To a hacker, dental records represent an opportunity to gain access to patient and payment information – which both hold high value on the dark web. Why? Because this data, when combined with passports, drivers’ licenses, and social security and credit cards, can be converted into complete identity packages. The news here: Dental practices are not immune to cyberattacks. In September 2020, dental support organization Dental Care Alliance, LLC, was hacked. The breach went undetected for weeks and compromised the protected health information of more than one million patients. This is only one example within the dental field, and the numbers keep rising, year after year. From 2009 to 2019, there has been a 95% increase in the number of health data breaches. And according to Crowdstrike’s 2021 Global Threat Report, 2020 saw another significant jump in cyberattacks focused on the healthcare industry. If you’re involved in any part of the health care industry, especially small and mid-sized clinics or dental practices located in the United States, it’s time to take important steps forward to secure your data. You might be wondering – what kind of impact can a cyberattack really have on a dental practice? In the first hours or days, it could mean: Encrypted patient files so you’re blocked from your treatment notes and patient x-rays Locked appointment files Inaccessible billing records The inability to process payroll Downtime for the entire office In the days and weeks to come after an attack, dental practices could be plagued with other issues, including: Recovery or ransom efforts to try to restore the records and get back to business Patient records being sold on the dark web Reporting the breach to customers, likely including entire families whose health and other identifying information may have been compromised Complying with HIPAA reporting, with the possible need to report the breach within multiple states depending on the scope of the business With a target clearly on the backs of all health care providers, including dental practices, there are preventative measures that should be incorporated into daily data management to ensure the safety of patient and business data. Properly Preserving Legacy Data is Key to Security One of the most important steps in protecting your organization’s ePHI is to identify risk factors, especially in the case of legacy systems which can be an open door for attacks. Our team at Harmony Healthcare IT develops and supports HealthData Archiver™, a data management platform providing a single point of access to historical patient, employee or business data for dental and healthcare practices. The web-based solution, with its release of information workflows, Single Sign-On integrated clinical views, revenue cycle features and eDiscovery capabilities, provides a significant return on investment for dental practices that are switching to a new system and decommissioning legacy systems. The solution consolidates data stores, reduces out-of-production system maintenance costs, mitigates technical risk, and complies with record retention mandates. Bottom line: Active Archiving is the one big defensive move your healthcare organization can take immediately to protect its EHR, ERP, and HR systems to keep cyber criminals locked out. Looking for some guidance on how to protect your legacy dental data from becoming a part of a cyberattack statistic? Let’s connect. Note: This blog was updated from a previous version published on Oct. 3, 2020.