How to Create a Dental Business Continuity Plan, AKA “Emergency Mode Operation Plan”

No one wants to think about data breaches, natural disasters, or human error that could shut down your dental practice, but part of being a business owner is making sure you have an emergency action plan that will allow you to address the problem and restore operations quickly and efficiently. All you have to do is watch the news to see how hurricanes, wildfires, and flooding are impacting both cities and rural communities. Internet crime is another threat. The FBI’s Internet Crime Complaint Center (IC3) received 880,418 complaints in 2023, with losses exceeding $12.5 billion. The dental industry is not immune. Change Healthcare confirmed in February 2024 that BlackCat/ALPHAV was behind the cyberattack that disrupted claim submissions and other revenue cycle management functions for dental practices, medical practices, hospitals, and pharmacies across the country. “Ransomware Events Have Skyrocketed” Planet DDS hosted a webinar in July 2023 with Jeremy Baker, Special Agent in Charge, FBI; Gary Salman, CEO of Black Talon Security, LLC; Joel Olivio, Chief Information / Information Security Officer of Dental Care Alliance; and Angelina Hendricks, Chief Technology Officer of Planet DDS.   Mr. Salman said ransomware events in dentistry have skyrocketed, with the firm now getting multiple calls every week. The problems include: Confidential data breached, including protected health information Financial data accessed Bank accounts compromised Wire fraud occurred Business email compromised  Servers disabled / employees locked out Business and patient data cannot be accessed by dentists and employees How do Cyber Criminals Hack into Dental Computers? Often, security breaches occur because of outdated technology or employee error.  Some of the most common ways cyber criminals can hack into your company’s database include: Employee opens a phishing email and clicks on a malware link Employees share account logins  Employees do not choose strong, unique passwords The dental practice has not implemented updated security patches on its computers and phones The team improperly configured firewall protections The computers don’t have malware detection software installed Various computers use different types of antivirus software and there is no consistency Team members lack proper training on how to spot fake emails, text messages, and links Cyber Attack Recovery Costs Typically $500,000 and Higher The cost of recovery is substantial. A small dental group with 12 practices may end up paying over $500,000 to stop the data leak and repair their records – and that figure does not include the cost of lost business during the time the company was shut down.  Practices close an average of 10 – 14 business days, according to Black Talon Security Ransomware payments typically exceed $1 million Data also shows that once attackers are paid out, they will often return with another ransomware attack because they already know that the organization has weak control and environment, along with the precedence of paying the ransom. What is a Data Protection Impact Assessment for Dental Practices Data Protection Impact Assessments (DPIAs) identify, analyze, and minimize risks related to the processing of data. They are designed to reduce the risk of data exposure and the harm a data breach could cause.  Create an Emergency Action Plan for Dental Practices Before You Need It The Emergency Action Plan must be in writing and posted in the workplace where employees can view it or have access to it.  The Emergency Action Plan should include: Procedures for reporting a fire or another emergency Procedures for evacuating employees and taking roll call to account for everyone Location of equipment for fire protection, communications, power, personal protective gear, first aid, and triage supplies Defining employees involved in critical operations and their role in the emergency Listing the name and job title of every employee who may be contacted for information Employees should be trained on the emergency action plan, sign an acknowledgment form, and participate in mock exercises. Think back to when you were in school and had mock fire drills; this is the grown-up version of that.  Develop Your Business Continuity Plan After the initial emergency has been addressed and everyone is physically safe, employees need to execute their business continuity plan to restore normal operations as quickly as possible.  A Business Continuity Plan, according to the American Dental Association, should include: The company’s plans and policies, including insurance policies, facility security protocols, finance and purchasing procedures, employee policies, and risk management plans.  A list of equipment needed to resume operations A list of vendors’ contact information A list of personnel needed to resume operations and their contact information A backup system for critical functions, such as a cloud-based medical records, payroll, communications, patient services, phone systems, and computer systems More resources can be found in the ADA Guidelines for Practice Success, in the module on Managing Professional Risks.  Defining Your Business Interruption Recovery Strategies First, gather the information that your team, vendors, and third parties such as law enforcement officials and security firms such as Black Talon Security will need to start their investigation: Date and time the incident was discovered The names and contact information of anyone involved with the discovery and the response What was accessed and/or viewed improperly Submit a ticket to Denticon with Urgent Priority Top Tips and Tools for Denticon Business Continuity Planet DDS is dedicated to ensuring our system is running and available when you need it.  However, if you experience a short-term internet disruption and need to continue treating patients, you can use an alternative internet connection available to you to access backup.denticon.com. This site will contain copies of Routing Slip and Appointment Detail reports as of midnight of the prior day. Depending on when your internet connection disruption occurred, this may provide enough information to allow you to continue treating scheduled patients.  To learn more about how Denticon can help your practice or dental group, schedule a demo here.  

spot_img

Explore more

Stop Letting Others Control Your Life

Stop Letting Others Control Your Life

SUMMARY: In this episode, Brendon teaches… How to focus more on positive life outcomes like life satisfaction, fitness, happiness, and confidence is essential. Why better embracing significant...

You Asked: In a Woman with ADHD, Should You Continue Treatment...

Question: I have a 32-year-old patient with ADHD who stopped her stimulant medication (Concerta 54 mg) during pregnancy. She is now at 34 weeks of...

The Future of Period Pain Relief

Hey there, womanhood warriors! We get you, and we especially get you on those days of the month. Period cramps are a real problem...
Preventive Care: How It Can Save Your Business Money On Health Insurance

Preventive Care: How It Can Save Your Business Money On Health...

As a small business owner in California or Arizona, you already understand the importance of keeping your employees healthy and productive. But you also...

Biosensor technology company Allez Health secures $60M

California-based Allez Health, formerly Zense-Life, announced it secured $60 million in Series A+ financing.  The round was led by strategic investor Osang Healthcare, with participation...
Omega-3 index test

Omega-3 index test and benefits for overall health and well-being

The Omega-3 Index test...
Thousands of NÜTRL tumblers recalled after dozens report illness - National

Thousands of NÜTRL tumblers recalled after dozens report illness – National

A promotional NÜTRL branded tumbler that was recalled in Canada earlier this month caused multiple reports of adverse health effects, an updated notice said...
Dentistry procurement platforms and trends 2024

E-Procurement Platforms, AI, and More Trends from DentalForum 2024

This article was written by the Planet DDS staff and originally published on DrBicuspid.com.At this year’s DentalForum, leaders from more than two dozen dental...