In the dynamic world of dentistry, advancements in technology continue to redefine patient care, practice management, and the overall landscape.
Welcome to our monthly article series, Tech Talk, where we delve into the latest breakthroughs in dental technology, aiming to provide DSOs, dentists, dental professionals, and enthusiasts with insightful glimpses into the future of oral healthcare.
With each installment, we’ll explore a diverse array of topics ranging from revolutionary treatment modalities to innovative software solutions, all designed to enhance efficiency, improve patient outcomes, and streamline practice operations.
Whether you’re a seasoned professional seeking to stay abreast of the latest trends or a curious newcomer eager to explore the frontiers of dental innovation, Tech Talk aims to showcase the transformative potential of emerging technologies in the dental field.
Join us on this exciting journey as we navigate the ever-evolving landscape of dental technology and DSO innovations, uncovering the tools and strategies that are shaping the future of oral healthcare delivery. Together, let’s embrace the possibilities of tomorrow, today.
Are cyber-attacks the new normal?
The Change Healthcare cyber incident forced those working in the dental industry to take a hard look at the software vendors they’ve partnered with – and many were found to be lacking. And while I’d love to tell you this incident and breach was a one-off event and vendor security doesn’t need to be your new priority, that’s just not the case. It’s no longer a matter of “if the industry is attacked again,” but “when it will happen, who will it affect, and how painful will the fallout be.”
When choosing a software vendor in the past, you may have skimmed past security measures, spending more time on the features that directly affect your ability to successfully manage your practice. It’s time to shift your thinking. Ensuring your software vendor can support you during the next cyber-attack is just as important as any other feature your technology may include.
If your software vendor can’t answer “yes” to the four questions below, it’s time to reconsider who you’re working with.
1. Are they able to respond instantly when a breach happens?
When the Change Healthcare cyber security incident happened, most software vendors were unable to pivot to another clearinghouse or solution because they hadn’t invested the time, money, and staff necessary to be able to shift at the last second in a way that really minimized the damage and the impact to customers.
In fact, this is usually what the software development process looks like: a bunch of employees run around and build stuff, throw it up on the wall, then more employees test it before it’s given it to customers who find even more things wrong with it, and then the company fixes them. That’s old-fashioned 1990s software development. The best vendors should be able to complete that entire cycle in minutes using modern continuous delivery processes and tools. Your software vendor should be continuously updating their software so you can trust you’re always using the best version.
If your software vendor hasn’t invested in their continuous delivery technology from the very beginning, don’t expect them to be able to immediately respond when a breach or other incident happens, either.
2. Can they immediately protect their system and your data when an attack happens?
When time is of the essence, a software vendor who depends on manual testing and monitoring is not the partner you want by your side. From an information security perspective, look for a vendor that’s automated most of their tests and monitoring. With a lot of companies, if they’re breached or they’re deeply integrated with an organization that has a breach, not only do they need to shut down any connections to the affected areas, but they’re going to spend weeks evaluating every part of the system to make sure that it wasn’t infected. When you work with a vendor that emphasizes automation, that work can be done in hours or even minutes.
3. Do they have the team in place to support your practice during a cyber-attack?
When a cyber-attack happens, you don’t want a software vendor who continues to maintain business hours. Not only should they take an all-hands-on-deck approach, but they should have the capacity and infrastructure to provide 24/7 crisis support. The dev team should be working nights and weekends to fix the issue. The communications team should be updating you regardless of time of day. Customer service should be available around the clock. You should be positive that your challenges are their priority, and you shouldn’t accept anything less.
4. Do they have SOC 2 Type II attestation?
It’s easy to take a lax approach to home security until someone breaks into your house. The same goes for software security. Don’t choose a software vendor who’s ok taking a reactive approach to the safety of your practice and your patients. SOC 2 Type II auditing report standards have been developed by the American Institute of Certified Public Accountants (AICPA) to elevate data security. These standards are critical to ensuring top-notch information security (InfoSec) safeguards across vendors’ IT systems and adhering to vendor-customer contracts.
Your software vendor’s response to the Change Healthcare cybersecurity incident should tell you a lot about how they’re going to continue to respond to cyber-attacks. And believe me when I say this: this is not the last time you’ll have to trust they can support you when the worst happens. If they haven’t already shown they’ve made your practice’s security a top priority, it’s time to find a vendor who does.
Written by: Alan Rencher, Chief Technology Officer, Henry Schein One
Tech Talk is sponsored by Henry Schein One. Henry Schein One, the leader in all things dental software, empowers dentists to focus on patient care, ensuring practice success.
In light of the Change Healthcare incident, Henry Schein One has stepped up to help keep your practice on solid ground. They’ve been diligently working to find solutions for processing claims and eligibilities and cash flow concerns. For FAQs, information about financial support, and the latest news on this incident, visit our claims processing status page.
With its simple and integrated software, practices are finally more seamless, more efficient, and more profitable—meaning patients and practitioners are happier. With comprehensive solutions: demand generation, patient experience, practice management, revenue management, dental analytics, and clinical workflow, dental practices will be running smoother than ever before.
Henry Schein One, LLC, is a joint venture between Henry Schein, Inc. (Nasdaq: HSIC) and Internet Brands. The company’s portfolio of leading brands includes Dentrix®, Dentrix Ascend®, Jarvis Analytics™, TechCentral™, Lighthouse360+, and DentalPlans.com®, along with solutions offered through international companies, including Dentally and Software of Excellence, among others. For a full list of our brands, please visit our website or connect with us on LinkedIn.