A Brighter Way
  1. About
  2. Tax
  3. Accounting
  4. Practice Planning
  5. New Dentists
  6. Resources
  7. Blog

What Could A Cybercriminal Do To Your Dental Practice

You’re probably familiar with the term Ransomware and the financial toll it’s been taking on companies world-wide. One lesson that we continue to learn time and time again is that nobody is immune to this cyber threat – not even your dental practice.

Instances of cybercrime have reached an all-time high and ensuring that your practice has the procedures in place to guard against an army of determined fraudsters is more important than ever. But before you can implement effective controls, you must have a clear understanding of what it is that threatens your practice.

Know Your Enemy

Ransomware is the infection of a computer which immediately encrypts all recognizable file types. Once your network is infected, a screen will appear on your monitor, conveying the hacker’s demand: pay a ransom in exchange for your practice’s data to be “decrypted” and released or lose it all. The hackers then set the clock, making it clear that if the ransom is not paid before the deadline, your practice’s data will be destroyed.

4 Tips To Help Prevent A Ransomware Attack

To protect your business against Ransomware and other similar threats, I recommend following these best practices:

  1. Train office staff to identify phishing emails.

Numerous vendors can provide your dental practice with phishing tests and video training to help educate your office’s staff about phishing emails and ways to identify possible scams. The goal is to change the mindset of those within your practice when it comes to opening attachments and clicking on hyperlinks.

  1. Set your staff’s Microsoft Active Directory rights.

It’s unlikely that all your employees will need full-access to your practice’s entire database to do their jobs effectively. One way to protect your data is to only grant access to the databases each employee needs to do perform their job duties. This way, if an attack does occur, the damage can be isolated.

  1. Consider implementing programs such as Microsoft “AppLocker.”

When you implement programs like AppLocker, you require users to be assigned access to the programs they need to utilize. Again, this helps to isolate the threat which can help minimize the impact of an attack on your dental practice.

  1. Implement a Disaster Recovery (DR) Plan.

Some research indicates that only about 35 percent of small- to medium-sized businesses have a working and comprehensive disaster recovery plan. Is your dental practice included in this statistic? Business owners like you are learning time and time again just how important it is to have a plan in place to protect your business when crisis strikes. A DR plan, complete with regular plan testing and offsite backup data, will help prepare you for unforeseen events which, under current circumstances, could prove to be catastrophic.

Want to learn more? Email the Bright Dental CPAs for more information about protecting your dental practice from cybercrime.

By Brian Garland (Dublin office) 

Check out these related posts to help keep your dental practice safe:

Is Your Dental Practice Prepared For An IT Disaster?

Is Your Dental Practice in “The Cloud”?

Fraudulent Credit Card Transactions Will Become Your Practice’s Problem On Oct. 1

To Outsource Or Not To Outsource

Outsourced Accounting Dentists - Dental CPA

Heather McNichols, Rea’s director of accounting services, joins Mark Van Benschoten, CPA, CGMA on an episode of unsuitable on Rea Radio to talk about outsourced accounting. Listen to the podcast now.

Your dental practice exists to provide a specific service – to make people feel more confident about their smiles. And your patients expect you to be able to deliver. But, in addition to practicing dentistry, you are expected to be a business owner who sends your small business’s invoices out on time, pays your vendors, meets IRS filing requirements successfully tackles range of other duties you never knew you were expected to know are completed on time and on budget.

But before you throw your hands up and declare the task to be impossible, take a minute to learn how you can make the impossible possible with a little outsourcing magic.

When it comes to outsourcing, particularly outsourced accounting, your service options are virtually endless. You could be looking for a team to take on your entire bookkeeping, payroll or receivables responsibilities on a semi-permanent basis or you could break down a project and have only a few parts of it temporarily outsourced – it’s really up to you.

For example, if you are a new dentist who is just beginning a career in dentistry outsourcing can be incredibly helpful. Why? Because at this stage, you are likely focusing on purchasing equipment, hiring a team of assistants, and marketing your new practice. That means there’s not a whole lot left in the budget to hire an accountant; and even if you could afford it, you probably couldn’t guarantee more than a few hours of work each week. In this scenario, outsourcing your accounting tasks is an ideal solution. Read on for six more reasons why you might want to consider outsourcing for your dental practice.

6 Reasons Dentists Choose To Outsource Accounting Work

  • Temporary Absence: A member of your accounting team has to take a temporary leave of absence; outsourcing can help you fill the gap on a temporary basis.
  • Fraud Protection: Your team can handle your dental practice’s invoicing, but for internal control purposes outsourcing your accounts payable responsibilities may provide an added layer of protection.
  • Ensure Confidentiality: Payroll can be a touchy subject, which is why it may be best for all parties to have your payroll managed outside the practice.
  • Eliminate Turnover: Hiring a person requires an investment of time and money. So when they move on after having only worked for you a few months, the thought of doing it all again can be discouraging. You won’t have this problem when you outsource. In fact, you will gain the certainty of knowing that the work will always be done and that the person preparing it is a highly trained professional in the field.
  • Avoid Software Costs: Outsourcing your accounting services also allows you to avoid the costs associated with purchasing and upgrading computer software such as QuickBooks, Peachtree and the Sage products. That’s more savings that can be invested elsewhere in your office.
  • Guaranteed Compliance: Government regulations change frequently, especially in the payroll sphere; and having outdated information can be costly. Outsourcing gives you access to people who make it their business to know if and when changes occur.

The staffing challenge your dental practice is facing is unique. But customizable solutions are available regardless of whether you are a new dentist or a seasoned dental professional. Email the Bright Dental CPAs at Rea & Associates to find out how outsourcing can help your practice thrive.

By Heather McNichols (New Philadelphia office)

Unsuitable IconWant to learn more about outsourced accounting services? Check out EPISODE 16 of the podcast UNSUITABLE on Rea Radio. On this quick 19-minute episode, OUTSOURCING: QUITE POSSIBLY YOUR MOST POWERFUL RESOURCE, Heather discusses some of the common misconceptions business owners have about outsourcing, among other topics.

ID Thieves Don’t Discriminate, Health Professionals Are At Risk

ID Theft and Refund Fraud - Dental CPA

Health professionals are at risk of identification theft and refund fraud. This compilation of resources offered in this Rea & Associates resource will help you through the next steps to reclaiming your identity if you have been targeted.

What has become abundantly clear over the last several years is that it doesn’t matter who you are, where you live or how you make a living – identity thieves do not discriminate. While tax refund fraud has been around since 2008, the size and scope of the scam has ballooned since then. Fast forward to 2013, and we find that the rapid escalation of this particular scam claimed a jaw-dropping $5.2 billion, according to the United States Government Accountability Office.

Locally, business owners continue to steadily report instances of identity theft and tax refund fraud to local law enforcement as well as to their financial advisors. From our perspective, we continue to see more instances of refund fraud than in previous years, particularly among healthcare professionals, which is a trend that is only expected to get worse.

Read: How To Recover From Identity Theft & Refund Fraud

Is It Too Late For You?

You probably won’t even know that you’ve been a victim of tax refund fraud until it’s too late. Some taxpayers will learn about the breach after receiving a letter from the IRS or from their state’s taxation department. It’s also likely that your accountant will be the first one to make the discovery when they try to file your tax return and receive a notification that the name and Social Security Number of their client – you – has already been used.

Here’s where it gets tricky.

Once it’s been discovered that you have been victimized, the burden is on you to prove your identity to the IRS to obtain the tax refund that is rightfully yours. The good news is that once you are able to prove that you are who you say you are, the IRS will happily release your money. But the bad news is that the entire process can take a lot of time and can be confusing to navigate.

Rea & Associates recently released a compilation of documents and resources from a variety of sources to help victims recover from Identity Theft & Refund Fraud, which can be an overwhelming task in itself. The steps victims must complete include:

  • Filing a report with the local police
  • Filing a complaint with the Federal Trade Commission
  • Contact one of the three major credit bureaus to place a “fraud alert on your credit records.
  • Respond immediately to any IRS notice by calling the number provided
  • Complete the Identity Theft Affidavit

You don’t have to go through it alone. Your financial advisor can help you through the steps and can communicate with the IRS on your behalf. Your advisor can also determine the validity of documents and phone calls if you have further concerns.

IRS Calling? Don’t Buy It

In addition to stealing your federal and state tax returns, some scammers are going the extra mile to harass their victims to pay “back taxes” that they don’t actually owe. It’s important to remember that the IRS will never contact you by phone or in person. The first correspondence you will have with the IRS will always be in the form of a letter – not a phone call. Last year, more than 1,000 taxpayers collectively lost about $5 million after scammers called to demand payment to settle their debt with the IRS. Failure to pay, the scammers warned, would result in jail time and driver’s license revocation.

For additional guidance, click here to read How to Recover from Identity Theft & Refund Fraud: A Compilation of Documents and Resources and get access to valuable information about what you should watch out for and how you can recover. For more information or for help claiming your tax return, email the Bright Dental CPAs at Rea & Associates.

By Alan Hill, CPA (Mentor office)

 

Related Articles

Is Your Dental Practice Safe From Scammers?

Dental Practices Should Beware Of Wire Transfer Scam

10 Ways To Protect Your Dental Practice From Theft

Dental Practices Should Beware Of Wire Transfer Scam

The Federal Bureau of Investigation (FBI) issued a wire transfer scam alert for all small businesses in the United States. According to the FBI alert, between October 2013 and December 2014, 1,198 complaints from U.S.-based companies were received dealing with wire transfer scams. Losses from these incidents totaled more than $179 million. The FBI also reports that the scams can follow a Ransomware incident, and may involve a fraudster contacting a vendor and requesting a change of payment to an alternate fraudster-controlled bank account.

Though this particular alert was intended for small business owners, dental practice owners should also consider the impact of this scam and determine if their practice is safe from such a scam.

How To Mitigate This Type of Scam

The FBI recommends the following mitigation steps for these types of scams:

  • Keep all of your anti-virus software up-to-date.
  • Educate your practice employees about security best practices.
  • Be sure that any changes to payments via electronic transfer are verified with an employee of the bank and at a phone number that you utilize for assistance.
  • Don’t use alternate phone numbers provided via email or by a bank representative contacting you.
  • Always call the institution back and verify that you are communicating with your bank.
  • Monitor all of your practice’s financial transactions on a daily basis. Suspected electronic fraud must be reported in a single business work day.
  • Use two-party authorization access to complete all wire transfer transactions.
  • Utilize biometric authentication to verify the identity of authorized users.
  • Use online bank portals that require strong fraud controls to complete all wire transfer transactions.

You can find more information about the FBI’s scam alert here. This site also provides detailed samples of how the scams will be run against unsuspecting businesses.

If you have any specific questions about how this scam might impact you or if would like more information on IT security best practices, contact our Bright Dental CPAs.

By: Ryan Dumermuth, CPA, CFP (Mentor office)

 

Related Articles

Is Your Dental Practice Safe From Scammers?

Is Your Dental Practice Prepared For An IT Disaster?

The Important Role IT Security Plays Within Your Dental Practice

Is Your Dental Practice Safe From Scammers?

One of our clients, a dentist, received a disturbing email last week … from himself.

The message said that he was robbed while on vacation with his family and needed money to pay his hotel bill and to purchase plane tickets to return home. The scammers attempted to make the email appear genuine by using the dentist’s name and address. It was then sent to his entire contact list.

Fortunately, his contacts realized that the email was a scam and did not send money. However this email serves as another reminder of how persistent and clever scammers have become. For example, this particular email referenced our client’s name, business address, office phone number and even used the “DDS” distinction following his name in the signature.

Is Your Practice Safe?

Avoid becoming a scammer’s next victim. Here are a few scams you should be on the lookout for.

What it is: A popular file encrypting program that locks your computer and your computer’s files until you pay up. Some victims have reportedly paid up to $10,000 to get their files back.

How to protect yourself: The best way to protect yourself against this is to back up your computer and files daily. You also want to be sure not to click on any links from emails that you aren’t expecting.

What it is: Victims receive a phone call from a scammer claiming to be an IRS representative. The caller threatens the victim with legal action if back taxes are not paid immediately.

How to protect yourself: Remember that the IRS will never call or email you in an attempt to collect payment. They will also never ask for your credit card or social security information over the phone. If you ever receive a call from somebody claiming to be the IRS, hang up and call the Treasury Inspector General for Tax Administration at (800) 366-4484. You should also contact the Federal Trade Commission by using the “FTC Complaint Assistant” at www.ftc.gov. Add “IRS Telephone Scam” to the comments of your complaint.

What it is: If your tax return was rejected by the IRS after you filed it online, it’s likely a scammer filed a tax return using your name and social security number to get a fraudulent refund. Thousands of American taxpayers were victims of this scam last year – and there is no reason to believe that this scam is going away.

How to protect yourself: Provide your tax documents to your CPA as early as possible. The best way to ensure that your tax return is filed correctly and that your refund is distributed appropriately (if one is due), is to beat the scammers and file your return early.

Protect Yourself and Your Practice

Contact a Bright Dental CPA if you have been affected by one of these scams or want more information on how to protect yourself against these threats.

Author: Dan Bialek, CPA (Mentor office)

 

Related Articles:

Is Your Dental Practice Prepared For An IT Disaster?

The Important Role IT Security Plays Within Your Dental Practice

 

Rea & Associates, Inc. | Bright Dental CPAs | 7201 Center St, Mentor, Ohio 44060-4858
phone + 440-266-0077