What Dental Practices Can Learn From Recent Data Breaches

August 26, 2021 | 3 min read

Healthcare providers — including dental practices — collect, process, and store large amounts of sensitive patient information that’s highly valuable to cybercriminals. No wonder they’re the prime target of cyberattacks.

Healthcare data breaches increased by 55.1% in 2020, costing organizations around $13.2 billion. This alarming trend continues into 2021 as the cost of cybersecurity problems continues to rise for dental practices.

As of May 2021, 251 healthcare data breaches have been reported to the Department of Health and Human Services (HHS), affecting close to 17.3 million individuals. In fact, over 1 in 20 U.S. adults became a victim of a healthcare data breach during the first half of 2021.

Click below to find out how tab32 can keep you safe from data breaches.

Book a demo now!

Recent Cyber Attacks Affecting Dental Practice

Let’s take a close look at recent data breaches in the dental industry, and see what dental practices can learn from these incidents to keep their patient data safe.

Dental Care Alliance Data Breach Impacted One Million US Dental Patients 

In October 2020, Dental Care Alliance (DCA) discovered that it was hacked the month prior. The organization has over 320 affiliated dental practices across 20 U.S. states. It provides these affiliates with services that involve the handling of sensitive patient information, such as insurance billing, customer service, accounting and payroll, IT services, and operation management. 

Patient data that might have been compromised include names, addresses, dental diagnosis and treatment information, patient billing information, bank account numbers, and health insurance information.

A proposed class action was filed against DCA for leaving patient information on its servers without sufficient protection, causing it to become vulnerable to attacks.

The lawsuit also accused DCA of failing to implement adequate cybersecurity protocols to protect patient information. It alleged that the incident would have been discovered more quickly if DCA had the proper procedures in place to monitor its network.

Ransomware Attack Caused 100 Dental Practice To Lose Access to Patient Data

Colorado-based Complete Technology Solutions, a technology provider in the dental industry, suffered a ransomware attack on November 25, 2019. The incident left 100 dental practices without access to their patient data. Meanwhile, an attack against Southeastern Minnesota Oral and Maxillofacial Surgery Associates in August 2020 bears a very similar fingerprint.

The specific type of ransomware that impacted Complete Technology Solutions’ clients is known as Sodinokibi, which prevented the affected dental practices from accessing their patient records, schedules, radiographs, and payment details.

Dr. Jessica Meeske’s dental practice was affected by the breach. "You are absolutely paralyzed in the same way as if you lost your physical location," she said. It's also worth noting that a ransomware attack is considered a HIPAA violation by the HHS.

Complete Technology Solutions did not pay the ransom. Dr. Meeske had to work with her cybersecurity insurance company to hire a team of experts to decrypt her computers and retrieve the data. It took until December 16, 2019, to restore data at two of her four locations — adding to the crunch that many practices already feel at the end of the year.

Reinforcing Cybersecurity in Dentistry

It’s a matter of when, not if, cybercriminals will attempt to steal your patient data. But the good news is that you can take proactive actions to protect your sensitive patient information and prevent losses from cyberattacks. 

Hackers could steal sensitive patient information from DCA because it stored the data on a local server without sufficient monitoring. As such, dental practices should use a cloud dental software platform constantly monitored by cybersecurity experts.

Meanwhile, practices can avoid the high cost of extended downtime due to the loss of access to patient information by using cloud-based dental practice management software with a comprehensive backup and recovery plan.

Furthermore, make sure you sign a HIPAA Business Associate Agreement with any vendor that handles your sensitive patient data to ensure that you’re protected against breaches and negligence not under your control..

tab32 offers cloud dental software that helps ensure practice security and dental compliance. Request a demo to see how we can help you enhance cybersecurity in dentistry and avoid the high cost of data breaches.

Learn more now!

You May Also Like

These Stories on HIPAA

No Comments Yet

Let us know what you think