What Dental Practices Should Know about the Rise in Ransomware and Medical Record Theft

Identity theft is a widespread problem that affects both businesses and individuals. Medical record theft is a type of identity theft that involves the unauthorized access to (and the use of) an individual's medical records for malicious purposes.

By Genni Burkhart

According to Critical Insight's H2 2022 Healthcare Data Breach Report, healthcare data breaches increased by 35 percent in the second quarter of 2022 compared to previous years. The report also found that phishing and ransomware attacks were the most common causes of data breaches in the healthcare sector.

The report states that 28.5 million records were exposed in the second half of 2022, up from 21.1 million in 2019, according to an analysis of breach data reported by healthcare organizations to the U.S. Department of Health and Human Services (HHS).

In fact, ransomware caused significant damage to hundreds of dental clinics in 2019 due to a crippling malware attack. It was reported in March of this year that a suspect broke into a dental office in Sherman Oaks, CA, and stole medical records from a filing cabinet. In only 30 seconds, the perpetrator grabbed the documents and left out the same window through which he entered.

Financial gain remains the primary motivating factor for these attacks.

According to an American Dental Association (ADA) Marketplace report, medical records hold considerable value on the black market. Unfortunately, patients' dental profiles are full of information that makes them ultra-appealing to identity thieves, such as:

  • Social Security numbers.
  • Date of birth.
  • Addresses.
  • Detailed insurance and billing information.

Holding Your Data Hostage

Infiltrating dental practices (virtually and physically) isn’t just about stealing patient information. Hackers are also resorting to ransomware, one of the fastest-growing cybercrimes today. Ransomware is malicious software that encrypts a device's data, making it unusable until a ransom is paid. Besides ransomware, hackers use other tactics, such as phishing and malware, to infiltrate dental practices.

Ransomware can result in losing patient records, financial information, and other sensitive data. The cost of such an attack can be significant financially and in terms of reputational damage to dental practices.

Hackers demand a ransom payment of anywhere from tens of thousands to millions of dollars to regain access to your data. The payment is typically made in cryptocurrency, making it difficult to track. Furthermore, despite making the payment, there is no guarantee that you'll get your data back.

Prevention is Better than Cure

The good news is that if you know what to look for, you can often spot an intrusion before it creates havoc within your practice.

Investing in a reliable IT security system and staying up to date with security protocols is essential for dental practices in keeping digital information safe.

Additionally, it is important to educate staff about the dangers of online threats and to create a culture of security-oriented behaviors. Make cyber security and awareness of various threats to your data a priority in training and continuing the education of your entire staff.

It's also necessary to ensure that any third-party vendors and suppliers with access to your network or patient data follow procedures to secure patient data.

When it comes to opening doors for hackers, phishing emails are one of the most prolific ways for them to infiltrate your data. Hackers rely on human error and send innocent-looking emails that include deceptive links and attachments.

Breaches and HIPAA Violations

The black market for a patient’s medical record can fetch around $300, so it's crucial to invest in data security to protect patient records and data and avoid violating HIPAA regulations.

One of the biggest problems with these types of theft is that criminals often "demand" you to complete a Breach Risk Assessment (BRA).

Under the Privacy Rule, a breach occurs when protected health information is used or disclosed in an impermissible way. As a result, every breach (or suspected breach) is presumed to be a reportable breach unless you can complete a breach risk assessment to prove there was a low probability that patient health information (PHI) has been compromised.

Even though a forensic computer analysis can reveal suspicious activity, it is not always possible to determine the exact nature of the attack or the extent of any PHI compromise. Due to the nature of cyberattacks, determining if any PHI has been compromised is often impossible. As such, it is best to err on the side of caution and report any potential cyberattack as a reportable breach.

In Conclusion

What is the best thing to do? Make the time and investment now to avoid costly and potentially devastating ransomware attacks and data breaches down the road.

Helpful resources on the privacy and security of electronic health information can be found at healthit.gov. In addition, you can find further details on protecting your business from cyberattacks at the National Institute of Standards and Technology (NIST).


If you're not yet subscribed to receive the Incisor newsletter, filled with cutting-edge dental news sent directly to your inbox twice a month, you can do so here.

Author: With over 13 years as a published journalist, editor, and writer Genni Burkhart's career has spanned politics, healthcare, law, business finance, technology, and news. She resides on the western shores of the idyllic Puget Sound, where she works as the Editor in Chief for the Incisor at DOCS Education out of Seattle, WA.

DOCS Membership

Upcoming Events
May 17- 18, 2024
Atlanta, GA skyline
August 23- 24, 2024
October 04- 05, 2024

More Articles