It’s easy to overlook continuity and disaster recovery planning when you run a dental practice. After all, your business may be small enough to avoid the interest of most cybercriminals and the number of people with access to critical systems is comparatively small. Plus, when things run smoothly, there’s little time to reflect on all the things that could possibly happen.
However, the latest Healthcare Breach Report from bitglass shows that healthcare breaches have risen more than 55 percent over the last year, with hacking and incidents caused by improper IT security leading to more than two-thirds of compromises. Everyday issues, such as inclement weather and network outages can create further problems.
With this in mind, it’s critical to create a formal continuity and disaster recovery plan for your dental practice. Not only can it save you time and money in the long run but will help keep your office legally compliant and can protect you from litigation. Let’s take a look.
Why Do Dental Offices Need a Continuity and Disaster Recovery Planning?
Risk Mitigation: Throughout your continuity planning, you’ll discover a variety of potential issues and ways to prevent unavoidable or unforeseeable incidents from impacting your dental practice. This way, they may not impact your operations at all.
Reduce Expenses: With contingency plans in place, you can avoid many recovery expenses altogether.
Faster and Smoother Recovery: It takes a typical healthcare firm 236 days to recover from a data breach per bitglass data. A solid plan will help protect you and get you get chairside quicker.
Legal Compliance: Although laws vary by state and may be impacted by the patient’s age, most dental practices will need to keep detailed records for six to ten years after a patient’s last visit. Your continuity and recovery plan will keep you compliant.
Business Strength and Competitive Advantage: A fast and low-cost recovery means your practice will bounce back from a disaster quicker than neighboring practices, which can give you an edge and allow you to pick up more new patients.
Peace of Mind: Once your continuity and disaster recovery plan is set, you can relax knowing your dental practice is prepared for anything that might come your way.
How to Create a Comprehensive Continuity and Disaster Recovery Plan
Because dental software is our area of expertise, this guide will be largely focused on how to address continuity and disaster recovery planning in relation to your software and data.
The information covered is helpful whether you’re operating on your own or working with an IT specialist. If you’re working through it on your own, make it a team effort and bring everyone together to brainstorm. If you’re working with an IT specialist, review areas of concern and set up a meeting with your IT specialist to discuss potential gaps. Don’t assume they’re already addressing continuity and recovery! It may be an add-on service or could be outside the expertise of the IT person you’re working with.
Step 1: Identify Potential Threats
The first step is simply to outline potential threats to your dental practice operations. Again, brainstorm potential risks with your team and/or IT specialist. A few areas to consider are covered below.
Power Outages: In addition to leaving your practice in the dark, power outages can damage hardware and software.
Network Interruptions: Consider issues like loss of internet, system failures, and issues with your internal computer network or server.
Natural Disasters: Depending on your region, make note of potential natural disasters, such as fires, floods, hurricanes, and earthquakes that may impact your operations.
Inclement Weather: Like natural disasters, inclement weather such as heavy rain or snow can cause connectivity issues, damage to your building, and prevent your team from coming to work.
Disruption of Transit Systems: Thankfully, transportation infrastructure throughout the United States tends to be fairly solid. However, if things like road closures, bridge outages, or bus driver strikes could prevent vital personnel (employees, repairmen, IT support, etc.) from reaching your office, make note of them.
Crime: Even though hacking incidents and ransomware attacks are rare for dental practices, the ADA reports they do occur. You should also consider non-cyber issues, such as theft, vandalism, and issues associated with civil unrest.
Pandemics and Outbreaks: While a pandemic isn’t likely to impact your software directly, it may impact the location from which your team works and how you perform backups.
Step 2: Perform an Impact Analysis
Once you’ve outlined potential issues your practice may face, jot down all the systems and operations each issue will impact.
For example, let’s say your power goes out and it takes down your entire computer network. It may not prevent you from seeing patients, but you’ll still need access to their records. Your front office will also need to be able to handle time-critical tasks, like confirming appointments and you’ll still need a method for prescribing electronically. You’ll also need to consider issues like the costs involved in bringing your practice back online.
There might also come a time in which you and/or your team cannot physically visit your office, but you’ll need to address concerns like appointments and patient communication. You’ll also want to consider how you’ll continue backing up your data while you’re away from your practice.
Step 3: Outline Your Before, During, and After Steps
Before: Identify team members, patients, and vendors who may be impacted by your outage or issue and have their contact information stored in an easily retrievable location. Create an incident response team, outline which steps each person will need to take, and communicate those steps to the individual. For example, your office manager or lead assistant may be responsible for notifying your IT specialist of an outage, contacting the dentist, and so forth.
During: Outline steps each team member will need to take during the incident and when specific steps should occur. Your continuity plan will likely need to include escalations if the issue is not resolved within a specific period of time.
Don’t forget to outline steps for bringing operations back online. For example, if a power outage takes your systems offline, there should be a clear process that notes:
- Who’s responsible for bringing systems online.
- What criteria the individual should use to determine it’s safe to proceed.
- The exact steps involved in bringing systems back online.
- Any resources the person will require.
- When employees can resume work and the process for bringing them back.
- When patients can return and the process for resuming appointments.
After: Have a postmortem to discuss the incident, what went well, and what could be done better next time, then update your continuity and disaster recovery plan accordingly.
Spotlight: Protecting Your Dental Practice Data
Protecting your patient data is critical. As you build out your dental practice’s continuity and disaster recovery plan, consider the points below.
Daily Backups of Your Data Are Essential
At a minimum, you should be making daily backups of your practice data. This way, you’ll only need to input a day of data if something happens to your server. If you run a busier practice, you may want to consider taking multiple backups each day. Practice-Web has a built-in feature that makes taking manual backups simple, but you can check with your IT specialist about automating the process too. Watch the video below or visit our User Guide for a walkthrough and additional details.
Monthly Backups Should Be Kept as Well
In addition to your daily backups, you’ll want to keep separate monthly backups as an additional safeguard.
Backups Should Be Kept Offsite
Because your backup may need to be used for a variety of reasons, including incidents like fires and floods, it’s best to store yours somewhere other than the office. Many practices simply use an encrypted USB that goes home with the dentist or trusted team member for daily backups. You can also work with your IT provider on setting up a cloud-based backup solution.
Your Dentist Portal Lets You Manage Your Practice from Your Phone
If you’re using Practice-Web and on paid Support, enable your Dentist Portal and familiarize yourself with how it works. (Contact Support if you need help with this.) Your Dentist Portal works on any device, including your mobile phone, and allows you to access critical practice information like your schedule and patient data. Plus, it integrates with Smart Tools like DoseSpot electronic prescribing and pwTeledentist, so you can provide care for your patients regardless of what may be happening with your computers or physical office. You can even use Pay-by-Text to collect balances remotely.
You Can Access Server-Based Dental Software Anywhere with a Remote Access Program
Many cloud-based dental software providers would have you believe that your practice is in imminent danger if you aren’t using a cloud-based platform and entrusting your data security to them. Nothing could be farther from the truth!
Explore options like Google Remote Desktop. A remote access program will allow you to log into an in-office computer from anywhere and access all Practice-Web functions and features as if you were in your brick-and-mortar office. If you’re unsure how to set up a remote solution, check with an IT professional in your area.
Step 4: Train Your Team and Test Your Plans
Just like you need to repeat your CPR training to keep it fresh and maintain your cool during a critical situation, you’ll need to train your team and test your plans regularly to ensure everything will go smoothly should you need to draw upon your continuity and disaster recovery plans. Review and revamp your plans:
- Annually
- When a key team member leaves
- When systems are updated
- After a critical event occurs
We’re Here to Help
Want to learn more about our software and Smart Tools? Request a demo.
Already using Practice-Web and need help? Contact Support.
Don’t have paid Support but have questions or want to sign up? Contact Sales.
If you’d like more info on managing other areas of your practice, check out the ADA’s “Emergency Planning & Disaster Recovery in the Dental Office” guide.