Email accounts were accessed after a business associate’s employees responded to phishing emails
In what’s becoming a sad yet familiar tale, a network of dental practices affiliated with North American Dental Group has notified over 170,000 patients, including over 4,200 patients in Texas, that some of their PHI was stored in email accounts that were accessed by an unauthorized individual between March 31 and April 1, 2021.
Professional Dental Alliance says the breach occurred at its vendor, North American Dental Management. The ensuing investigation revealed several email accounts were accessed by an unauthorized individual after employees responded to phishing emails.
Hit the pause button for a second and ask yourself three extremely important questions, no matter the size of your practice:
If you can’t answer these three questions in the affirmative, your practice and your financial legacy are at serious risk.
While the investigation of the breach described above uncovered no evidence of attempted or actual misuse of patient data (yet), it confirmed the email accounts contained protected health information such as names, addresses, email addresses, phone numbers, insurance information, Social Security numbers, dental information, and/or financial information.
Affected individuals have been advised to exercise caution and review their credit reports and account statements and be on the lookout for signs of misuse of their data. Professional Dental Alliance says affected individuals are being offered complimentary membership to credit monitoring and identity theft protection services for two years.
As my college coach used to preach after a player made a mental mistake on a simple assignment, “Guys, it’s basic blocking and tackling! If you can’t execute the basics, how can your teammates trust you to do your job when a sophisticated defensive scheme or offensive audible at the line of scrimmage is called?” The same question holds true at dental practices. Dentistry is infinitely more sophisticated than it was even ten years ago. Yet, if your patients suffer from bone-headed mistakes on the simple stuff like protecting their health information and leave your practice because of them, all the newest techniques you learned to apply to your craft won’t mean much.
Smart Training has helped over 15,000 dental professionals with their compliance needs, such as protecting PHI, for over ten years. If you’re unsure how your practice is doing compliance-wise, contact Smart Training. “We can help with the basic blocking and tackling, so you can focus on delivering outstanding outcomes for your patients.”