![Your local Bruxzir provider!]({"type":"image" , "src" : "/sda/112461/JournalAd-RiversideJuly-UCDA-leaderboard1.jpg"})
As dentist practice owners, we invest a great deal in security measures because a break-in is the last thing we want. Now we need to secure more than just our locks and doors. We need to secure the digital footprints of our offices as well. Cyberattacks are on the rise and can potentially result in large financial losses.
Early this year, the accounts receivable in our office suddenly stalled. Insurance checks and direct deposits halted. The silence of deposit line items caused fear, worry, and alarm. The healthcare technology company used by a large dental insurance company to process claims was hacked. Their system was frozen. The cyber-attack forced the company to disconnect over a hundred services. Claims were not processed. Benefits were not paid. Checks were not reimbursed. This attack placed significant stress on our offices and many offices nationwide
Ultimately, a $22 million ransom in Bitcoin was paid. CBS News reported that the health agency incurred a total financial impact of this attack of $872 million in total.Footnote1 According to the 2023 FBI’s Internet Crime Report, healthcare had the highest number of organizations that suffered from ransomware attacks. The number of attacks doubled from 2022 to 2023.Footnote2
It is easy to think that our small businesses are immune to similar infringements. Why would a hacker target a stand-alone dental office in a California suburb? We may assume that the bad guys are looking for the biggest fish in the market. They are likely looking for the easy mark. A small dental office is a possible quick. Such a hack is an easy target for them, but a costly event for us.
Most often, human error leads to the cyberattack. Whether it be downloading an ambiguous attachment, or creating an easy-to-detect password, or divulging usernames, credentials or passwords to the wrong entity, human error leaves potential doors open for the cyberthieves to infiltrate. Regardless of how digital our office may be, it is our responsibility to fully secure and protect our organization, our information, our patients – and thus our business.
CDA’s website provides many helpful resources.
Backup your data regularly and keep it off-site.
Be careful of e-mail attachments.
Maintain cyber defenses in the form of anti-virus and anti-malware software.
The resource library has links to multiple national agencies that protect offices like ours.
For example, the US Department of Health and Human Services website (HHS)
provides a free toolkit
elucidates examples of cyber threats and vulnerabilities.
outlines ten tools to counteract these threats.
The Federal Trade Commission provides resources as well. Some tips include:
timely updates to software
securing files with external hard drives (on and offsite) or the cloud usage of passwords
the protection of devices in and out of the office
encryption of devices
utilization of multi-factor authentication
The Dentists’ Insurance Company (TDIC) also has great risk management resources and a cyber suite liability policy. This policy allows coverage for “costs of breach of information, unauthorized intrusion or interference with computer systems, damage to data and systems from computer attacks and related litigation.”
Cybersecurity is not just a computer issue; it is a business issue. We comply with rules and regulations to safeguard the health and safety of everyone in our offices. We routinely check the batteries in our office AEDS to reduce risk. We review emergency preparedness protocols to reduce risk.
We can add another essential checklist. Let us ensure that our offices add cybersecurity checklists to our regular operations. TDIC offers two helpful tools: a cyber event checklist that provides dentists a “proactive approach to responding to a cyberattack or data breach incident and a cyber liability guide that provides an “overview of cyber risks and targets, data breach and cyberattacks, investigations, preparation, and prevention.”
Let’s keep in mind this valuable adage: Safety is a full-time job. Don’t make it a part-time practice.