Sponsored Content: Straumann Group

By Dale Newman, Customer Success, Straumann Group

Healthcare at Risk

Cyberattacks are relentlessly targeting the healthcare industry. The amount of highly sensitive data generated and stored is staggering, and therefore a popular target of cybercriminals. According to an article in Dentistry iQ by David Corlette, vice president of product management at VIPRE Security Group, data breaches targeted at healthcare organizations now account for nearly 79% of all reported breaches, across all industries. And to make matters worse, when a breach occurs, organizations are often fined for HIPAA violations. Corlette reported that in 2022 the average fine was reported to be $98,643 a majority of which were imposed on small practices, to include dental practices.

Dental Organizations Targeted

According to the March 24, 2024 edition of Dental Cyber Watch by Group Dentistry Now:

“Over the past two years, there has been a significant increase in cyberattacks targeting the DSO/DMO community, and this trend shows no signs of abating. The dental sector has emerged as particularly vulnerable to this damaging crime. Numerous small and large DSOs/DMOs were impacted by ransomware events in 2023 and some of these even made national headlines.”

On September 27, 2023, Henry Schein experienced a data breach that affected 29,112 employees and their families. Personal data was stolen to include credit/debit card numbers and the associated security codes, passwords, and PINs. The breach shut down the company’s global e-commerce platforms. Due to the interruption in business the company was forced to lower its sales expectations for fiscal year 2023.

On April 25, 2023, Aspen Dental, a DSO with over 1,000 practices in 45 states, was hit by a cyberattack that shut down appointment scheduling systems, phone systems, and other business applications. The personal data of patients and employees was potentially affected. They have now made the costly decision to hire third-party data security specialists to investigate the incident.

These attacks are costly in many ways. Cybercriminals often sell the data they steal which puts those affected at greater risk of identity theft, and the practices at risk of a damaged reputation, lost business, and oftentimes fines from lawsuits brought against them.

The rise in cyberattacks on the dental industry should prompt DSOs and small practices to step back and assess whether they have solid cybersecurity that will protect their staff, their patients, and their livelihood.

What Can Dental Practices Do to Lessen the Risk of a Cybersecurity Event?

Cybercriminals often assume that small practices and DSOs have not made the necessary investment in IT resources and cybersecurity and are therefore viewed as vulnerable prey, and there are several contributing factors.

The dental industry is facing many challenges. There are issues around staff retention and recruitment, complex revenue cycle management, increasing operating costs, growing competition for patients, and growing regulatory requirements. The idea of taking the time to stop and assess vulnerabilities to a cyberattack just hasn’t been a priority. But the time to take these necessary steps in NOW.

Allocate budget for security so you don’t incur far greater costs in the future.
It is essential to maintain currency on software updates and patches. This will help assure your data remains secure and cybercriminals are kept out.
Train your staff on HIPAA and cybersecurity. Your office is hectic, staff are distracted as they care for patients, work through claims, and keep operations in check, oftentimes short-staffed. But staff needs to be engaged in cybersecurity and especially need to understand the majority of attacks occur via malicious email.
Establish policies geared toward cybersecurity to include permissions and passwords on files and computers, and actual device protection, especially in the age of remote working.
An additional and important consideration is to invest in cloud-based software, especially your Practice Management Solution (PMS).

Why Cloud-Based Dental Practice Management Solutions

You may feel that on-premise solutions give you more control, thereby making your office more secure. But during these short-staffed, hectic times, you should assess your environment objectively, and you may find on-premise solutions are doing your security a disservice.

A Cloud-based PMS removes the burden of data security from the practice and places the responsibility on the vendor, dedicated to protecting your business.
Time and resource consuming maintenance, such as updates and patches, becomes the responsibility of the vendor, as do regularly scheduled backups.
Cloud-based solutions more easily scale than do on-premise solutions. They also provide a more cost-effective approach to your growth. As new practices and employees join, as new innovative software features are added and as storage needs grow, the system will accommodate the changes with no need to invest in new hardware or software, while providing effective remote management.
Cloud solutions provide a sole source for data extraction which can then be used to run system-wide analytics, all supported by the dedicated security processes of the vendor.
Cloud solutions also offer more mobile operations. Providers can easily move from practice to practice, while securely accessing the applications and data they need to care for patients. It also enables easy, secure communications between staff, patients, and other companies as needed.
Cloud solutions are much more friendly to space limitations within your offices.

Meet CARESTACK®

As the dental industry is faced with growing security threats, DSOs and small practices must find a way to safely unify their staff and resources into one cohesive barrier to these threats. This is where CareStack, a cloud-based practice management solution rises to the top. Ranked the #1 Dental Practice Management software by G2, CareStack is designed for dental professionals who aim to achieve operational efficiencies, clinical excellence, and growth. This all-in-one dental practice management software, distributed by Straumann Group, supports a DSO’s transformation from groups of individual practices, into a vibrant, successful organization with a singular holistic vision. With this commercial partnership Straumann® is committed to supporting a secure digital transformation and delivering innovation to meet the needs of a dynamic and high-performance dental practice.

CareStack’s dedication to supporting customers as they operate in this new age of cybersecurity threats was recently tested, and CareStack met the challenge.

One of CareStack’s many features include automated claims processing across the dental revenue cycle. With a dedication to simplifying these complex processes for their customers, CareStack integrates with clearinghouses to process claims. CareStack communicates with the clearinghouse to automate insurance verification, eligibility, claims transmittals, and payments.

One of the clearinghouses CareStack has integrated with is the largest in the country, Change Healthcare (CHC) owned by UnitedHealth Group. And just like many other companies have experienced, on February 21, 2024, CHC announced they had been hit with a ransomware cyberattack. The ramifications of an attack on CHC are quite serious because CHC processes 15 billion transactions related to dental, medical, and pharmaceutical claims annually. Since CHC had to isolate their systems, practice management and other systems that utilize CHC’s services were blocked, essentially bringing vital revenue cycle processes, and the ability for practices to realize revenue, to a halt.

The professionals at CareStack understood the severe impact this would have on their customers’ livelihood and patient care, and therefore acted fast. Read more from CareStack

Staff began by utilizing CareStack’s in-app notification system to send messages about CHC’s outage to every customer in real-time, while clearly communicating that the situation could take much time to be resolved.

The CareStack product team created a form within the application offering an option to have claims rerouted temporarily through another partner, DentalXChange. Since CareStack is cloud-based all the efforts put forth by the CareStack support team could be centralized and focused. The team worked tirelessly to implement the payer mapping and technical requirements necessary to move customers onto the DentalXChange platform. By utilizing their cloud platform, changes could be quickly and easily implemented for any customer wishing to make the move. And CareStack support teams were available continuously to answer questions and educate users on the new processes.

Change Healthcare allegedly paid a $22 million ransom, but thanks to the quick action and dedication of the CareStack team, customers were not held ransom as well.

CareStack in the Cloud

A $22 million ransom is likely far beyond what most practices can pay a cybercriminal, but criminals perpetrate these crimes for far less, with devastating effects. This is one of many reasons why CareStack offers a great solution to your Practice Management Solution needs.

In October 2023 Forrester released a study on behalf of Straumann entitled The Total Economic Impact Of CareStack. This study unravels the benefits of CareStack all-in-one cloud PMS for a multi-site dental organization. Download this study in its entirety and discover the productivity and profit growth as well as the cost savings enabled by CareStack:

307% return on PMS investment over 3 years with a payback period of less than 6-months.
Fill your schedules, optimize revenues, and consolidate systems. Total benefits of $1.7 million within 3 years.
Enable faster collections and significantly boost production. Days of collection reduced by 35%, and production boosted by 40% in the third year of implementation.

In Conclusion

Cyberattacks are not reserved for Fortune 500 corporations and in fact, smaller organizations may be at greater risk if they do not take the necessary steps to protect themselves from this ever-growing threat to their employees, patients, and their business. Action, education, and secure, updated IT solutions are vital steps to take now, and cloud-based solutions are an important piece of your defense strategy.

CareStack offers a superb cloud-based practice management solution to help DSOs and individual practices minimize the risk of cyberattacks. CareStack offers an all-in-one platform to drive standard operating procedures (SOPs), enhance patient care, and achieve financial gains. Together, dental organizations partnering with Straumann and CareStack can navigate the ever-changing cybersecurity landscape of the dental industry paving the way for a secure and prosperous future.

If you’d like to learn more about how CareStack can fulfill your DSO’s needs for a comprehensive practice management solution that brings all practices together, contact us and schedule a demo today.