Recent incidents

Two of the more instructive dental data breaches from recent enforcement.

Chord Specialty Dental Partners

173,000 patients affectedVector: Unauthorized network access

Takeaway: Multi-location groups are a high-value target. One shared back-office server can expose every location simultaneously. Practice isolation and per-record encryption keys are the first line of defense.

Rinehart Dentistry

25,000 patients affectedVector: Ransomware / credential compromise

Takeaway: Ransomware continues to be the #1 vector for independent practices. MFA on every account and encrypted backups are non-negotiable.

How Intake.Dental prevents these failures

Six protective layers shipped on every Intake.Dental account.

Dual-layer encryption

Every PHI field gets its own AES-256-GCM data encryption key, optionally wrapped in our Glyph Cipher polyglottal layer. If one record is ever exposed, the rest of the database stays dark.

Ransomware resistance

Per-record encryption keys mean a server compromise doesn't equal a database compromise. Attackers have to break each record individually.

Phishing protection

Role-based access control, MFA, and automatic session timeout on every account. Staff can only see the data their role actually needs.

Complete audit trails

Append-only timestamped access logs with IP and user identification on every PHI read and write. Exportable for your own compliance audits.

Hardening your own practice

✓Encrypt data at rest and in transit — no exceptions
✓Implement multi-factor authentication on every account that touches PHI
✓Keep software and firmware patched on every endpoint
✓Train staff on phishing — most breaches start with a bad click
✓Only use HIPAA-compliant vendors with executed BAAs in place
✓Document an incident response plan and rehearse the 72-hour notification timeline

Read our full HIPAA compliance approach

Practice isolation

Tenant-specific encryption and row-level security mean no practice can ever see another practice's data — even in a worst-case application bug.

BAA + 72-hour incident response

Signed Business Associate Agreements with every practice and a 72-hour incident notification runbook built into our on-call rotation.

Data Breach Tracker

Dental data breaches are accelerating

Every breach represents a real dental practice facing fines, lawsuits, and patients who may never come back. Here's what's happening, why, and how to prevent it at your practice.

Protect your patients before a breach forces the conversation

Every Intake.Dental account ships with the protections above — encryption, MFA, audit logging, and an executed BAA — at no extra cost.

무료로 시작하기 데모 예약하기