American Dental Association Breach | AdvancedMD

Features Navigation

Live Chat (800) 825-0224 Live Demo

← Back

American Dental Association Breach

Disclaimer: This blog article was written by an AdvancedMD partner. The views and opinions expressed in this article are those of the author(s) and do not necessarily reflect the official policy or position of AdvancedMD.

Cybersecurity breach

Cybersecurity is getting very scary. The number of Cyber Breaches and Ransomware attacks in 2021 were the largest ever. 2022 is shaping up to be even more dangerous than 2021. In addition to the general trend towards more bad actors participating in cybercrime, Russia has increased their cyber attacks in response to the economic sanctions imposed by the US and allies.

The Cybersecurity & Infrastructure Security Agency (CISA) has implemented Shields Up in response to this specific threat, and on the Shields Up website it states, “Every organization—large and small—must be prepared to respond to disruptive cyber incidents.”

Every organization is at risk of a cyberattack, and the American Dental Association was hit with an attack many cybersecurity experts believe the attack was by an organization known as BLACK BASTA. A statement by the ADA indicated that they experienced a disruption to certain services. The ADA has not acknowledged the nature or source of the incident, but Black Basta has posted that they have approximately 2.8 GB of ADA data including W-2 forms, spreadsheets, and personal information on ADA members. The ADA also provides support services to many state Dental Societies and the breach has impacted those states as well as the ADA.

Other dental organizations that have recently experienced cyber incidents include The Professional Dental Alliance (PDA) which owns dental practices in 15 states. That breach involved over 170,000 individuals. The breach at PDA happened at one of the vendors that PDA shared data with North American Dental Management. In this case even though PDA’s computer systems were not breached and the systems that were compromised were another company, since the information breached was PDA patients, it was PDA who was responsible for the breach.

The increased threats not only can impact your medical practice, but they also can impact any organization that you share your data with. This can include:

  • Electronic Medical Records
  • Electronic Billing Systems
  • Revenue Cycle Management Systems
  • And any other computerized system where YOUR PATIENT data may be stored

There are steps you can take to better protect your data, and there are steps the businesses you share information with can take to better protect your data. The bottom line is no matter where the data is located, it is your data and ultimately your responsibility. Nothing is perfect, but under the HIPAA regulations you are required to do everything that is reasonable to protect your data. That includes:

  • Completing a HIPAA Security Risk Assessment
  • Implementing all Security updates that are reasonable for your practice
  • Having Business Associate Agreements with all vendors that you share data with
  • Providing regular security training for your staff.

One of methods that bad actors can compromise your systems is through passwords that are not secure. To assist you in improving your security TLD Systems will begin a FREE webinar series on how to improve your security. The first webinar will be on Wednesday, July 6 at 8pm Eastern (7pm Central, 5pm Pacific). Register for this FREE webinar.



Avatar photo
Michael Brody, DPM
Dr. Brody has been actively involved in computers and medicine since the 1980s. He is a Residency Director at a VA hospital located in Long Island, NY. Notably, he was present as the VA moved from paper records to computerized records. During this time, he was exposed to the stringent rules and regulations that government employees must adhere to when protecting patient information. He co-founded TLD Systems with Warren Melnick. They wanted to create a platform for private practice doctors that provides a cost-effective method of implementing HIPAA compliance in their practices. He has served on the Health Information Technology Standards Panel (HITSP), the Standards and Interoperability Framework (S&I), as a member of the Ambulatory Care Committee at the Certification Commission on Health Information Technology (CCHIT), and numerous other organizations. He is currently a member of the Physicians Committee at the Healthcare Information and Management Systems Society (HIMSS) and a co-chair of the EHR workgroup at Health Level Seven International (HL7). He co-founded TLD Systems with Warren Melnick to create a platform that doctors who wish to work in private practice have a cost-effective method of implementing HIPAA compliance in their practices in a manner that does not interfere with their ability to practice medicine. He has served on the Health Information Technology Standards Panel (HITSP), the Standards and Interoperability Framework (S&I), as a member of the Ambulatory Care Committee at the Certification Commission on Health Information Technology (CCHIT), and numerous other organizations. He is currently a member of the Physicians Committee at the Healthcare Information and Management Systems Society (HIMSS) and a co-Chair of the EHR workgroup at Health Level Seven International (HL7)

Topic:


Other Resources Related to This Topic


No results found

“The money I have invested in AdvancedMD is miniscule compared to the return. I have never been more efficient – ever – in my professional life as I am now.”

Jed Shay, MD
The Pain Care Center

Read the story  ›

“[Our] patients are very well-educated and well-informed, and they want to see results quickly. The practice has to run extremely efficiently and be accessible to them. The nice thing about [AdvancedMD] is it has allowed me to be more efficient both in and out of the office. Now I don’t have to come back into the office, which is great for my family and everything else. It saves me a lot of time – probably an hour a day on the three days I work in the second office.”

Keith Berkowitz, MD
Center for Balanced Health

Read the story  ›

“The best thing I ever did in private practice was getting AdvancedMD—it has liberated me.”

Estaban Lavato, MD
La Loma Medical Center

“Having integrated practice management and EHR is absolutely wonderful, you don’t have to flip back and forth between systems—all of your information is at hand when needed.”

Raju Raval, MD

Read the story  ›