Navigating Missouri and Federal Cybersecurity Regulations

by Jon Lober | NOC Technology | December 15, 2022

Understanding your business’s legal obligations to protect customer data

missouri and federal cybersecurity regulations

As a business owner in Missouri, you have legal obligations to protect the sensitive data of your customers and employees. These obligations are set forth in Missouri state and federal law, and failure to comply can result in significant penalties.


Under Missouri state law, business owners are required to comply with the Missouri Merchandising Practices Act (MMPA). The MMPA requires businesses to take reasonable steps to protect personal information from unauthorized access, destruction, use, modification, or disclosure. This includes implementing reasonable security measures to protect against unauthorized access to personal information.


In addition to the MMPA, business owners in Missouri may also be subject to federal laws, such as the Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry Data Security Standard (PCI DSS). HIPAA applies to businesses that handle protected health information (PHI) and requires them to implement reasonable and appropriate administrative, physical, and technical safeguards to protect PHI. PCI DSS applies to businesses that accept credit card payments and requires them to meet specific security standards in order to protect sensitive payment data.


In practice, meeting these legal obligations requires businesses to take a multi-layered approach to cybersecurity, including:


  • Implementing firewalls and antivirus software
  • Conducting regular security audits
  • Enforcing strong passwords
  • Training employees on how to identify and avoid phishing scams
  • Regularly backing up important data
  • Utilizing a Virtual Private Network (VPN)
  • Having an incident response plan in place
  • Complying with regulatory requirements such as GDPR, CCPA, HIPAA and PCI-DSS


As a business owner in Missouri, you are responsible for ensuring that your business complies with all applicable state and federal laws related to cybersecurity. By taking the steps outlined above, you can help protect your business from cyber-attacks and minimize the damage caused by a successful attack. It is also important to stay informed about new laws and regulations and to update your security policies and procedures accordingly.

Jon Lober is the CEO of NOC Technology, a managed service provider and business technology consultant based in Washington, Missouri and servicing greater St. Louis and beyond. With over 25 years of business management experience and more than 15 in IT, Jon understands both the complexities of both business operations and the technological infrastructure that makes work possible. Jon is a CMMC Registered Practitioner from CyberAB and is passionate about cybersecurity compliance, business continuity, and intelligent automation, all built to support and protect US-based businesses.

Is your quickbooks set up to maximize cybersecurity?

Accounting Software Security

By Jon Lober May 8, 2026
Most Missouri accounting firms assume cloud-based software is secure by default. It's only as secure as your configuration. Here's what to check and how fix the gaps
Does your dental practice have gaps in protecting patient data?

Dental Practice Cybersecurity in St. Louis

By Jon Lober May 7, 2026
How St. Louis dental practices protect patient data, meet HIPAA requirements, and defend against ransomware in 2026. Plain-language guidance for practice owners.
Is your booking calendar exposing client data?

Does Your Website's Booking Form Put You at Legal Risk?

By Jon Lober May 6, 2026
Booking forms, contact pages, and patient portals can expose your business to privacy lawsuits — especially if you're running tracking pixels. Here's what to check.
More Articles