You’ve heard of a statewide emergency being declared after a natural disaster, such as a hurricane or severe flooding… but after a cyberattack? That’s been the case in Louisiana, where Gov. John Bel Edwards, for the first time in the state’s history, declared a statewide cybersecurity emergency following cyberattacks against several school systems in the state.1
In light of the rising cost and frequency of cyber attacks here in the U.S.,2 here’s my recommendation for dental practices: set up your own “cybersecurity commission” within your office and have a trusted IT partner that can help you execute an emergency plan.
A recent cyberattack in the state of Oregon drives home why that’s so important. In this attack, the hackers gained access to several dental practice networks through their IT consulting company. According to one report3, the IT company left a dismal message for customers: “We’re working to recover backup data, but due to the size and scale of the attacks we’re not optimistic about a full or timely recovery.”
The real tragedy of stories like this is that often the backups are corrupted and unrecoverable. I can only hope the practice had a hybrid backup solution on local servers that they could restore on their own or ideally with the help of an IT service provider that wasn’t compromised.
These recent examples show that cyber criminals are no longer going after personal information and credit card numbers. They’re going after the “bigger fish” of business databases. In the Oregon case, the hackers hit the “jackpot” by accessing several dental practice networks through a shared IT consultancy. However, a single dental practice with multiple locations or even a standalone office is a very attractive target.
Many times, cyber criminals correctly assume that dental practices won’t have business-grade firewalls and advanced backups in place. That’s despite the fact that HIPAA regulations require “covered entities,” including small dental practices, to consider “technical, hardware, and software infrastructure” and to consider the “size, complexity, and capabilities” of their security.4
From my experience with TechCentral by Henry Schein One, I can attest to the importance of having a business-grade firewall, considering that most of the practices we service have anywhere from 500 to 4,000 patients in their database. The threat of a ransomware attack continues to grow, and the methods hackers are using are becoming more sophisticated. In some cases, third-party websites have been compromised by malware in their cookies, so when staff members visit the site, they may unknowingly download a virus. In the majority of cases, however, we see phishing emails, often with PDF attachments that claim to have a tracking number or other information that might bait an office staff member to click on it.
The Oregon attack illustrates why TechCentral has changed its own policy in how we conduct backups and why our Hybrid Backup Solution is an important component of our Omnicore solution.
Before we introduced Omnicore, our “network-in-a-box” hardware-as-a-service solution, we allowed customers to select which files were backed up.
However, we found that this could lead to some problems. There have been cases where dental practices were cyberattacked or accidentally deleted files, and when they went to reinstall the data, certain vital information was missing. In one case, this resulted in mismatched images in patient records, which delayed the practice’s ability to get up and running. That’s why it’s better to err on the side of caution and save all data.
Since Omnicore is offered as a service, you get a complete solution with a virtualized server, network-attached storage, a business-grade wireless access point, and firewall and hybrid data backup at a monthly cost that is lower than it would be if you bought all of the equipment yourself, including all the managed services.5 Because TechCentral fully manages Omnicore, issues, including backups, are taken care of promptly by experienced TechCentral IT professionals. You can stop worrying about IT and focus on providing the best patient care.
As an example of our customer support, we recently did a cloud restore for an office, and it took just over an hour to complete. Because they had successfully backed up all of their data, the practice was able to reinstall everything in a streamlined manner. Remarkably, it’s the only cloud restore we’ve had to do this year so far, which speaks to the quality of Omnicore’s security features.
The best way to find out if Omnicore is right for your practice is to request a free technology assessment at https://www.henryscheintechcentral.com/omnicore/future or call us today at 844.206.1228.
2https://www.hiscox.com/cybersecurity
4https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html
5TechCentral by Henry Schein One data on file
Originally posted on Dental Product Shopper
Howard began his career in dentistry in 2009. He has held roles as a Dentrix technician and a network/hardware technician. In his current role as Henry Schein TechCentral product manager, he continues to advance technology offerings in the dental market and helps dental offices find the right solutions for their various IT needs.
This article is paid for by Henry Schein TechCentral. Certain components of the products or services described above are provided by third parties. Henry Schein, Inc. and its affiliates are not responsible for, and expressly disclaim, all liability for damages of any kind arising out of the use of those third-party products or services.