Applied Cybersecurity for Dental Practices
15 December 2025
Healthcare Data Backup & Recovery Solutions for Dental practices
An operational, regulatory, and strategic pillar of IT security
1 Context: digitisation makes practices dependent on their data
In recent years, medical and dental practice has undergone extensive digitisation. In a modern practice, IT is no longer limited to billing or scheduling: it structures the patient record, centralises imaging, organises traceability, and supports care delivery. Dental practice data backup is no longer a secondary concern — it is a central issue for any healthcare facility.
In dentistry and orthodontics, this transformation is particularly visible: digital radiology (intraoral, panoramic), cone beam scanners, optical impression cameras, practice management software, tracking systems, document exchanges, and sometimes even patient communication tools. In general medicine, the computerised patient record, reports, test results, administrative management, and professional tools follow a similar logic: the entire practice depends on its data and systems.
This progress improves the quality of care, diagnostic accuracy, and continuity of follow-up. But it introduces an inescapable reality: a practice can be brought to a standstill by an IT incident, even when the team, the technical facilities, and the clinical expertise are all present. A hardware failure, data corruption, a ransomware attack, or a simple handling error can render critical information unavailable (imaging, medical history, allergies, treatment plans, reports), with a direct impact on operations and potentially on the safety of care.
Data backup is not an "IT nice-to-have". It is a business continuity mechanism: it determines the practice's ability to continue providing care, to meet regulatory obligations, and to protect patients.
2 What are we really talking about? Data, applications, continuity
Before choosing a solution, it is worth clarifying three straightforward concepts.
2.1 Data vs applications
- Data: patient records, imaging, documents, practice management databases, export files, etc.
- Applications: practice management software, imaging software, management systems, servers, workstations, etc.
A "data" backup does not necessarily guarantee rapid restoration of "operations" if the applications cannot be restarted. Conversely, a system image without up-to-date data is of no clinical use.
2.2 Two objectives: avoid loss, and restore quickly
An effective strategy typically aims to:
- limit the acceptable data loss (how many hours or days of input can you afford to lose?),
- limit the acceptable recovery time (how long can the practice operate in degraded mode?).
Even without technical jargon, these two questions drive the key decisions: backup frequency, redundancy, testing, and priority given to critical data.
2.3 Real-world data volumes in practice
In practice, data volumes vary significantly depending on the equipment in use:
| Data type | Typical volume | Difficulty | Constraints |
|---|---|---|---|
| Practice management software (database) | 200 MB to 4 GB | Easy | Files sometimes locked |
| Intraoral radiology | 4 GB to 80 GB | Easy to moderate | Files sometimes locked |
| Panoramic radiology | 20 GB to 400 GB | Moderate to difficult | Large volume |
| Cone Beam (CBCT) | 50 GB to 1 TB | Moderate to difficult | Very large volume |
Beyond a certain volume, backup is no longer "an external drive every now and then": it becomes a process that must be automated, verified, and restorable.
3 Why backup is essential in healthcare
3.1 Confidentiality, integrity, availability: the healthcare triad
In healthcare, the concern goes beyond confidentiality. Data must also be:
- intact (unaltered),
- available (accessible when patient care depends on it).
An inaccessible patient record on the day of a consultation, unavailable imaging, or a corrupted database can disrupt care, delay a decision, or lead to wasted time and risk.
3.2 Continuity of care and risk management
Continuity is not merely a convenience: it is part of sound risk management. In the event of an incident, the practice must be able to:
- retrieve appointments,
- access patient records,
- locate essential medical documents,
- continue delivering care, even in degraded mode.
Backup is the primary tool that enables a return to a functional state after an incident.
3.3 Professional liability
Regulations govern the creation and retention of medical records, placing on the practitioner a duty of safekeeping and protection. Practitioners must be able to demonstrate a coherent organisation for securing and preserving data, particularly when records are held electronically.
4 Threats and incidents: what backup must actually cover
Backup is often associated with "a hard drive failure". In reality, it must cover a much broader range of events.
4.1 Technical failures and incidents
- disk / server / NAS failure,
- database corruption,
- faulty software update,
- electrical incident,
- hardware ageing.
4.2 Human error
- accidental deletion,
- mishandling of records,
- file overwriting,
- misconfiguration.
4.3 Local disasters
- theft,
- fire,
- water damage.
In these scenarios, a backup stored exclusively on the same premises loses much of its value.
4.4 Cyberattacks (including ransomware)
In healthcare, cyberattacks are a reality and can target even small-scale facilities. Common attack mechanisms include:
- phishing (credential theft),
- intrusion via software vulnerability,
- ransomware (encryption and paralysis).
In a ransomware scenario, a backup that is not isolated (or that is writable from the compromised network) can be encrypted as well. Backup must therefore be designed with the assumption that the network may be attacked.
5 Legal and regulatory framework: obligations and key considerations
This section is intentionally measured: it distinguishes between clear legal obligations and recommended best practices. The references below are drawn from French healthcare law, which provides one of the most detailed frameworks in this area. Equivalent regulations exist in most jurisdictions — for example, HIPAA in the United States, the UK GDPR and NHS Data Security Standards in the United Kingdom, and comparable data protection legislation across the EU and beyond.
5.1 French Law of 4 March 2002 (Patient Rights)
The French Law of 4 March 2002 (known as the "Kouchner Law") strengthened patient rights, including access to health information and the quality of the care relationship. It forms part of a broader body of French healthcare regulations governing the management of medical information (access, retention, disclosure).
5.2 French Public Health Code: duty of record retention
Healthcare professionals are subject to ethical and regulatory obligations regarding the creation and retention of clinical records. For example, Article R.4127-45 of the French Public Health Code (professional conduct rules) establishes the practitioner's duty to preserve medical records (depending on the profession and specific context). The underlying principle is essential: medical records are the responsibility of the practitioner. Similar duties exist under healthcare regulation in most countries.
5.3 Retention periods: beware of confusion between "record retention" and "limitation periods"
The figure "10 years" is frequently cited: it corresponds, in particular, to the limitation period for medical liability in France, set at 10 years from the date of damage consolidation (Article L.1142-28 of the French Public Health Code). This does not automatically mean that "all records must be kept for exactly 10 years and no longer", nor does it override specific requirements from other regulations (hospitals, imaging, professional body rules, etc.).
In practice, many organisations adopt retention periods at least equivalent — sometimes longer — as a risk management measure (best practice). This should be expressed as such: a recommendation, not a universal obligation. Practitioners should consult the retention requirements applicable in their own jurisdiction.
5.4 GDPR: security of personal data, including health data
The GDPR requires appropriate technical and organisational measures to ensure data security (confidentiality, integrity, availability). In healthcare, health data is a specially protected category: processing is prohibited in principle, except under the specific exemptions provided by the GDPR and applicable national legislation.
An important distinction:
- The retention of data necessary for care and medical management does not rely "by default" on consent, but on appropriate legal bases (legal obligation, provision of healthcare, public interest in health, etc., depending on the specific processing).
- Consent comes into play mainly for specific purposes (e.g. purposes not necessary for the delivery of care).
5.5 Health data hosting (HDS certification)
For the external hosting of health data, French healthcare regulations require the use of a provider holding HDS (Hébergeur de Données de Santé — French Health Data Hosting certification). The certification standards and procedures are published by official bodies (ANS / French Digital Health Agency). Other countries impose comparable requirements — for instance, HIPAA-compliant hosting in the United States, or NHS DSPT-approved hosting in the United Kingdom.
In practical terms, if a practice entrusts health data to a hosting provider, it must verify compliance with applicable health data hosting standards.
5.6 Multi-practitioner practices: who owns the data?
Care teams are not static, and every dental surgeon may change their practice arrangement over the course of a career. Data ownership is a point that is frequently overlooked.
Liberal collaboration (collaboration libérale — a French arrangement where an associate practitioner works alongside the principal on an independent, self-employed basis)
Every associate practitioner retains their own patient base. If the collaboration ends, they must recover a copy of their data rather than leaving it exclusively in the principal's database. This process requires careful sorting when multiple practitioners share the same database. The backup strategy must anticipate this separation.
SELARL (Société d'Exercice Libéral à Responsabilité Limitée — a French limited-liability company structure for liberal professions, similar to a professional LLC)
In a SELARL, the patient base belongs to the company, not to the individual practitioners. The SELARL is therefore responsible for retaining medical records and for providing them to patients upon request. Backup falls under the responsibility of the corporate entity.
Cessation of activity
When a dental surgeon ceases practice (retirement, relocation, illness, etc.), they must ensure continuity of care by making their records available to a potential successor. In the absence of a successor, they must either retain the records themselves, entrust them to a certified archiving company, or transmit them individually to the patients concerned.
Implication for backup: in all of these scenarios, the ability to extract, separate, and transfer data depends directly on having an up-to-date and usable backup. A practice without reliable backup is unable to fulfil these obligations.
6 Real-world constraints in practice: why it is difficult "in real life"
Best practices exist, but a practice must contend with day-to-day constraints.
6.1 Heterogeneous systems
In most cases, a practice does not run "a single piece of software":
- practice management software,
- imaging software,
- sensor systems and peripherals,
- multiple workstations,
- sometimes a server or NAS,
- sometimes a partial cloud solution.
Some data resides in a database, some in files, some with a third-party provider — sometimes in proprietary formats.
6.2 Locked files and "hot" backup
Some software locks files while they are in use (active database), which makes a simple file copy ineffective. This calls for:
- export functions,
- application-level backup features,
- or dedicated backup solutions capable of handling live databases.
6.3 Usability and cognitive load
A backup strategy often fails for a simple reason: it requires too many manual steps. In a healthcare setting, the system must be:
- automated,
- verified,
- documented,
- and understandable by the entire team.
7 Solutions: local, cloud, hybrid... and above all, "managed"
7.1 Local backup (disk / NAS)
Advantages:
- fast on-site restoration,
- controlled cost,
- direct control.
Limitations:
- vulnerable to theft and local disasters,
- at risk in a ransomware scenario if the NAS is accessible from the network,
- requires monitoring (otherwise the failure is discovered the day it is needed).
7.2 Off-site backup (cloud)
Advantages:
- protection against local disasters,
- typically stronger redundancy,
- monitoring can be delegated to a provider.
Limitations:
- dependence on internet connectivity for full restoration,
- need to verify compliance (including health data hosting certification where applicable),
- recurring cost.
7.3 Hybrid approach (often the most realistic)
Principle:
- a local backup for fast restoration,
- an off-site copy for resilience against disasters and cyberattacks.
A hybrid approach is often the best answer to real-world constraints: speed + security.
8 Recommended architecture: practical, verifiable principles
This section describes principles that are widely recognised and consistent with data protection authority recommendations on backup.
8.1 The 3-2-1 rule (redundancy)
- 3 copies of the data,
- on 2 different media types,
- with 1 copy off-site.
This model is easy to communicate to practice staff and helps avoid "everything on the same drive".
8.2 Encryption
Encryption protects backups against unauthorised access, particularly if a storage medium is stolen. Encryption should apply to:
- stored data,
- and transfers to the off-site location.
8.3 Access control (and MFA where possible)
- individual user accounts,
- role-based permissions,
- strong passwords,
- MFA where the tool supports it (particularly for cloud access).
8.4 Restore testing: the most neglected step
An untested backup is not a guarantee. You should test:
- restoring a single file,
- restoring a folder,
- restoring an application database (where possible),
- and validating the realistic recovery time.
8.5 Logging and monitoring
The objective is not "to have a backup", but to know that it has succeeded. A mature strategy includes:
- reports,
- alerts,
- regular verification.
8.6 Separate roles to reduce the impact of a single failure
Avoid concentrating imaging, practice management software, and storage on a single "central" workstation with no redundancy. A failure of that workstation can take down:
- patient records,
- scheduling,
- imaging,
- billing.
Separating functions (even modestly) improves resilience.
9 Real-world scenarios (implementation examples)
Scenario A: practice with server/NAS + off-site copy
- Automatic daily backup to NAS.
- Encrypted off-site copy (compliant provider).
- Monthly restore test (sample).
Benefit: fast local restoration + off-site protection.
Scenario B: predominantly cloud-based practice (SaaS)
- Data primarily hosted by the software vendor/provider.
- Contractual verification of responsibilities (backup, restoration, data portability).
- Supplementary local backup if export is available (tool-dependent).
Key consideration: verify "who does what" for restoration and data access.
Scenario C: "air-gapped" anti-ransomware strategy
- Backup to disconnected media (rotation).
- Off-site storage.
- Simple documented procedure.
Useful as a complement: protects against network-wide encryption.
10 Conclusion: backup as a standard of organisational quality
Dental practice data backup has become a standard of quality and security in healthcare, on a par with traceability, infection control, and risk management.
An effective strategy does not have to be complex, but it must be tailored, automated, verified, and restorable.
The ultimate goal is not "having copies". It is to ensure:
- continuity of care,
- protection of health data,
- regulatory compliance,
- and peace of mind for the practitioner and the team.
Practitioner Checklist: where to start?
This week
- Identify your critical data: where are your patient records, your imaging files, and your practice management database stored? On which workstation(s) or server(s)?
- Check the current state of play: do you have a backup in place? Is it working? When was it last verified?
- Run a simple restore test: try restoring a file or a folder from your current backup. If you cannot do it, your backup is not working.
This month
- Apply the 3-2-1 rule: verify that your data exists in 3 copies, on 2 different media types, with 1 off-site (compliant cloud or externalised drive).
- Automate: if your backup depends on a daily manual action, plan to automate it. A backup that is forgotten is a backup that does not exist.
- Review your contracts: if you use cloud software or a service provider, re-read the contract. Who is responsible for backup? For restoration? Does the provider hold the required health data hosting certification?
This quarter
- Document your strategy: a simple document (1–2 pages) describing what is backed up, where, how often, and how to restore. This document must be understandable by a colleague or a locum.
- Schedule regular tests: one restore test per quarter (even partial) is enough to verify that the system works.
- Secure access: strong passwords, individual user accounts, encryption of external media.
If you are in a group practice or corporate structure
- Clarify data ownership: who is responsible for record retention? Can each practitioner extract their data if they leave?
- Plan for data separability: does your system allow you to isolate and export one practitioner's data without compromising the others'?
- Document the departure procedure: in the event of a practitioner leaving, the data transfer procedure should be planned in advance — not improvised on the day.