Washington dental practice reports data breach affecting patient records
US-based story. Dental practices should review email security protocols and staff access controls after this breach.
Totem Lake Family Dentistry in Kirkland, Washington detected unauthorized access to an employee email account on or about June 2, 2025. An investigation found that some of the practice's files, including those containing protected health information, were accessed without authorization.
What patient data was exposed
The breach compromised patient health information stored in the practice's email systems. The exact scope of compromised data and the number of affected patients have not been fully disclosed in available reports. The practice notified affected parties through a notice posted on its website, as required by data breach notification laws.
Why dental practices face security risks
Employee email accounts represent a common entry point for unauthorized access in healthcare settings. Dental practices, like other small healthcare providers, often lack the advanced security infrastructure of larger hospital systems, making them attractive targets for data theft. Breaches of this type expose practices to regulatory penalties, reputational harm, and patient trust erosion.
Frequently asked questions
What caused the Totem Lake Family Dentistry data breach
Unauthorized access to an employee email account was detected on or about June 2, 2025. An investigation confirmed that practice files containing protected health information were accessed without authorization.
How can dental practices prevent email account breaches
Implement multi-factor authentication on all email accounts, limit employee access to patient data based on job role, conduct regular staff training on phishing and password security, and monitor email accounts for suspicious activity.
What are dental practices required to do after a data breach
Practices must notify affected patients and the appropriate regulatory authorities within required timeframes. They must document the investigation, preserve evidence, and issue breach notification letters detailing the incident and steps patients should take.
Why are dental practices targets for data breaches
Dental practices store valuable patient health and financial information but often lack the advanced cybersecurity defenses of larger healthcare organizations, making them attractive targets for cybercriminals seeking to steal identities or medical records.
