I would bet that all the dental offices, that had their patient information breached, said the same thing.

I hope all of you have had the opportunity to watch the TV show of March 13 where Darren interviewed Charles Kaplan of Data Guardian Pro. Scary stuff! The more I researched, the scarier it became. Do you even know if your data is encrypted? Do you know what the HIPAA rules are?



"A recent study conducted by Bromium, a global enterprise security market company, found that crypto-ransom ware is not going away anytime soon because traditional detection-based protection, such as antivirus, has proven ineffective at preventing the attack."

HIPAA Omnibus Rules aggressively protect patient records and do apply to dental offices. HIPAA violations are a serious matter. Fines today for not complying are a minimum of $100-$50,00 per violation, or record, and a maximum of $1.5 million per year for violations of the same provision. Some violations also carry criminal charges with them, resulting in jail time for the violators.

Being HIPAA compliant is the best course to protect your data. There are 3 parts to the HIPAA compliance process:

  1. Plan-the first step is to conduct a Risk Assessment which gathers information about the use of electronic devices in your practice; how you handle and safeguard data and what procedures your employees must follow.
  2. Training-a lack of, or inadequate, employee training makes an organization vulnerable to attacks. HIPAA requires employees be trained annually.
  3. Implementation- what good is the plan, and training, if it sits on the shelf?

My personal opinion is that dentists are trained to do dentistry not to outsmart hackers. It might be worth the investment to hire an expert, like Data Guardian Pros, to give you a piece of mind.

Many dental offices are breaching HIPAA laws without realizing it. 10 common ways dental offices are breaching HIPAA:

  1. Devices with patient information being stolen
  2. Losing a device with patient information
  3. Improperly disposing of papers, and devices, with patient information
  4. Not restricting access to patient information
  5. Sending sensitive patient information over email
  6. Leaving too much patient information over a phone message
  7. Not having a "Right to Revoke" clause-you have to give your patients the right to revoke the permissions they've given you to disclose their private dental information to certain parties.
  8. Employees sharing stories about patient cases
  9. Employees snooping through files
  10. Being vulnerable to being hacked

Don't wait until it's too late!!


Data Guardians



Icons .001Icons .002Icons .003Icons .004