resolve the dispute outside of the courtroom.

Many disputes are the result of honest misunderstandings. A smaller percentage of disputes are the result of unscrupulous individuals trying to take advantage of new, potentially naive, small business owners. Either way, having a written agreement that clearly outlines the terms and conditions of your practice with an individual or company ensures that you are prepared to defend yourself should a dispute arise for any reason.

As a small business owner you are likely working with a very tight budget and are therefore hesitant to spend money on legal fees charged to draft agreements. While this is certainly understandable, you should look at written agreements as a type of insurance. A relatively small outlay of funds now will protect you from a much greater expense down the road. If a dispute arises and you have no written agreement to back up your position there is a much higher probability that the dispute will turn into a lawsuit. A lawsuit, in turn, will require you to hire an attorney. Your attorney fees to defend a lawsuit will be substantially higher than they would have been to draft a written agreement that could have prevented the lawsuit.

You have undoubtedly worked hard to get your dental practice off the ground. By insisting on written agreements in all of your transactions you are helping to protect your investment and ensuring the future success of your business.