A major overhaul of federal cybersecurity regulations is coming, and most dental practices are nowhere close to ready.
That's the warning from Steve White, founder of DDS Rescue, who joins DrBicuspid.com Editor-in-Chief Kevin Henry for an urgent conversation about the first significant update to the HIPAA Security Rule in 14 years. The update, which is on the U.S. Office for Civil Rights' (OCR) official regulatory agenda for May 2026, was prompted by what regulators themselves have called a rampant increase in ransomware attacks targeting healthcare.
The numbers are staggering. According to the FBI's IC3 report, known cybercrime losses across U.S. industries reached $16.6 billion in 2024, nearly double the $6.4 billion reported in 2021. Healthcare sits squarely in the crosshairs, and dentistry, White argues, has consistently lagged in compliance.
In nearly a decade of conducting technical HIPAA risk assessments, White says his team has encountered only a handful of dental offices that completed one, despite the fact that the HIPAA Security Rule requires that practices conduct ongoing risk assessments. It is the first thing the U.S. Office for Civil Rights will ask to see if it contacts a dental practice.
Compliance isn't the only concern. White walks Henry through the rapidly evolving landscape of cyberthreats targeting dental offices, including phishing emails so convincingly designed that they are nearly impossible to distinguish from legitimate correspondence. The most common attack vector, White says, is a fake bank alert urging the recipient to click a link to verify suspicious account activity. Click that link, White says plainly, and ransomware launches instantly. White cites research showing more than 91% of all cyberattacks enter through email, and they are getting harder to spot by the day.
White, who can be reached at [email protected], also describes an alarming new threat involving mailed thumb drives disguised as gifts from vendors. When plugged in, the drives silently deploy AI-powered keylogging software that monitors keystrokes until it cracks passwords, including bank account credentials.
The good news, White emphasizes, is that the solution is not costly or complicated. It is grounded in logic, and the steps to dramatically reduce your risk are well within reach for any practice willing to take them seriously.
This is one episode no dental practice owner -- or team member -- can afford to skip.
Note: This podcast is brought to you by the American Heart Association’s Healthy Smiles, Healthy Hearts initiative in collaboration with Delta Dental. Your patients want you involved in their overall health -- and you can be! By offering blood pressure screenings at every visit, dentists can help detect the early signs of heart disease. The American Heart Association’s Healthy Smiles, Healthy Hearts initiative, partnering with Delta Dental, gives you the tools to do just that. Learn more.
