Mac Security and Reliability Requires Patient Information Be in macOS

In Innovation by Dental Entrepreneur

What if dentists could avoid the risk of ransomware and other malware, HIPAA and state penalties and fines, reputation damage, and patient lawsuits with a single decision that also saves them money invested in computers and spent annually for IT services? The news is good, but it requires you to “think differently.”

It’s totally understandable that more than 80 percent of dental students use Macs, iPads and iPhones. After all, IBM, Cisco and other companies that offer a choice find 80 percent of employees of all ages prefer to use macOS and iOS devices over Windows and Android. Sixty percent of US companies who offer employees a choice consistently find everyone benefits, even though their decision was contrary to their IT department’s advice. As Fletcher Previn, Vice President of Workplace-as-a-Service IBM reports, “every Mac we buy (that replaces a PC) is making and saving IBM money,” and, “Mac users are a lot more satisfied than the PC users.”

In fact, Previn found that every Mac saves $535 over the first four years. Adding to that, PC users typically must replace their PC every four years, but dentists commonly use their Macs for 10-12 years. Taking the longer useful life into account, every Mac used in a dental office saves the practice thousands over PCs.

Where Your Data Lives Determines Its Security

Everyone knows macOS and iOS as overwhelmingly the most secure operating systems on the planet. This is intentional. The privacy and security of Apple users has always been Apple’s primary and constant mission. Allianz discounts cybersecurity insurance for businesses that use Apple. Allianz actuaries will tell you the numbers don’t lie. Patient information residing on a Mac in macOS is protected by Apple’s macOS. Patient information residing in Windows is not protected, even if it is accessed from a Mac.

For free, macOS includes 1) continuously updated X-Protect virus protection; 2) built-in FileVault full disk encryption for internal and backup drives; and 3) built-in GateKeeper security preventing unauthorized downloads of malware. Apple continually and promptly addresses threats and vulnerabilities with free macOS and iOS security and feature updates. In fact, Apple updates macOS and iOS annually.

Unlike Windows users, Mac users enthusiastically adopt new Apple technology and security quickly because their experience with Apple software is good, making their practice and patient data more secure.
Note: FileVault and Gatekeeper can easily be turned on by you or your office manager, or your HIPAA compliance officer, in macOS system preferences, and XProtect works in the background. This reduces the need and the cost of outside IT.
Ninety-five percent of practices using MacPractice spend less than $500 annually for IT support, while commonly PC users spend $500-$1000 monthly.

Apple supports and updates the three most recent version of macOS, making Sierra, High Sierra and Mojave HIPAA compliant.
No MacPractice user has reported ransomware in macOS on any of 30,000 Macs.

Today’s Dental Cloud Solutions Are Windows Solutions

While some dental cloud vendors support accessing patient information from a Mac, the patient information is in Windows, and a dentist is sharing a server with mostly Windows users whose employees are bombarded every minute of every day with email and browser phishing attempts targeted at Windows users. Google Chrome is required because dental cloud developers are Windows-centric, Chrome is the primary browser on Windows, and it can work on a Mac. Using Chrome eliminates the cost of macOS specific development and of testing with and supporting Safari.

On the other hand, Apple develops Safari exclusively for Apple macOS and Apple iOS, and unlike Chrome, Safari is continually updated with every macOS and iOS release to bolster security and enhance functionality for Apple users.

Windows is vulnerable to PC ransomware and PC malware whether patient information is in a dental office or on a shared remote server in “the cloud.” It is not just a risk. Ransomware and other PC malware infects thousands of business and individuals using Windows daily. Some of the largest US cloud vendors’ cloud servers and millions of patient records have been held hostage by ransomware, for example, Allscripts and Greenway in 2017-18. Practices and hospitals have lost temporary access to all their patients’ information. Some data was unrecoverable.

The Cost of a Breach Is High and Worth Avoiding

Every practice involved in a breach – and a ransomware attack is a HIPAA breach – must 1) publicly report to prominent media; 2) notify every patient possibly affected; 3) place a notification on the practice’s home page; and 4) listing on HHS’s public, permanent wall of shame.

A US shortage of 350,000 cybersecurity experts will grow to 3,500,000 in 2022. Who can you trust to protect your patients’ information in Windows, in your office or in the cloud? (Nearly all malware, ransomware, and viruses target Windows and Office software.) With all-in-one MacPractice that features built-in network word-processing, integrated digital imaging, fully integrated eclaims, integrated network fax, built-in secure messaging complying with HIPAA, etc., and encrypts data at rest and in motion, a practice can qualify for HIPAA’s Safe Harbor. Safe Harbor exempts a practice from reporting a breach to HHS, patients, and the public.

However state breach laws and fines go beyond HIPAA, and more states are proposing legislation. Patients and lawyers are suing doctors, hospitals that have been unable to protect their patients’ data from cybercriminals. No vendor can relieve a doctor of the responsibility to secure Protected Health Information under HIPAA. HIPAA fines can reach $1.5M. State fines may be levied in addition. Most practices that report a breach close within 18 months.

macOS Native Software IS SECURED BY macOS

Native macOS software like MacPractice is constructed with Apple’s development tools to take advantage of innovations in macOS and iOS. MacPractice does not require a dedicated server, which means it can be used for data entry and is often located at the front desk in a small or medium-sized practice. Nor does MacPractice require a server operating system. However, all patient data is on the MacPractice server, making it possible for a practice’s HIPAA security officer to use macOS to secure all patient data without IT assistance.

Multi-platform software developed for Windows cannot take advantage of functionality in macOS that does not also exist in Windows.

Remote Connectivity with macOS Native Software

Thousands of MacPractice users remotely connect to their office daily, and hundreds of multi-site practices use MacPractice and have for 15 years. Also, hundreds of MacPractice users have communicated with their office using MacPractice (Web) Interface for iPad and MacPractice (Web) Interface for iPhone, which also works on a Mac desktop. Native macOS software like MacPractice is constructed with Apple’s development tools to take advantage of innovations in macOS and iOS.

NONE of MacPractice’s plans require the inconvenience and cost of data conversion to a new software program. ALL MacPractice’s plans enhance the value of their users’ software investment, streamline and enhance the user experience, save money and increase productivity. Register at to learn more.

Access Patient Information in macOS Using a Web App in Safari

Spring of 2019, MacPractice released a new MacPractice Web Interface for Mac, iPad, and iPhone. The initial release offers all the functionality of MacPractice Interface for iPad, iPhone, and Mac plus more. In 2019 functionality will be expanded to make it possible for MacPractice users to use either or both MacPractice’s native and web clients to access and work with their patient’s data, protected by macOS. (A Linux option for hosting is in the works for 2019).

MacPractice Will Offer a Hosted Solution

Simultaneously with web client development, MacPractice is making it possible for current users to keep patient data ‘in office’ in macOS or Linux and access using either a native client or web application (or both). MacPractice is also making it possible to place the database on a separate drive from the server and client applications. In the future, MacPractice users can have their data hosted in Linux (NOT Windows) on a remote server in the cloud if they prefer and do not wish to host their data themselves.

Even More Options for Dentists with Remote Needs

In the future, MacPractice plans to help remote users in an office or clinic without an Internet connection to their home office or hosted database to work independently and sync the data when they reconnect at a later time.

Mark Hollis was a practice management consultant and IT support to more than 600 practices in the New York Metropolitan for 25 years before cofounding MacPractice. As a recognized industry authority and a member of HIMSS Electronic Records Association, Mark has written and lectured extensively on security, ransomware, HIPAA compliance, all-in-one design, paperless practice, mobile, and integrated online services. • Demo videos –