Aside from your own dental knowledge, your patients’ personal data might be the most valuable commodity in your practice. And it has never been more at risk from criminals who’d like nothing better than to bust through your (often meager) security measures and make off  with all that  information.

In the Spring edition of Incisal Edge dental lifestyle magazine, journalist Jennifer Alsever offers a look at the dangers — and how to harden your defenses.

Vacationing in France in 2015, Cathrine Steinborn read a news article about a local dental office that had been burglarized: Thieves broke in and stole the practice’s computer server, which was loaded with patient data. Steinborn’s ears pricked up – she, too, was a DDS, having run a practice in Santa Clara, California, for three decades, and she wasn’t about to let that happen to her. Once she returned from France, she vowed, she’d address any outstanding security concerns for her own office before it was too late. It was too late.

The day before she got back to California, burglars broke into her practice through its basement door, making off with her server. She lost troves of her patients’ most personal data: birthdates. Addresses. Health information. Social Security numbers. It was seemingly a carbon copy of the incident in France. Says Dr. Steinborn: ‘It was horrible.’

Dr. Steinborn’s breach cost her thousands of dollars in legal expenses; she spent a year and a half dealing with public relations, insurance, forensics and police. Although she was able to recover her paperless records because of remote server backup, she had to report the incident to federal authorities and alert patients that their information had been stolen. You can imagine how your own patients might react to this news.  “Some were really mad,” Dr. Steinborn says. Her case still hasn’t been closed by the government.

Think it can’t happen to you?

According to Alsever, although physical server theft might seem a high-risk, low-reward way to procure such information, it’s not an uncommon tactic, when:

  •  a staff IT specialist leaves a laptop unattended in a car parked outside a practice.
  •  a rogue member of a dentist’s team downloads the precious data to a flash drive.

“‘It’s becoming more and more of an issue,” says Kenny Schwing, CEO of Liptak Dental Services, the dental IT firm behind DDS Rescue, a cloud-based data-security and restoration service available through BencoNET.

Screenshot 2017-04-24 11.57.16(Services like Schwing’s can often de-encrypt a corrupted server to restore the data. ‘Another ransomware attack today!’ DDS Rescue posted to Facebook after one recent service call (shown, left) . ‘We were able to … work with an IT specialist to clean the server. No ransom was paid.’)

Read the full story and protect yourself with a three-step checklist of initial steps to firm up your cyberdefenses: