The California Dental Association (CDA) has recently launched a cybersecurity toolkit that provides practical protection advice and solutions for common cybersecurity vulnerabilities in dental clinics.
The toolkit covers the top five cybersecurity mistakes that dental clinics are prone to make and how to fix them, a list of questions to assess potential risks of suppliers, key questions to choose the right IT partner, and a response and recovery plan for cyber incidents.
Many dental clinic leaders may think that cyberattacks are mainly aimed at large financial or manufacturing companies, but according to a 2024 report by IBM and the Ponemon Institute, data breaches in the healthcare industry account for 32%, almost twice as much as those in finance and manufacturing.
More worryingly, the frequency and cost of healthcare data breaches continue to rise, with reports increasing by 89% between 2019 and 2023, and the average loss of healthcare data breaches is expected to reach $9.8 million in 2024.
“No matter how big or small a dental practice is, if there are vulnerabilities in the system, whether human or technical, they will become targets for cybercriminals,” said Teresa Pichay, CDA Regulatory Compliance Analyst.
Pichay has 29 years of experience answering member questions about HIPAA compliance, cyber incident response, and more. She and a team of CDA experts developed this set of cybersecurity resources based on the latest dental industry trends and member needs.
The toolkit specifically reminds dental practices that while cybersecurity is not core to daily operations, ignoring it can have serious consequences, such as violations of the Health Insurance Portability and Accountability Act (HIPAA), ransomware, and data access interruptions.
Fortunately, practices do not need to be cybersecurity experts to effectively protect patient information and practice operations by following the checklists and guidance in the toolkit.
The Cybersecurity Toolkit includes:
The top five cybersecurity mistakes and solutions for small dental practices
A checklist of questions to ask when evaluating a vendor risk
Questions to ask when selecting an IT service provider with cybersecurity capabilities
Detailed steps and contingency plans for cyber incident response
A checklist for recovery actions after a cyber incident
In particular, the “Is your vendor endangering your practice? 》, which lists questions dentists should ask key partners such as IT providers and billing services to assess potential risks.
“While it is impossible to eliminate all risks, asking the right questions, clarifying expectations, and choosing vendors who value patient data security are effective ways to reduce risks,” Pichay emphasized.
Dental practice owners can use these resources to improve their cybersecurity capabilities and ensure practice data security and business continuity. CDA members can immediately access and use this comprehensive cybersecurity toolkit by logging into their account.
