In late April 2023, Aspen Dental announced that it was the victim of a cyberattack that shut down its appointment scheduling systems, phone systems, and other business applications. Although it is still unclear if hackers were able to access patient files, Aspen Dental has more than 1,000 locations across the country, if patient information was affected, the incident may be the biggest healthcare breach this year.
What We Know About the Aspen Dental Hack So Far
Reports from patients note that some locations had to resort to pen and paper. Phone lines and computers went down, affecting practices’ ability to file patient insurance claims resulting in some patients receiving handwritten bills. New patients also had to be turned away.
One patient, Tonya Green, who had paid upfront for services, could not receive follow-up treatment. Tonya Green commented on the ordeal, “No sign, no phone call, no email. No text and still yet nothing. I’m going to find the care somewhere else and I don’t know, hopefully, I’ll hear from them and find out what’s the next step what do we do as far as getting compensated.”
Aspen Dental confirmed the incident in a notice posted on their website, “We’ve experienced a cybersecurity incident that has temporarily impacted our ability to access scheduling systems, phone systems, and other business applications for Aspen Dental. We are still working to resolve the issues related to our Aspen Offices so please know that we have limited access to contact patients at this point.”
Within this notice, they included a Q&A section to provide patients with more information on how to proceed. One question addressed if patients should attend their appointments, “We might not be able to address all of your needs until we bring our systems back online, but we will be available to treat many issues and counsel you on next steps in your treatment plan. If you are a new patient, we will reach out to you to reschedule your appointment in the very near future.”
Protect Your Practice with HIPAA Compliance
Healthcare practices have increasingly become targets of hackers due to the wealth of information that goes along with patient care. Healthcare breaches account for 79% of reported breaches across all industries. In 2022, an average of 1.94 large-scale healthcare breaches were reported daily. According to Ponemon’s annual breach report, the average cost of recovering from a healthcare data breach is $7.13 million, higher than the global average across all industries.
Breaches often result in HIPAA fines when practices fail to implement an effective HIPAA compliance program. The average HIPAA fine in 2022 was $98,643, and 65% of fines issued that year were given to small practices.
Regardless of whether you’re a small or large practice, breaches and fines can happen to you. Achieving and maintaining HIPAA compliance is your best defense.
Compliancy Group helps dental practices automate HIPAA compliance with software and live coaching. As the only HIPAA solution endorsed by the ADA and ADA Member Advantage, dentists can be confident in their compliance program. Find out more about Compliancy Group and HIPAA compliance. Get HIPAA compliant today!