Cybercrime in Dental Practices

As digitization trends continue to transform the healthcare industry, cybercrime is becoming more and more prevalent, even in small businesses. Do not succumb to the misconception that cybercrime only happens in large corporations. Small healthcare organizations have become popular targets for cybercrime due to the wealth of patient information stored in their records as well as their tendency to be unprepared for the threat. Dental practice owners have not escaped this phenomenon. In addition to having files with highly detailed personal information, most dental practice owners have been slow to upgrade systems and often use digital tools that are obsolete in terms of keeping up with modern cybersecurity needs.

The Cost of Cyber Attacks

Dental practice owners can incur devastating effects from cybercrime. Many lack the necessary resources (financial and personnel) to detect an attack in a timely manner, respond to it properly, and fully recover from it. Beyond the direct financial consequences of a cyberattack that might include a ransom demand for patient files, operational disruptions are also a factor. Would you be able to rebuild all the appointment schedules and payment data? Would you be able to retain your patients? Other costs to consider include those related to recovery — including the notification of customers and vendors, creating new accounts, legal fees, and possible regulatory fines. 

Practice Owners’ Misconceptions

Many misconceptions prevent practice owners from taking the necessary steps to protect their data.

My Data Has No Value. Many owners underestimate the amount of data they create, collect, store, access, and transmit. A breach of this data would affect your ability to continue your daily business routines and maintain your patients’ confidence.

My General Liability Insurance Covers Cyberattacks. In reality, many standard insurance policies may not cover cyber incidents or data breaches.

New Software and Equipment are Secure When Purchased. This may or may not be true. Just because something is new does not guarantee protection. 

Cybersecurity is Too Expensive. Companies can take many effective actions to minimize risk through proper training, protocols, and vigilance.

What You Can Do Today

Start protecting yourself today by minimizing your risks. Below are some steps you can take immediately:

  • Create back-up files. Backing up your data on a regular basis will allow a tech support person to restore your files to their original condition if an attack occurs. 
  • Enable appropriate firewalls and antivirus protections. Review your security settings on your software programs, browser, and email programs. Make sure to enable options that will meet your business needs without increasing your risk. 
  • Use a VPN (Virtual Private Network). A VPN encrypts the data sent to or from your device to prevent access from outsiders.
  • Use strong passwords. Use passwords that are unique for each device you use and each service or site you access. Avoid using your name, business name, or other words that are easily guessed. A strong password typically contains at least 8 characters with a combination of uppercase, lower case, numerical, and other characters.
  • Use caution on the internet. Train your staff to recognize unsafe pop-ups that appear with messages warning that your computer is infected. These pop-ups are pathways for hackers to gain access to your data. Never click on links or open attachments from people you don’t know, or if the link looks suspicious in any way.
  • Closely monitor detectors. Ensure someone is physically monitoring your detection tools. Incorporating breach prevention is only the first step, as you must also ensure that, if a breach occurs, you are aware as soon as possible.
  • Maintain updates to security software. Check for software updates regularly to ensure you maintain the maximum security benefits of your cybercrime prevention tools.

Cybercrime can happen to anyone at any time. Due to the digital transformations over the years, every business is a technology business, and as technology continues to evolve, so do cybercrooks. Cybercriminals continue to hone their craft, becoming more sophisticated, adapting swiftly and targeting companies more effectively. Cyberspace is a two-sided coin: it is a fantastic place for commerce, societal advancement, and innovation, however, it is also a playground for hackers who are ready to pounce any chance they get. Incorporating stopgaps, maintaining awareness, and practicing vigilance can go a long way in preventing cyberattacks from happening to you.


Are you considering selling a dental practice or selling an orthodontic practice? We can help you sell your dental practice for the greatest possible profit. See our sellers steps for more information.

Terry D. Watson, DDS, and Frank Brown, JD, LLM, are with ADS Watson, Brown & Associates, a dental practice transition consulting and brokerage firm in Dallas, TX. They are members of American Dental Sales and can be reached on the Contact Page.


Sign Up for Important Updates

Receive occasional emails from Watson Brown about featured practices for sale, upcoming events, and tips and resources for buying or selling dental practices.