With a continuous stream of major data breaches hitting the news, it’s understandable why so many dental practices are hesitant to use digital services and move information to the cloud. It may feel safer to live off the grid and only use paper. However, paper and mail have their own host of problems that can put your practice and patients at risk.
Myth: Most identity theft happens online.
While cybercrime and major data breaches make headlines, the majority of cases where personal information is compromised are due to non-digital methods. A University of Texas report found that 53% of reported incidents of identity theft were purely analog (primarily involving physical actions including item theft or social engineering). Only 46% of identity theft involved digital methods like hacking, and 1% involved a combination of analog and digital methods.
Myth: Mail is more secure than sending information electronically.
Mail is increasingly the target for malicious activity. As more companies have adopted strict cybersecurity protections, stealing mail has become the easiest method for criminals to obtain personal information. Reports of “mail fishing”, breaking into mailboxes, have doubled in the past few years in major cities. New York City reports close to an average of 3000 cases annually.
Myth: Checks are the safest method of payment.
Just as mail has become an easier target due to increased cybersecurity, paper checks have seen an increase in criminal activity. J.P. Morgan Chase reported that last year 70% of the businesses surveyed were victim to some form of check fraud (theft, forgery, washing, etc). Similarly, the American Bankers Association states that check fraud makes up roughly 32% of financial losses annually. When possible, it is safer to use a secure digital transfer of funds over checks. Mailing checks puts your practice’s financial information at risk of getting stolen from a mailbox.
Myth: A notebook is the safest place to keep passwords.
Going back to the University of Texas report, a portion of identity theft actually involves a combination of analog and digital methods. Typically, this involves the theft of a physical item (ex. notebook, sticky note, portable hard drive, etc) allowing access to digital accounts. If you’re keeping your passwords written down within your practice, it is accessible to the visitors of your public space. Cloud-based password managers like 1Password and LastPass are a great alternative to protect your passwords with encryption. These programs are also accessible through any device.
Myth: All paper shredding is equal.
You might assume that as long as you run your practice’s documents through a shredder that they are safe to be thrown away or recycled without risk of any sensitive information being stolen. However, there are a variety of paper shredders and only a few are in compliance with HIPAA guidelines. There are three main types of shredders: strip-cut (long single strips of paper), cross-cut (short thin strips), and micro-cut (paper is now a powder-like consistency). Strip-cut remains are relatively easy to reassemble, that’s why HIPAA requires your practice to dispose of documents with a minimum of a cross-cut shredder.
The best defense.
Ultimately, one of the best defenses against analog identity theft and mail fraud is to minimize the amount of paper you create. Making use of Electronic Remittance Advice and digital EOBs can help you to cut down on the amount of patient information hanging around your practice. And using services like Remote Lite powered by rPractice for claims processing and attachments eliminates the need for your practice to mail claims.