Learn more about the Florida Dental Association here.

Beyond the Bite

The Official Blog of the Florida Dental Association

Tag: iCoreConnect

Decrypting the Buzz Around Email Cybersecurity

by Leave a comment

By: Robert McDermott, President and CEO, iCoreConnect

Do you feel like you’re hearing a lot about ransomware, phishing and hacking these days? You’re not imagining an increase in these buzzwords. They’re popping everywhere: news media, compliance reports, technology and trade journals, and the list goes on. It’s important to recognize that these words are more than just the latest media buzz. They’re real threats.

Cybercrimes remain a problem for dental and medical professionals with little sign of going away anytime soon. The primary ways your practice can be compromised are through your IT infrastructure and your email. The weakest link in the chain, however, is people.

Criminals have become quite effective at using malicious email to exploit human vulnerability and gain access to protected health information (PHI). When an email comes in posing as a trusted source like a bank, an online payment site or even a social networking site, your staff needs to know what to do … and what not to do. Every day, cybercriminals successfully steal everything from patient and insurance records to passwords, social security numbers, credit card information and account numbers. These kinds of attacks are called “phishing.” They are designed to get you to click a link, call a number or respond with personal information.

Educate your staff on what to look for in a phishing attack. The Federal Trade Commission’s Consumer Division explains that phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. These emails may:

  • say they’ve noticed some suspicious activity or login attempts.
  • claim there’s a problem with your account or your payment information.
  • say you must confirm some personal information.
  • include a fake invoice.
  • want you to click on a link to make a payment.
  • say you’re eligible to register for a government refund.
  • offer a coupon for free stuff.

As a dental health provider, confirm that every email with any connection to PHI, payments, passwords or other sensitive information is being sent through a secure, HIPAA-compliant email service.

Not sure how to know? Check to make sure your secure email service uses its own private network to transmit messages, not the public internet. You also will know if your email is fully secure and compliant based on the way email communication is initiated. If your practice must initiate the first message in an email conversation, then your system is highly secure. The security key is that no one can randomly email you or your staff if you haven’t sent a secure email to them first. That eliminates phishing and hacking because cybercriminals can’t reach you. Once you have that first email interaction with another doctor, pharmacy, patient, etc., your workflow is the same as any other email.

If you are sending PHI via Google, verify you are using the paid version, Google Workspace Gmail. Even if you have some security steps in place on a non-paid Gmail address, you are most likely neither HIPAA compliant nor protecting your patient’s records. You may want to consider using Gmail, and other similar services, for sending everything that isn’t PHI or sensitive information. Secure and non-secure emails often can be accessed in the same email interface requiring only one login to access all your email accounts.

So, what happens if your email isn’t secure and someone in your office clicks a link? Well, you’ve just left the back door unlocked and let a cybercriminal sneak into your business. Once a cybercriminal gets into your system, usually without detection, they have one goal: wreak havoc to get money. They can lock up your entire records system and hold it for ransom, usually requiring payment in bitcoin. Thousands of attacks are launched every day with good success. It’s a scenario you don’t want to deal with. Fortunately, it’s also preventable.

Teach your staff or bring in an IT managed services provider (MSP) to talk with your office about the best practices to prevent phishing scams. Learn to identify a suspicious email and report it to your IT or MSP team. Most importantly, never click on buttons/links, call the listed phone number or respond to the message, especially with personal information.

Replace your current moderately secure email service with a truly secure, HIPAA-compliant email and you’ll significantly decrease the risk of your data being accessed through email.

Cybersecurity, phishing and ransomware are more than buzzwords. They represent identity theft, credit card and bank account access, and the loss of patient trust. Prevent access. Use secure email. Stay off the radar of those looking to profit off your practice. These simple steps can save you headaches and heartbreaks from having PHI stolen or captured and then paying a high ransom to get your practice up and running again.

FDA Services endorses iCoreExchange HIPAA-compliant email. iCoreExchange not only meets or exceeds every compliance and security requirement, but it also allows you to attach as many large files as you want to any single email. Speed up your workflow, protect patients and your practice. Check out this convenient and compliant service or call 888.810.7706. FDA members receive a substantial discount on iCoreExchange.

Cloud Technology Lights the Way for the Future of Dentistry

by Leave a comment

By Robert McDermott, President and CEO, iCoreConnect

There’s never been a better time to leverage technology in dentistry. It’s more accessible, secure and efficient than ever before. No matter how long you’ve been in dentistry, it’s likely dental school didn’t teach much in the way of computer software and programming or offer a Master of Business Administration. Fortunately, what you need to know is simple. It’s all about integrating cloud-based software to speed up clinical workflow and enhance patient care.

Cloud-based technology and services are rapidly becoming the preferred backbone to run any business. The technology model, Software-as-a-Service or SaaS, is a term you may have heard before. SaaS is more commonly referred to as web-based, hosted or on-demand software. For example, cloud-based Microsoft Office 365, Amazon and Dropbox are all SaaS platforms and are all accessed through the internet.

Here’s why all of that is important to dentistry. Cloud-based software replaces traditional servers and hard drives located inside a dental office. Those servers require expensive maintenance and upgrades. They put patient and practice data at high risk of theft, failure or loss. Think about what happens if that server is hacked by a cybercriminal or destroyed by a busted bathroom pipe. Or, the server simply fails one day. Compromised or lost data can crush a practice.

Here are three ways technology today changes the way dentists do business.

Streamline Daily Repetitive Tasks

What are two tasks that take time and are done frequently? Most likely they include checking insurance benefits and writing a variety of prescriptions. Let’s start with insurance. When the doctor discovers a patient needs a crown, a staff member will then need to check the patient’s insurance. That patient may walk out the door without a follow-up appointment because she is waiting to find out what, if anything, she will owe out of pocket. Today, there is specialized software that checks insurance benefits immediately. Armed with the actual insurance information needed for next steps, a patient is more likely to book the appointment and show up for it. Anxiety over financial surprises is no longer lingering. The patient gets needed treatment and the practice remains financially on track.

Electronic prescribing is another big deal for better clinical workflow. Many Florida doctors implemented e-prescribing when the law went into effect in January 2020. However, dentists with expiring waivers or whose licensure renewal takes effect by July 1 will need to make the switch now. Software designed specifically for dentists to e-prescribe all medications, including controlled substances, also may offer direct access to E-FORCSE (Florida Prescription Drug Monitoring Program) for rapid prescription history checks of a Schedule II-V controlled substance. e-Prescribing with rapid PDMP checks makes clinical workflow faster, safer, and better for both the patient and the practice.

By simply streamlining insurance checks and the prescription process, time is given back to the day and patient care is kept on track. The next two steps add to the security, peace of mind and efficiency of running a practice.

Move Data to the Cloud

If practice data is stored in a physical server in the office and then backed up to a physical hard drive, trouble may await. Backing up to a hard drive in the office, or one that travels home with the dentist or a staff member, puts protected health information (PHI), financial information and all practice information at risk of being stolen, hacked or accidentally destroyed. The strongest protection comes from using a cloud-based backup service. PHI and all other data is backed up every time a key is clicked on the keyboard. The sensitive data lives on servers across multiple locations, protected at the highest level of cyber and physical security.

Take IT Off Your Plate

Even though you may be savvy to technology, your first love and priority is dentistry. It is prudent for a practice to engage in the services of a managed services provider (MSP). An MSP takes care of everything IT at a predictable monthly rate. An MSP team doesn’t even need to be in the same city as the practice. They can continually maintain, update, and prioritize security and compliance of the practice’s computers and secure email from anywhere. Issues are immediately mitigated or simply don’t happen. Once again, the cloud makes big business sense.

Leveraging technology at any stage of a dentist’s career is the economical, practical and proactive way to do business. The dental industry needs a fresh approach to speed up clinical workflow and make dentistry even safer and more convenient for patients while increasing security and revenue for the practice. Doing business the same way as always may be comfortable but it will keep a practice stuck at the status quo. The business of dentistry has a bright future in cloud-based technology.

iCoreConnect, an FDA Crown Savings Partner, develops cloud-based technologies to improve and protect your practice including e-prescribing, full IT/MSP services, and revenue analytics. FDA members receive special discount pricing on iCoreExchange HIPAA-compliant email and iCoreDental practice management system software. Book a no obligation demo or call 888.810.7706 to see how iCoreConnect’s products speed up workflow and increase revenue.

Cyberattacks: Prevention May be the Cure from Ransomware

by 2 Comments

By Robert McDermott, President/CEO, iCoreConnect

Just as you wash your hands regularly so you don’t get sick, it’s critical to adopt good habits of “digital hygiene” to prevent cyberattacks on your practice. The “illness” threatening your practice is called malware. Malware is an umbrella term for any malicious software criminals use to steal your or your patients’ data.

Ransomware, a particularly sinister malware, burrows into your system and begins encrypting all your data so you can’t access it. Then a cybercriminal holds your data for ransom, demanding you pay a hefty sum of money for them to give you access to your own files.

Just like a human virus sometimes can be undetected, malware can be in your computer system long before you realize it. By the time you see symptoms, it’s too late. Cybercriminals are continually developing sophisticated methods for infecting computers and servers without you catching on. There are two primary ways malware gets into your system and holds your practice ransom.

HACKING

Hackers secretly tap into your data by exploiting weaknesses in your IT security. Outdated, unmaintained systems often make smaller, older practices particularly easy targets. Working with a proactive team of IT experts, known as managed IT services providers (MSP), is an important layer of defense against attacks. These folks can save you money, time and headaches over the long run. They detect threats early to eliminate or reduce damage well before it gets out of hand.

A particular vulnerability is how you are using email. Only use Gmail, Hotmail, Yahoo, etc. for personal or non-patient specific messages. For anything beyond that, set up a fully HIPAA-compliant, cloud-based email system that protects your information whether it’s sitting in your inbox or sending to another doctor’s inbox. There are big differences between an encryption-only email for general security and a truly HIPAA-compliant email fulfilling every HIPAA security requirement. These requirements range from verifying recipient identity to making sure no email is altered.

PHISHING

Phishing occurs when a criminal tricks any employee into thinking something is a trustworthy source, then convinces them to click a corrupt link or provide sensitive information directly (like a credit card number). The attacker is preying on a lack of awareness on the part of you or a staff member. You must educate your whole team to recognize suspicious messages, links and questions to avoid falling victim. If the sender is unknown or claims to be your IT person, MSP or someone in your office yet asks you to click an unusual link, verify the email first with the actual person on your team.

No one is inherently immune from cyberattacks. Take action now by working with a qualified dental IT services provider to assess, boost and maintain your IT immune system. Work directly with your staff to understand what to look for and how to prevent these types of criminals from getting in the door. Healing from an attack is much more difficult and costly than preventing it in the first place.

iCoreConnect, an FDA Crown Savings merchant, specializes in comprehensive software that speeds up workflow for dentists. The FDA endorses these products from iCoreConnect: iCoreExchange HIPAA-compliant email and iCoreDental cloud-based practice management. FDA members receive substantial discounts on both products. Book a demo at icoreconnect.com/fda or call 888.810.7706.