The Leading Business Education Network for Doctors, Financial Advisors and Health Industry Consultants

EDR Data breach in Williamsport, Pennsylvania

By D. Kellus Pruitt DDS

Over the last 7 years, I have absorbed a surprising amount of criticism for warning my community that electronic dental records continue to grow both more expensive and more dangerous than paper dental records. That chunk of bad news which not one dental leader is ready to acknowledge is becoming increasingly difficult for even the most popular practice management consultants and other 3rd parties to hide. Unresponsiveness from those who profit from EDR sales is unethical and has already harmed dental patients.

Vulnerability Notes

In the Vulnerability Notes that have been issued by the US Department of Homeland Security to dental software giant Dentrix in the last year, security expert Justin Shafer was thanked in both for alerting authorities to Dentrix’s weaknesses.

• http://www.kb.cert.org/vuls/id/948155
• http://www.kb.cert.org/vuls/id/900031

Though evasive EDR stakeholders were able to fend off transparency far too long, it is fast becoming obvious to the world that their free ride with no accountability has always been destined to end ugly, and greed is to blame. Unforgiving media coverage of the nation’s loss of confidence in EDRs just might start in day or so in the parking lot of dentist’s office near Williamsport, Pennsylvania. Take cover, Dentrix

Eyeing Dentrix 

In the last two years, Justin Shafer’s uninvited watchful eye over Dentrix’s vulnerabilities may have already helped protect millions of dental patients from identity theft. Nevertheless, Dentrix’s security problems which company officials apparently hide, continue to endanger the welfare of uninformed Americans. I have learned that Shafer doesn’t give up easily. He’s in HIT for the long haul.

Yesterday morning, he posted a heads-up on the City of Williamsport’s Facebook, as well four other local Facebooks, warning of the results of a dental office data breach of Dentrix software: Dental patients’ social security numbers have become available on a zip file from Piratebay.

• http://thepiratebay.sx/torrent/5374693/

Shafer: “I am willing to bet there are a lot of your citizens SSN’s in this database. Look at rsc_dat.dat and patient.dat… Seems a dental database ended up on piratebay. You may already know.. you may not.”

• https://www.facebook.com/pages/City-of-Williamsport-PA-Information/123410027717552

He explained it to me this way: “the practice info is in rsc_dat.dat, patient info is in pat_dat.dat. It’s a nightmare, and I told dentrix and the doctor a full year ago.”

Assessment 

Did your opinion of censorship in dental care recently undergo change?

Conclusion

Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Link: http://feeds.feedburner.com/HealthcareFinancialsthePostForcxos

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com

OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:

DICTIONARIES: http://www.springerpub.com/Search/marcinko
PHYSICIANS: www.MedicalBusinessAdvisors.com
PRACTICES: www.BusinessofMedicalPractice.com
HOSPITALS: http://www.crcpress.com/product/isbn/9781466558731
CLINICS: http://www.crcpress.com/product/isbn/9781439879900
BLOG: www.MedicalExecutivePost.com
FINANCE: Financial Planning for Physicians and Advisors
INSURANCE: Risk Management and Insurance Strategies for Physicians and Advisors

Filed under: Information Technology, Pruitt's Platform | Tagged: Darrel Pruitt, Dentrix, eDRs, electronic dental records, HIT, Justin Shafer, Vulnerability Notes | 14 Comments »