Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
More like dental damage.
Your dentist’s office isn’t the first place you might think of as a cybersecurity risk, but as Medix Dental CEO Tom Terronez told IT Brew recently, the amount of private information stored there makes it a potential threat.
“One of the things that makes dental more vulnerable is that it’s still majority on premise, local practice management software,” Terronez said, adding that that means “they’re way behind a lot of other industries that are in cloud uptake.”
Gummed up. The FBI warned the American Dental Association in May of the potential danger to providers from hackers. In May 2023, hackers attacked Delta Dental of California in a breach exposing the information of around 7 million patients.
In April 2023, Aspen Dental—a chain with more than 1,000 dentists’ offices across the country—suffered a ransomware hack that exposed user data, including health insurance information and Social Security numbers.
“We have obtained assurance that the unauthorized third party no longer possesses Aspen documents, and while your personal information was exposed, we have no evidence it has been misused,” Aspen said in a statement announcing the breach.
Large companies are often the target of attacks in most industries. But part of the reason dental offices are one of the types of companies most vulnerable to attack is their relative lack of investment in cybersecurity, Terronez told IT Brew. This is especially true of firms that have less to spend and that work with smaller IT providers.
“Their…IT provider probably doesn’t have a lot of depth beyond the basics and some tools,” Terronez said. “They certainly don’t have a CISSP on staff, or any trained cyber security professionals in their small IT companies.”
Solvent. For patients and providers facing cybersecurity threats, options are roughly the same as they are for any industry. Patients can ask what protections are in place or take it on faith that providers are taking care of their information; dental offices should do what they can to ensure they’re offering the safest customer experience. “Protecting your patients’ information and investing in protecting your patients’ information is practicing good dentistry,” Terronez said.
“Have a third party assessor audit their IT security within your practice, or partner with a cybersecurity vendor on top of your IT provider,” he continued.
“Most critical for them is to have transparency into the operations and protections that are in place with their IT providers, with their managed service providers, because they’re not all equal,” Terronez said. “The more vendors you have, the more difficult it is to manage and ensure they’re doing what they’re supposed to do.”