How Secure Is My Practice Management Software?


Editor’s note — this article is an extract from the upcoming second edition of David Harris’ book Dental Embezzlement; The Art of Theft and the Science of Control, expected to be available early in 2021.


A couple of the most frequently asked questions by doctors regarding practice management software are:

  • Is there a brand of practice management software that is better at protecting a doctor against embezzlement?
  • What is the most secure software?

This is like asking if one hammer is safer to use than another. All hammers have the potential to be safe if used properly, and the potential to cause grievous harm if they are not.

How is Practice Management Software Built?

Let’s start by looking at your software in a way that is slightly different than what you are accustomed to.  Your practice management software really consists of two parts.  There is a relational database that contains “data tables” that contain all the information on your practice.  Data tables include patient master information such as name, address and phone number, as well as treatment records, receivables balances and so on.  The database programming languages used are commercial programs made by big companies like Microsoft and Oracle and licensed to the company that makes your practice management software.  The most common database language used in practice management software is called SQL, which stands for Structured Query Language.

The second part of practice management software is an interface, or “front end” that allows you and your staff to interact with the database in an organized and hopefully user-friendly fashion.

Data Integrity

I think that what is sometimes behind this question is fear on the part of the dentist posing the question that a clever staff member could somehow bypass the front end of the software and directly make edits to the database, or can edit the audit trail to erase evidence of wrongdoing. 

I’ll put your mind at ease on this one.  Reading information from the database without using the practice management software’s interface isn’t terribly hard for someone with a computer science background and some database skills.  This is something that we do on a fairly regular basis in the course of our investigations.

However, editing the data in the data tables is a much more difficult undertaking. Without dragging you into a lot of detail about database architecture and checksums, I can tell you that doing this is very difficult in any modern practice management software.  The end result of someone trying is likely that, the next time someone tries to start your software, it will report a database error and will require some resuscitation to run. 

I’m not saying that editing your data in some other way than using the interface can’t be done, but this would take someone with PhD-level computer knowledge.

If the Integrity of the Database is Secure, Where Does the Danger Come From?

You’ve heard the saying from gun advocates that “guns don’t kill people; people do.”  I’ll say the same thing here.  Most embezzlement takes place not because of inherent weaknesses in practice management software, but because human practice owners fail to apply sufficient supervision and common sense to their practice management software.

Unfortunately, there is no such thing as embezzlement-proof software. All practice management software is designed with built-in safeguards, but then most practice owners neutralize many of the security features.  There is always an inherent tradeoff between controls and efficiency.

For example, it is possible to set up practice management software so that the practice owner is the only person permitted to authorize credit adjustments to be made to patient accounts. While, in theory, this is safer than allowing staff members to make adjustments without the doctor’s approval, it is operationally cumbersome to have staff continuously interrupting the doctor when transactions need to be authorized. Most offices find the safest options unwieldy and end up deliberately bypassing some of the built-in safety features of their software for the sake of convenience.

Maddeningly, when new practice management software is installed, typically, the default setup disables many of the security features available, and to enable these features requires specific action on the part of the practice. The reason that the companies that make the software take this approach is understandable; with unfamiliar practice management software, higher security settings inevitably prompt more calls to the software’s support line. When someone new to a particular software discovers that something that they are trying to do is blocked, the next step usually is to call the software’s technical support to ask for help. To reduce user frustration and manage support costs, software companies normally turn off many security features in the default setup.

So let’s start treating our practice management software as the vital repository of data that it is. Having that mindset will offer far more protection than any built-in security feature in software.