350 Million Customer Records and Voicemails Exposed in Databas

 

Data, data, and more data.  It seems that no matter what form it takes, businesses are keeping more and more info about us.  That's not always a bad thing... as long as it is secure.  However VOIP provider Broadvoice was keeping digital records of customers as well as customer voicemails and storing them online without any security at all... not even a password was needed to access the data.

This mistake, exposed 350 million customers to potential fraud and identity theft.  Why the company felt the need to store all of these voicemails is beyond me, but in a bit of defense of Broadvoice, the information was from a company that they had acquired a few years ago.  That means they may not have even been aware of the potential for a breach, but legally they are still responsible.

According to Comparitech, one of their security specialists found the database on October 1 and by October 4 it had been locked down and secured.  Kudos to Broadvoice for moving so quickly, but no one has any idea if anyone else managed to find the info prior to the October 1 discovery and notification.

Some of the records involved were for healthcare and included PHI while others were from financial institutions.

For the full story, follow this link...  

The ADA FDC Virtual Connect Conference is this Weekend!!!

 

The ADA FDC Virtual Connect Conference, Oct. 15–17, is a live and on-demand experience packed with new features and engaging activities designed to make the most of the virtual environment. ADA FDC 2020 will integrate our members’ professional and personal growth needs with their daily lives. How they engage in the virtual conference is up to them. Attendees can enjoy live events with others and interact with speakers. Or, if they have a busy day, attendees can catch up later with on-demand access and still be in-the-know about the latest in dentistry. 

Here are some top reasons to attend the ADA FDC Virtual Connect Conference: 

1. Convenience and flexibility—Enjoy from your personal space, the local café, or the office—on your own time! And best of all … most sessions remain available on demand through Dec. 31, 2020. Browse our Virtual Exhibit Hall 24/7 featuring the 2020 Cellerant Best of Class Technology Award winners.
2. Amazing Content—Learn from the top thought leaders in dentistry:
• Frank Spear, DDS, MSD
• Lee Ann Brady, DMD
• Gary DeWood, DDS, MS
• Jose-Luis Ruiz, DDS
• Technology Thought Leaders
• Paul Feuerstein, DMD
• John Flucke, DDS
• Marty Jablow, DMD
• Pamela Maragliano-Muniz, DMD
• Chris Salierno, DDS
• Lou Shuman, DMD, CAGS

3. Camaraderie

• Get with like-minded people at our Community Meet-ups. Enjoy beer tasting, wine tasting and a book club.
• Enjoy a concert by multiplatinum, five-time Grammy award winning group Lady A.
• Play games like trivia and earn points/win prizes.
• Join the virtual 5K and run, walk or cycle for Give Kids a Smile.
• Participate in morning wellness programs.

4. Great Value 

• For less than $200, ADA members get all the available CE, networking events, and speaker sessions. 
• We are investing in the future by giving students, grad students, and dental team students a rate of just $19!
• Members $199
• Non Member & Other Allied Health Professional $299
• Team & Guest $119
• Student, Grad Student, Dental Team Student $19

For your convenience, here is a schedule of events:

THURSDAY, OCTOBER 15

4–5:30 p.m. Staffed Exhibit Hall

5:30–6:15 p.m. Evening Opening Session

6:15–7:15 p.m. Virtual Concert with Lady A

FRIDAY, OCTOBER 16

7 a.m. Virtual Exhibit Hall opens

7–8 a.m. Morning Wellness Activities

9 a.m.–Noon CE Sessions

Noon–2 p.m. Staffed Exhibit Hall

2–4 p.m. Speaker Chats

2–4:30 p.m. Afternoon Workshops

4–5:30 p.m. Staffed Exhibit Hall

5:30–6 p.m. Evening Session

6:30–7:30 p.m. Community Meet-ups-Wine tasting, beer tasting, book club

SATURDAY, OCTOBER 17

7 a.m. Virtual Exhibit Hall opens

7–8 a.m. Morning Wellness Activities

9 a.m.–Noon CE Sessions

Noon–2 p.m. Staffed Exhibit Hall

2–4 p.m. Speaker Chats

2–5:30 p.m. Afternoon Workshops

4–5:30 p.m. Staffed Exhibit Hall

5:30–6 p.m. Evening Closing Session

6:30–7:30 p.m. Live Trivia

ADA FDC Virtual Connect Conference will be the premier digital event in the industry, and we’re not done yet—we have a big announcement coming during the Evening Opening Session on Thursday night!

Please let us know if you need more information or have any questions. You can also visit ADA.org/meeting for more details.

Universal Battery Charger EASTSHINE S2 LCD Display Speedy Smart Charger for Rechargeable Batteries

 

Our lives in the dental office are becoming more and more dependent on batteries.  I've complained more than once about how the profession is struggling with what I call "countertop real estate" as we accumulate more and more high tech hardware, but are forced to function on countertops that are the same size they were in the 70s.  We flat out need more space to store all of the hardware we are using on an almost every case basis.  

Along with the the lack of counter space we are dealing with, many of us are also dealing with a lack of electrical outlets as well.  Thankfully  a lot of companies are now creating devices that are battery powered.  That cuts down on clutter, cords, and allows the team to put the hardware in the area where it is easiest to use and not "closest to the outlet" which is frequently a necessary situation.

However, along with the usage of batteries, also comes the problem of keeping them charged.  Unfortunately if a product has replaceable batteries, the device comes with a battery charger as well.  While I welcome having the needed charging equipment, there also comes the unfortunate aspect of "charger clutter" as the chargers all need a home and/or storage.  I've also seen some chargers knocked off a counter (due to clutter) and disintegrate upon impact with the floor.  Now the office needs a new charger or their batter operated device is worthless.

How do we solve the problem of so many batteries and so many chargers?  The picture at the top of this post is one way I've started battling this.  The charger in the picture is a device that is designed to charge multiple types of batteries.  In fact it can charge Ni-MH, Ni-Cd, AA, AAA, Li-Ion, LiFePO4, IMR, 10440, 14500, 16340, 18650, RCR123, 26650, 18500, and 17670 re-chargeables.

The great thing about this is that I have one charger that does several jobs.  That means "counter clutter" drops considerably.  The device also charges batteries quickly so there isn't as much downtime if I have limited amounts of batteries.  It's a smart charger so it adjusts its charging to whatever battery is in it which means the best charge in the best time.  All of this for $19.95!

It be purchased at Amazon.

One other suggestion I'd make is to take any batteries that you feel you don't have enough of and take them to a local battery store.  Often times device batteries are off the shelf parts and are readily available without paying excessive prices from the manufacturer.  That means your devices have more batteries to run on without spending yourself into debt on the batteries.

COVID-19 Is Now the Third Leading Cause of Death in the U.S.

 

The title of this post says it all.  While many have politicized the disease, creating the term "anti-masker", the numbers in this epidemic tell a tale that science proves.

A recent article in Scientific American bears reading by everyone, whether you are in healthcare or not.  Covid-19 has killed scores of Americans and we are doing very little to stop it.

In fact, rather than me rambling on here about the disease and the numbers, it's a whole lot easier to simply supply a link and encourage all of you to read the article.

Numbers do not lie, numbers are not political...

Ransomware Victims Who Pay May be Vulnerable to Fines from the Federal Government

 

 

 

The scourge of Ransomware seems to be everywhere in healthcare these days.  Of course it’s not just a healthcare problem either.  A couple of months ago GPS giant Garmin Industries had almost their entire system knocked offline by a Ransomware attack that made headlines all over the world.

 

This entire subject matter is a fascinating game of cat and mouse (unless you are unlucky enough to be involved), with companies trying to avoid paying ransoms while the criminals try and force their hand through escalations.  Many perpetrators are now not only demanding a ransom, but are threatening to reveal confidential data online.

 

One of the newer ploys now in play involves the copying and removal of data before encryption.  Once the criminals gain access to the network, they copy and offload critical and confidential data.  They then unleash the Ransomware which encrypts the compromised computer’s hard drive.  In a worst case scenario the criminals have the ability for the Ransomware to hopscotch across the network encrypting every hard drive that is connected.  Then the victim is told that not only is their data encrypted, but that they must pay up within X hours or your data is gone PLUS they will release the confidential data on the web for all to see.

 

Obviously there can be a great amount of pressure to pay the ransom in a scenario such as that… especially in healthcare where HIPAA violations and the resultant fines loom large.  It used to be that a good backup could bring a business back without having to worry about paying the ransom, but the release of confidential data takes this to whole new level.

 

But now… adding to all of the above stress and “worst case scenarios”, comes the possibility of being caught between the proverbial rock and a hard place.  It seems that if the Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned the Ransomware perpetrators, paying the ransom can actually expose the victim to federal penalties.  New guidance states "a person subject to U.S. jurisdiction may be held civilly liable even if it did not know or have reason to know it was engaging in a transaction with a person that is prohibited under sanctions laws and regulations administered by OFAC. "

 

Basically the translation is that even if you don’t know you are breaking the law, you can be held liable.  I’m not sure where HIPAA and releasing other confidential information falls within this, but it’s hardly equitable for a victim to continue to be victimized from both sides fo the equation.  The Treasury Department Advisory Position can be read here.  

Apteryx Imaging Enters Government-Funded International Consortium Agreement with Trestle GmbH to Develop Artificial Intelligence Software Applications for Dentistry

 

We are seeing an incredible amount of work with artificial intelligence in dentistry, especially in the analysis of radiographs.  Over the past couple of years, I've worked with several companies that are working on projects that will allow for the faster and potentially more accurate reading of x-rays by dental personnel.  Now comes this announcement from one of the industry leaders, Apteryx.

Apteryx Imaging Inc., a subsidiary of Planet DDS, is pleased to announce that it has recently entered into an agreement with German-based Trestle GmbH, (Trestle) to co-develop a set of software modules using AI and Deep Machine Learning (DML) designed to address critically important, common diagnostic use cases in the dental imaging space. Intended users of the applications are all players in the dental ecosystem, including, device manufacturers and operators, radiologists and other imaging specialists, medical and dental care professionals, laboratories, insurance companies, research institutes, academia, analytics providers and patients alike.

Dr. David Gane, CEO of Apteryx Imaging, stated, “Apteryx is excited to contribute our dental domain management expertise, custom software development team, support, sales and marketing services along with de-identified image data to this project. The resources we provide complement Trestle’s AI, data science and project management expertise talents in the development of our go-forward AI software strategy.”

This development initiative, which will be conducted with financial contributions from both the Government of Canada’s NRC IRAP Program and the Government of Germany’s ZIM innovation program, is currently scheduled to conclude on May 31, 2021.

The CEO of Trestle, Thomas Gustinis, commented, “We couldn’t be more excited to partner with Apteryx and Planet DDS on a journey that promises to revolutionize dentistry. With the consolidation of dental practices mirroring health care industry trends, the need for standardization, automation and improved quality by way of reduced variability and lower costs has never been greater. Through our partnership, we are confident that our joint expertise will bring a suite of tools that will empower dental organizations to realize the future of their industry.”

For more information on Apteryx Imaging, please visit www.apteryx.com.

About Apteryx Imaging Inc.

Apteryx Imaging, a subsidiary of Planet DDS, has provided dentists and oral health specialists with advanced diagnostic imaging software and device technologies for over 20 years. Apteryx's proprietary technologies include XrayVision, XVWeb and XrayVision DCV imaging software solutions, the VELscope Vx Enhanced Oral Assessment and TUXEDO Intraoral Sensors.

Backed by an experienced leadership team and dedicated to a higher level of service and support, Apteryx is committed to providing dental practitioners with the best technology available by identifying and adding leading products to its growing portfolio. For more information about Apteryx, its productsand services, please visit www.apteryx.com or call 877-278-3799.

About Planet DDS

Planet DDS is the largest independent provider of cloud-native practice management software to the dental industry. The company's flagship product, Denticon, is the only proven, time-tested software offering that was built from the ground up for multi-location groups in the cloud. Denticon has the largest footprint among emerging and established dental groups of any cloud software provider, allowing clients to break free from the constraints of desktop software with a comprehensive solution that includes the tools needed to standardize, centralize, and grow. All while reducing IT cost and enhancing security. Learn more about Denticon at www.planetdds.com. Planet DDS is a portfolio company of Level Equity Management, LLC.

About Trestle GmbH

Trestle is a German-based consulting company with experience in digital transformation that utilizes artificial intelligence to ideate, design and deploy unique solutions that empower innovators to create the future of their industry. Their platform design and development employs machine learning engineers, software developers and project management resources with the capabilities, core technology and know-how to provide its customers with AI software functionality in a wide variety of industries. 

Cell-Site Simulators/IMSI Catchers and Your HIPAA Protected Data

 

When you call another office to discuss a patient with another treating doctor, you don't need to worry about HIPAA violations occurring.  That's because the telephone is considered to be a secure mode of communication.  We don't have party lines anymore that allow anyone to listen in and the only way someone can legally listen to a conversation is with a court issued warrant.

However on your mobile phone, things can be very different.  Now your mobile phone is supposed to be treated legally like a landline phone, but that isn't always the case in the current environment.  That's because of devices known as "Cell Site Simulators" or "IMSI Catchers".

In a perfect world, your cell phone connects to a tower near you that has the strongest signal between its transmitter and your phone.  The phone then connects and sets up a secure line of communication.  I emphasize that's the way it is supposed to happen.  The truth can sometimes be quite different.

In today's current environment law enforcement agencies can deploy "Cell Site Simulators" or "IMSI Catchers".  These are devices that "spoof" a normal cell phone tower.  What happens is your phone, thinking the IMSI Catcher is a regular cell phone tower, connects to the Catcher just as it would the tower.  In reality, the Catcher is a different story.

Imagine shipping something in a box to your mom.  You drop the box off at the UPS store and you have it all stored.  The package is picked up by UPS, taken to your destination, and delivered to your mom.  She opens it and takes out whatever it is you sent.  That''s how things work with "normal" cell phone calls.

With Catchers, here's what happens.  You drop the box off at the UPS store, after you leave the store and before it is picked up by UPS, someone opens the box, removes the contents, examines them, makes notes or takes pictures, and then puts everything back and reseals the box.  This box is then picked up by UPS and delivered to your mom.  Neither you  nor you mother have any idea that someone else opened the box and examined and recorded all of its contents.

Catchers are deployed by law enforcement.  They spoof themselves as cell phone towers and when your phone connects, they record everything your phone does.  They also pass the signal along so that your call or text message or whatever goes on through and no one is the wiser.  Whoever is in range of the Catcher has their phone connect to it.  The device does not discriminate, it does not need a warrant.  It allows a third party to completely record everything your phone does, tracks your location, everything.  All without a warrant.

I have a lot of concerns about these devices.  Obviously having literally *everything* you say or do on your phone recorded screams of a violation of our constitutional rights, but how about HIPAA?  Can you truly discuss a patient on a call that just may be being recorded for posterity?

That's something everyone in healthcare should ponder.  We should also be asking our law enforcement agencies exactly why they are doing this and how can it be legal?

There is a great article on this subject that you can read on the website of the Electronic Freedom Foundation.  I think it is required reading.

\