What Lawyers Need To Know About Accepting Credit Card Payments

You should be accepting credit card payments. Clio’s 2015 Legal Trends Report observed a 35% reduction in the time it took to receive payment compared to waiting for a check. You may think that the way you process payments now is just fine so why fix it? Because the way we pay for things have changed. A little over 10 years ago, checks were the biggest form of noncash payments in the US, but in 2007, according to the Federal Reserve, the combination of debit cards, credit cards, and ACH payments overtook checks. Many of your clients are already paying online in other places. Four out of five households with internet access opt to online bank, and this isn’t only millennials– more than 70% of online or mobile bill payers are 35 years of age or older. By not collecting on invoices immediately, you’re effectively extending your client’s credit.

Every credit card processor will provide you with a “payment gateway.” A “payment gateway” is what clients use to submit their credit/debit information. It can be a physical swiper or an electronic form. Which type of account you have then determines where that information from that gateway goes. A merchant account is a one-to-one relationship. It will briefly hold the client’s money and then transfer it to your firm’s bank account. Processors made specifically for attorneys are usually merchant accounts. In fact, some legal-specific credit card processors handle trust accounting, depositing the transaction the correct account right away and only deducting fees from your operating account. Examples of these types of processors include LawPay, LawCharge, and MyCase Payments (only available with the MyCase practice management software).

credit card chart

In 2011, a new type of account came on the market – the aggregator account, making way for all sorts of new processors you may have heard of: PayPal, Stripe, Square, and Authorize.net. Aggregator accounts merge the money from your transaction with the money from transactions of other businesses and then move it to their own merchant account. This process reduces their fees from the credit card companies that they then theoretically pass on to you with lower transaction fees. In my comparison chart, however, you can see that merchant accounts have lower fees per transaction, with LawPay having the lowest published transaction fee (see column M for a test of running a $1K transaction). Double click the image to see all the data in Google Sheets.

If you decide to accept credit card payments, it’s important that you remain PCI compliant by following the PCI guidelines for protecting credit card data: 1. Build and maintain a secure network; 2. Protect cardholder data; 3. Maintain a vulnerability management program; 4. Implement strong access control measures; 5. Regularly monitor and test networks; 6. Maintain an information security policy. Every year you should submit a self-assessment of your compliance to your acquirer bank. To make the process easier on yourself, select a processor that is PCI Compliant on their end as well as yours. LawPay actually includes a free guide and support through the assessment. Other processors are PCI compliant but do not offer the same level of support LawPay does. PayPal Payments Pro actually puts the onus on the merchant in order to take on higher risk merchants. Consider if the benefits of using PayPal Payments Pro outweigh the headache of maintaining PCI Compliance. You can learn more about PCI and take a look at sample self-assessments, check out PCI Security Standards Council’s Document Library: https://www.pcisecuritystandards.org/document_library?document=pci_dss

For more information, see our CLE “Accepting Online Payments Ethically and Securely” at http://bit.ly/2mpiCcB


*Bankruptcy attorneys and debt collectors: be diligent in reading the fine print when selecting a credit card processor. Stripe considers your practice too high risk, but there are plenty that don’t.

Does your Windows computer take forever to start up? Disable unnecessary programs at startup.

Do you avoid shutting down your machine because of how long it will take to get running again? You could have too many programs launching at startup. We often have these programs running in the background all day, slowing us down, even though we only use them for five minutes.


You can determine which programs really must begin at startup and disable those that don’t by pressing Ctrl+Alt+Esc to open the TaskManager, and going to the Startup tab in Windows 10. Right click on the program you want to disable and select “Disable.”

windows 10
If you’re still running Windows 7, open the Start menu, type msconfig, and press enter. The System Configuration window will appear. Select the Start Up tab.

windows 7

After you have unchecked the programs you want to disable, click Apply and then OK.

Saving little bits of time may not seem like much but it can add up to something big, and it’s something you can do right now.


Signature Stamps in PDF documents

Did you know you can insert your signature into a PDF document if you have Adobe Acrobat or Reader DC or Nuance PowerPDF? It takes a few steps to go from a scanned image of your physical signature to an electronic stamp, so first follow these handy steps from LPMT and the Paperless Chase that walk you through the process in Adobe’s products. The process for Nuance’s product is very similar – create a new stamp and upload your transparent signature, then stamp away! The problem is that sometimes the signature doesn’t appear for some who open the document, most often when you are adding it to a fillable PDF form. To remedy that there are a few options.

In Adobe Acrobat DC there are a few ways to ensure the signature stays put:

1.) Once you have applied the signature stamp and saved the document, print the document to PDF. The biggest downside to this method is that any and all hyperlinks will be rendered plain text.

2.) Flatten the file in Adobe. This will only be an option for Adobe Acrobat (not the free Reader) and while the script available for download from this post on the Acrolaw blog by Rick Borstein was written for Acrobat X it will work in DC. Flattening takes the additional layers (comments, stamps, markup, form fields, etc.) and makes them a permanent part of the document. The script is much easier than the instructions, trust me!

In Nuance PowerPDF Advanced try this:

1.) To flatten a document in Nuance PowerPDF go to “Advanced Processing” in the toolbar tab then choose “Flatten File”. A dialog box will appear with options you can toggle on or off via checkboxes. Make sure the checkbox next to “Stamp” is selected and click “ok”. You signature stamp is now a permanent part of the document.

Acrobat DC fill and sign and Nuance PowerPDF’s Sign Document both make it possible to create a self-signed digital ID and customize them to use your transparent signature. This will add additional protections such as locking the document against editing.


Legal Tech #TBT – Special Prince Edition courtesy of Jim Calloway

Prince’s passing has all of us sad, but Director of Management Assistance Program at Oklahoma Bar Association and Legal Services Consultant, Jim Calloway is making us nostalgic with his post, Legal Technology Like It’s 1999. It’s a fond look back at all the law office technology from the year Prince paid tribute to. The more things change, the more things stay the same. Checkout his post here: http://www.lawpracticetipsblog.com/2016/04/legal-technology-like-its-1999.html

Set an Out-of-Office Reply for Better Client Communication

Thanks to modern technology client communication is easier than ever before. It is also a good reason to set realistic communication boundaries with your clients.  If you plan to be out of the office, whether for an extended period at court, at a retreat, or on vacation, you can set reasonable client expectations with help from your out-of-office reply. You can do this in both Microsoft Outlook and Gmail.

To set an out-of-office reply in Microsoft Outlook 2013, click the “File” tab.


You will be brought to the “Info” section by default. On this screen, click “Automatic Replies (Out of Office).”


The “Automatic Replies” box will now appear. Check “Send Automatic Replies,” and specify a set time and date range by selecting the “Only send during this time range” check box. The Automatic Reply will run only until the date you set and you will not have to remember to turn the feature off. Then set the “Start time,” and then set the “End time.”


In the “Inside my organization” tab, type the message that you want to send within your organization (those who share your domain). In the “Outside my organization” tab, type the message that you want to send outside your organization. You can make it the same message if you prefer by copying and pasting.

Click OK.

If you did not select a date range for your message to expire, you will have to go back into File à Info à Automatic Replies (Out of Office) and check the “Do not send automatic replies” option when you return.


For Gmail the process is a bit different. Sign in to Gmail, and click the gear icon in the upper-right corner. A drop-down menu will appear. Select Settings.


On the “General” tab, scroll down to “Vacation responder” and select “Vacation responder on.”

Enter the start day and the last day so that it expires. Unfortunately Gmail does not allow you to specify a time. Enter your subject and body of your message.


If you’ve enabled a personalized signature in your settings, Gmail will automatically append it to the bottom of your vacation response.

Click Save Changes.

While the vacation responder is enabled, you’ll see a yellow banner across the top of any Gmail page, displaying the subject of your vacation response. To stop Gmail from automatically sending the response, click “End Now” within the banner. You can edit the reply by selecting “Vacation Settings” in that same banner.


Out-of-office messages aren’t just for vacations. You can use out-of-office messages to establish working hour boundaries, or simply as an auto-reply to send any information to any in-bound email messages. Also, keep the message brief. There is no reason to provide more detail other than the dates you are away, whether you will be checking email during that time, and an alternate contact at the firm if available. It’s nice to be able to unplug for a little while, and this way your clients don’t feel in the dark.

How To Re-Open a Recently Closed Tab

Have you ever closed out of a browser window you didn’t mean to? Don’t panic. There’s several ways to get back to that page. Internet Explorer 11, Firefox, and Chrome all allow you to retrieve the tab easily. Press Ctrl+Shift+T or right-click on the tab bar and select “Reopen closed tab.” Viola! The page is back open. If you press Ctrl+Shift+T again, it will open the second last closed tab.


Firefox and Chrome also have methods of retrieving closed tabs via their settings menus.


In Chrome, simply click the “hamburger” menu symbol. Near the top, you’ll see the option for “Recent Tabs.” Mouse over that and select the tabs that were recently closed.


Click to enlarge.


In Firefox, it’s only slightly different. Click the “hamburger” menu and then select History (the clock icon). This will pull up a menu that allows you to see and restore the closed tabs.


Click to enlarge.

That’s all there is to it! Never fear a slip of the mouse again.

Employee Empowerment, Your Ticket to Freedom

employee empowermentIt has been said that a sign of a great manager is one who can leave the office, take a vacation and not worry about what’s happening back at HQ. Letting go of our need to control every piece of paper, phone call or email transmission isn’t as easy as it seems. Many of us micro-manage or doubt the abilities of our employees due to bad experiences or having been burned in the past.

Get over it.

Learning to empower the people in your office to do their jobs, improve your business and utilize technology will pay you back tenfold.

Good news. It’s not that complicated.

Empowering employees comes down to one simple principle. Understanding what is most important to an employee and gives them satisfaction, then leveraging that knowledge to reward the employee when they achieve what is most important to you and your business. You hired the people in your office because they have innate qualities that separated them from the rest of the pack. You put them in their role because they are fulfilling the needs of the business, and obviously doing it well enough to stay there. Now all you need to do is groom them to be the leaders, task-masters, and expect the same from their peers. Here are a few ways to encourage and empower your team:

Promote Open Communication

Bosses often say ‘I have an open door policy’ but how many actually live by it?  Making it a point to invite people into your office to talk, saying hello to them as you pass by. Encouraging walk in conversations shows interest in their position and that they do have a voice.

One on One Time

Everyone feels special when they get to go to lunch with the boss, or get called into the office for a one on one meeting. These 30 minute to 1 hour blocks of time can tell you a tremendous amount about that employee’s motivations and overall job satisfaction. Together you’ll also uncover ways to improve operational areas of your business.

Encourage Learning

Lunch & learns, sharing tech tips, guest speakers. Even You Tube videos get the job done. When a team is trained with the skills they need to succeed, not just survive the whole business benefits. Efficiency is your ally, and there’s no better way to become efficient than by utilizing the technology and people you have to their fullest potential.

Accept Mistakes

I don’t think anyone reading this can honestly say they’ve never made a mistakes. They happen, that’s how we learn. Pigeonholing an employee into a cycle of self-doubt and guilt because they are afraid to make a mistake is unhealthy. Know that new employees are going to need some learning room, and existing employees might not have been trained properly, are only partially informed or just need help.

Define Every Role

There’s a difference between saying ‘that’s not my job’ and not actually knowing what your job is. Uncertainty breeds self-doubt and when employees are not confident in their direction they make hesitant decisions, pretty much paralyzing your business.

Equal Accountability

Everyone’s on the same team, working towards the same goals. Actions that do not drive the business forward, or distract others from their ability to do so should be dealt with accordingly. Regardless of position, family ties, or college friendships. Letting one employee slide while others pay the piper for their actions begets resentment and disdain.

Reward Business Wins

You would love a lower office supply bill, maybe a firm-wide discount at a health club, or lower group cell phone rates right? So encourage and reward employees for finding ways to save the business money. You can bonus them with 10% of the amount they save you, or do something as simple as getting to leave early on a Friday afternoon.

Hold Company Meetings

This is the difference between being a business owner, and being a business leader. Holding a company meeting, that isn’t about problems, clients and deadlines but more about goals, improvements and direction builds commitment, vision and unity. Employees want to feel like they are a part of something, something they can help build, contribute to. Without understanding what’s important to you, and your goals for the future, how are they supposed to help you get there? Share, engage, ask for ideas. You’ll be surprised how much feedback you get.

Say Thank You

Last, but never least be grateful for your employees. Honestly and truly grateful. What would happen if Tom, Sarah or Sally walked out on you tomorrow? What kind of situation would you be in? How many times has an employee taken heat from a client outside your door while you got to focus and work? Cookies, a thank you eCard, late starts, early departure. Whatever you can do to show you are paying attention will be the difference between that employee going the extra mile, or looking the other way.

One Closing Anecdotal Tale

A young man, and incredibly hard worker on one of my very first teams started to loose energy and decline performance in his second year with the firm. His attitude was slipping, and I was running from meeting to meeting paying little attention to what was happening. He was my right hand, my fallback, my second brain always making sure I had what I needed, until one morning when he called in sick. That morning, scrambling to collect my thoughts I realized how valuable he was, and how little I had done to find out what was important to him.

That’s the center of every employee puzzle. What is happening and valuable to them in their life. He had called in because he wanted to spend time with his grandfather who didn’t have much time left. Instead of requesting the time off, he took it on his own. Because he wasn’t comfortable approaching me, or was afraid to ask. It was my fault, I wasn’t paying attention to one of the most critical people in my business.

When he returned to the office, we sat down to chat. I asked him what would make the week better for him? Was there anything bothering him about his job, that made him take time without notice? He explained that if he could just have a late arrival two times per week, that would make a world of difference. We talked through timing and hours, informed his teammates, and went back to work. Not only did his performance improve but so did his personal happiness. Translating into a better client experience and quality work product. All because of one simple change.


blue-red-cables-heartAs an attorney you work with sensitive client documents. Whether you entrust those documents to a file cabinet in your office or a cloud service, like Dropbox or Box, the onus is on you to safeguard your client’s information. Using cloud services provides a huge benefit to large and small businesses alike and have been embraced by many attorneys and firms. But when there is a serious security breach like Heartbleed, it’s imperative that you have a basic understanding of what happened, what it means to you, and what it could mean for your clients.

How it works

Heartbleed is the result of a bug in the “OpenSSL” encryption mechanism, which is widely used across the Internet by websites both large and small. This bug has been present on web servers across the Internet for several years. Hackers could have taken advantage of this vulnerability in the past, if they had found it themselves before it was publically announced on April 7th 2014. The bug allows malicious hackers to submit a specific request to a web server that triggers the server to respond with much more information than it should. This additional information could be meaningless letter and numbers or it could be sensitive information from website visitors including usernames and passwords, credit card information, or other sensitive and private data.

What this means to you

It is possible that hackers could have retrieved any information that you have exchanged with a website affected by Heartbleed. The data retrieved would have been in relatively small chunks so it is not likely that complete documents would have been compromised. Hackers would primarily be looking for usernames, passwords, and other personal or financial credentials.

How to protect yourself

  1. Check to see if the websites you use were affected by Heartbleed
    LastPass, a company that offers a secure password service, has a webpage you can use to see if the websites you frequent were, or are, affected by the Heartbleed vulnerability at https://lastpass.com/heartbleed/. Many companies have already sent emails to their customers and/or released public statements. If you have any questions about the security of the websites you use you may also want to reach out to them for comment.

  2. Change your passwords
    As a precaution, even websites known to be unaffected by Heartbleed are recommending that users change their password. When was the last time you changed your passwords? You may want to take this opportunity to change them now and set a reminder on your calendar to change them on a set schedule.

  3. Use a password manager like LastPass
    Since you’re changing your passwords, now is a perfect time to evaluate secure password managers like LastPass, https://lastpass.com/. Services like LastPass help you to:

      • Keep track of all of your passwords across all of the websites you use
      • Make it easy to change and not have to remember all of your passwords
      • Use a different password for every website you use without having to remember each one
      • Encourage you to easily make use of very long and complex passwords


  1. Consider notifying your own clients
    In some cases, you might consider putting your own client’s minds at ease by notifying them that you are aware of Heartbleed and that you’ve checked with your partners and service providers to ensure that their systems are now protected against this vulnerability, especially if you use a secure client portal.

  2. Be vigilant
    Monitor any web service accounts that you have for suspicious activity, such as Dropbox, Box, your bank and credit card accounts. Keep a close eye on them as a precaution and if you notice suspicious activity change your password immediately and notify the company.