Medix Dental IT
Step-by-step implementation guide β pre-implementation checklist, onboarding, staff training, go-live runbook, and ROI tracking.
Medix Dental IT β Implementation Playbook (DSO)
Medix Dental IT Implementation Playbook
Dental IT & Cybersecurity for DSO Operations
1. Executive Summary
What Medix Dental IT Does
Medix Dental IT provides enterprise-grade managed IT services and cybersecurity infrastructure specifically designed for dental organizations, encompassing network management, endpoint protection, HIPAA-compliant data security, disaster recovery, and 24/7 monitoring across multi-location dental operations.
Why DSOs Specifically Benefit
DSOs operating at scale face exponentially greater cybersecurity risk exposureβeach additional location multiplies attack surfaces, creates data governance complexity, and introduces inconsistent IT practices that threat actors exploit. Medix Dental IT delivers the standardization advantage: a single security posture across all locations, centralized threat detection that identifies patterns invisible at the practice level, unified compliance documentation for audits, and aggregated intelligence that turns your scale into a defensive asset rather than a liability. When one location encounters a novel threat, protection deploys across your entire portfolio within hours, not weeks.
Expected Timeline
| Phase | Duration |
|---|---|
| Decision to Contract | 2β3 weeks |
| Pre-Implementation & Assessment | 2 weeks |
| Wave 1 Pilot (2β3 locations) | 3 weeks |
| Wave 2 Expansion (5β8 locations) | 4 weeks |
| Wave 3+ Full Deployment | 6β8 weeks |
| Total: Decision to Full Deployment | 17β24 weeks |
Timeline assumes 25β35 locations. Scale proportionally for larger portfolios.
2. Pre-Implementation Checklist (Weeks 1β2)
Technical Requirements
Hardware Assessment (Per Location)
β Document all workstations: age, OS version, RAM, processor (3 hours per location) β Inventory all network equipment: routers, switches, firewalls, wireless access points (2 hours per location) β Catalog all servers (on-premise or cloud-hosted) including specifications (1 hour) β Identify all connected devices: digital sensors, imaging equipment, CBCT, intraoral cameras, 3D printers (2 hours per location) β Document existing backup systems and last verified recovery test date (1 hour)
Software Inventory
β List all PMS instances with version numbers across locations (2 hours) β Document imaging software platforms and versions (1 hour) β Catalog all third-party applications with network access (2 hours) β Identify shadow ITβunauthorized software installed by staff (requires endpoint scan)
Network Requirements
| Requirement | Minimum | Recommended |
|---|---|---|
| Internet Speed | 100 Mbps symmetric | 500 Mbps symmetric |
| Network Segmentation | Basic VLAN | Full micro-segmentation |
| Firewall | Business-grade | Next-gen with IPS/IDS |
| WiFi Standard | WPA2-Enterprise | WPA3-Enterprise |
π΅ Vendor Onboarding Steps
β Week 1, Day 1: Schedule kickoff call with Medix Dental IT enterprise team (30 min) β Week 1, Day 2β3: Complete vendor security questionnaire and provide requested documentation (4 hours) β Week 1, Day 3: π΅ Receive dedicated account manager and technical implementation lead contacts β Week 1, Day 4: π΅ Establish secure file sharing portal for sensitive documentation β Week 1, Day 5: Execute BAA and master services agreement (legal review: 3β5 days) β Week 2, Day 1: π΅ Complete vendor's technical discovery questionnaire (2 hours) β Week 2, Day 2: π΅ Schedule network assessment scans for pilot locations
Key Contacts to Establish
| Role | Responsibility | Response SLA |
|---|---|---|
| Account Manager | Commercial issues, escalations | 4 hours |
| Technical Implementation Lead | Deployment coordination | 2 hours |
| Security Operations Center (SOC) | Active threat response | 15 minutes |
| Tier 2 Support | Complex technical issues | 1 hour |
| Project Manager | Timeline, milestones | Same day |
Data/Access Prerequisites
β Compile administrator credentials for all PMS instances (secure vault required) β Document current Active Directory or identity management structure β Gather existing VPN configurations and access lists β Collect current firewall rules and network diagrams (if they exist) β Identify all API connections between systems and document authentication methods β Prepare list of all users requiring system access with current permission levels
π£ Internal Stakeholder Alignment
Approval Requirements
| Decision | Approver | Timeline |
|---|---|---|
| Budget allocation | CFO/Board | Pre-kickoff |
| BAA execution | Legal/Compliance | Week 1 |
| Network access authorization | CTO/IT Director | Week 1 |
| Location selection for pilots | VP Operations + CDO | Week 1 |
| Staff training time allocation | Regional Managers | Week 2 |
Stakeholder Alignment Map
| Stakeholder | Communication Need | Frequency | Owner |
|---|---|---|---|
| Board/Investors | ROI justification, risk mitigation narrative, milestone updates | Monthly | CEO |
| C-Suite | Strategic alignment, budget tracking, escalation decisions | Weekly | VP Operations |
| Regional Managers | Implementation timeline, resource requirements, location readiness | Weekly | Project Lead |
| Location Office Managers | Detailed action items, training schedules, workflow changes | 2x/week during rollout | Regional Manager |
| Providers | Clinical workflow impact (minimal for IT/security), downtime windows | Pre-rollout briefing + as-needed | Office Manager |
| IT Staff (if any) | Technical handoff, ongoing collaboration model | Daily during implementation | CTO |
Baseline Metrics to Capture
β οΈ Critical: Capture these metrics BEFORE deployment begins. ROI measurement is impossible without baselines.
Security Metrics (Capture per location and aggregate)
β Number of security incidents in past 12 months (ransomware, phishing, data breach) β Mean time to detect (MTTD) security incidents (likely unknownβnote this) β Mean time to respond (MTTR) to security incidents β Number of failed backup/recovery attempts in past 12 months β Current patch compliance rate (what % of systems are current?) β Number of HIPAA-related audit findings in past 24 months
Operational Metrics
β IT-related downtime hours per month per location (PMS unavailable, network down) β Help desk ticket volume per location per month β Mean time to resolve IT issues β Staff hours spent on IT troubleshooting (estimate from office managers)
Financial Metrics
β Current IT spend per location (managed services, break-fix, hardware) β Cyber insurance premium and coverage limits β Cost of last security incident (if applicable)
β οΈ Standardize Measurement Methodology
| Metric | Measurement Method | Data Source | Collection Frequency |
|---|---|---|---|
| Downtime | Hours PMS unavailable | Office manager log + PMS uptime reports | Weekly |
| Incident count | Formal incident reports only | Current IT provider or internal | Monthly |
| Ticket volume | Total tickets opened | Current ticketing system or email count | Weekly |
| Patch compliance | % endpoints with updates <30 days | Endpoint scan (Medix provides) | Baseline + monthly |
Enterprise-Level Requirements
Network Standards Across Locations
β π£ Decide: Uniform ISP requirement or best-available per market? β Document minimum bandwidth standards for the portfolio β π΅ Confirm Medix compatibility with all current ISPs β Identify locations requiring network infrastructure upgrades before deployment
Centralized vs. Location-Level Hosting Decision
| Component | Recommended Approach | Rationale |
|---|---|---|
| Security monitoring (SIEM) | Centralized | Aggregated threat intelligence, single pane of glass |
| Backup storage | Centralized with local cache | Disaster recovery + fast local restore |
| Endpoint protection | Centralized management, local agents | Unified policy, minimal latency |
| Network monitoring | Centralized | Cross-location visibility |
| PMS hosting | Per current architecture | Don't change during security deployment |
Identity & Access Management
β π£ Decide: Implement SSO across all systems? (Recommended: Yes) β Document current identity providers (Azure AD, Google Workspace, none) β π΅ Confirm Medix SSO integration capability with your identity provider β Define access tier structure (admin, standard user, read-only, temporary) β Establish centralized credential management policy
Centralized Credentialing & Access Control
β Create master user provisioning/deprovisioning workflow β Define approval chain for elevated access requests β Establish offboarding checklist (access revocation within 24 hours of termination) β Document vendor access requirements and approval process
3. Location Readiness Assessment
Readiness Scoring Framework
Score each location 1β5 on each factor. Compute composite score.
Factor 1: IT Infrastructure Maturity (Weight: 25%)
| Score | Criteria |
|---|---|
| 5 | Workstations <3 years old, business-grade network equipment, 500+ Mbps internet, current PMS version |
| 4 | Workstations <5 years old, adequate network equipment, 200+ Mbps internet, PMS within 2 versions of current |
| 3 | Mixed-age workstations, consumer-grade network equipment, 100+ Mbps internet, PMS supported but dated |
| 2 | Some workstations >5 years, network issues common, <100 Mbps internet, PMS version approaching end-of-life |
| 1 | Outdated hardware throughout, frequent network failures, inadequate bandwidth, PMS unsupported |
Factor 2: Staff Tenure & Adaptability (Weight: 20%)
| Score | Criteria |
|---|---|
| 5 | Low turnover (<15%/year), history of successful tech adoption, staff requests new tools |
| 4 | Moderate turnover (15β25%/year), one successful tech implementation in past 2 years, generally positive attitude |
| 3 | Average turnover (25β35%/year), mixed results with past tech changes, neutral attitude |
| 2 | High turnover (35β50%/year), one failed tech implementation, resistance to change |
| 1 | Very high turnover (>50%/year), multiple failed implementations, active resistance |
Factor 3: Patient Volume (Weight: 15%)
| Score | Impact Assessment |
|---|---|
| 5 | Very high volume (>800 patients/month)βmaximum impact but requires flawless execution |
| 4 | High volume (600β800/month)βsignificant impact, manageable risk |
| 3 | Moderate volume (400β600/month)βgood balance of impact and risk |
| 2 | Lower volume (200β400/month)βlower risk but limited impact data |
| 1 | Low volume (<200/month)βminimal risk but not representative for pilot |
Note: For Wave 1 pilots, score 3 is often idealβsufficient volume for meaningful data without catastrophic risk.
Factor 4: Tech Stack Compatibility (Weight: 25%)
| Score | Criteria |
|---|---|
| 5 | PMS with documented Medix integration, modern imaging system, cloud-based ancillary tools |
| 4 | PMS with available integration, standard imaging system, mostly compatible tools |
| 3 | PMS supported but requires custom configuration, imaging integration possible with effort |
| 2 | Legacy PMS requiring workarounds, older imaging system, some incompatible tools |
| 1 | Unsupported PMS, imaging system requires replacement, significant incompatibilities |
Factor 5: Local Champion Availability (Weight: 15%)
| Score | Criteria |
|---|---|
| 5 | Identified tech-forward office manager AND engaged provider, both committed to championing |
| 4 | Strong office manager willing to champion, provider supportive |
| 3 | Office manager willing but not enthusiastic, need to develop champion capacity |
| 2 | No natural champion, office manager overloaded, provider disengaged |
| 1 | Leadership vacuum at location, no viable champion candidate |
Composite Score Calculation
Weighted Score = (Infrastructure Γ 0.25) + (Staff Γ 0.20) + (Volume Γ 0.15) + (Compatibility Γ 0.25) + (Champion Γ 0.15)
| Composite Score | Readiness Tier | Rollout Recommendation |
|---|---|---|
| 4.5β5.0 | Tier 1: Excellent | Wave 1 candidate |
| 3.5β4.4 | Tier 2: Good | Wave 2 candidate |
| 2.5β3.4 | Tier 3: Moderate | Wave 3 candidate, may need pre-work |
| 1.5β2.4 | Tier 4: Challenging | Requires remediation before deployment |
| <1.5 | Tier 5: Not Ready | Address fundamental issues first |
Rollout Sequence Recommendation
Wave 1 Selection Criteria (2β3 locations)
- Composite score β₯4.0
- At least one location in each major market/region (for regional manager learning)
- β οΈ Avoid: Highest-volume location AND newest acquisition AND location with recent staffing upheaval
- Include: One location that is "typical" of your portfolio (not the best, not the worst)
Wave 2 Selection Criteria (5β8 locations)
- Composite score β₯3.5
- Geographic clustering to enable shared regional support
- Include at least one location with a different PMS if portfolio is mixed
Wave 3+ Selection
- Remaining locations, sequenced by composite score (highest first)
- Batch locations requiring similar remediation work
4. Rollout Strategy
Wave Structure Recommendation
| Wave | Locations | Duration | Purpose |
|---|---|---|---|
| Wave 1 | 2β3 | 3 weeks | Prove concept, identify issues, refine playbook |
| Wave 2 | 5β8 | 4 weeks | Scale validation, stress-test support model |
| Wave 3 | 8β12 | 4 weeks | Full operational deployment |
| Wave 4+ | Remaining | 4 weeks each | Portfolio completion |
Buffer between waves: Minimum 1 week for learning capture, playbook refinement, and go/no-go assessment.
Wave 1 Pilot Selection
Ideal Pilot Profile
| Criterion | Rationale |
|---|---|
| High readiness score (β₯4.0) | Minimize deployment friction, let the tool prove itself |
| Representative PMS | Learnings apply to majority of portfolio |
| Engaged office manager | Will provide quality feedback, not just complaints |
| Moderate volume | Sufficient data without catastrophic risk |
| Accessible location | Easy for support visits during stabilization |
| No major competing initiatives | Staff bandwidth available |
β οΈ Avoid for Wave 1
- Flagship locations (too high-profile if issues occur)
- Recent acquisitions (too many variables)
- Locations with pending office manager changes
- Sites with known infrastructure deficiencies
Timeline Per Wave
Wave 1 Detailed Timeline (3 weeks)
| Week | Activities |
|---|---|
| Week 1 | π΅ Network assessment, agent deployment, initial configuration, test environment validation |
| Week 2 | Champion training, staff training sessions, parallel monitoring (no changes to workflow) |
| Week 3 | Full go-live, daily check-ins, issue resolution, feedback collection |
Wave 2+ Timeline (4 weeks per wave)
| Week | Activities |
|---|---|
| Week 1 | π΅ Assessment and deployment (accelerated using Wave 1 templates) |
| Week 2 | Training (using train-the-trainer model) |
| Week 3 | Go-live first half of wave |
| Week 4 | Go-live second half, stabilization |
Go/No-Go Criteria
Criteria to Advance to Next Wave
| Category | Go Criteria | No-Go Threshold |
|---|---|---|
| Technical Stability | <2 critical issues unresolved | Any critical issue unresolved >48 hours |
| User Adoption | >80% staff can perform basic functions | <60% competency rate |
| Security Posture | Zero new vulnerabilities introduced | Any HIPAA compliance gap identified |
| Operational Impact | <15 minutes added daily workflow time | >30 minutes added time, or workflow disruption |
| Support Load | <5 tickets per location per week | >15 tickets per location per week |
| Champion Confidence | Champion rates readiness β₯7/10 | Champion rates readiness <5/10 |
π£ Go/No-Go Decision Process
- Wave completion report prepared by Project Lead (Day 1 of buffer week)
- Regional Manager review and recommendation (Day 2)
- VP Operations + CDO decision call (Day 3)
- If No-Go: Define remediation actions and revised timeline (Days 4β5)
- If Go: Confirm Wave 2 location list and communicate to office managers (Days 4β5)
Rollback Plan
β οΈ Rollback Triggers
- Critical security vulnerability introduced by deployment
- PMS performance degradation >25%
- Unrecoverable data integrity issue
- Widespread staff inability to perform basic functions after training
Rollback Procedure
- π΅ Contact Medix SOC immediately (15-minute SLA)
- Document specific failure mode and affected systems
- π΅ Medix disables monitoring agents (preserves data, removes active components)
- Revert any network configuration changes using pre-deployment documentation
- Restore previous security tools (if any)
- Post-incident review within 48 hours
Rollback Scope Management
- Single location failure: Isolate and rollback that location only; continue other wave locations
- Pattern across multiple locations: Pause wave, rollback all affected locations
- Fundamental incompatibility: Full program pause, executive escalation
5. Configuration & Integration (Weeks 2β3)
Practice Management System Integration
π΅ Dentrix Enterprise Integration
Prerequisites β Dentrix Enterprise Server version 8.0 or higher β SQL Server access credentials β Network path to Dentrix data directory from Medix monitoring server
Integration Steps (Estimated: 4 hours per location, π΅ Medix-led)
- β π΅ Deploy Medix secure agent on Dentrix server
- β Create read-only SQL user for monitoring (do not use sa account)
- β π΅ Configure backup monitoring for Dentrix database files
- β π΅ Establish secure connection to Dentrix application logs
- β π΅ Set up file integrity monitoring on Dentrix directories
- β Test monitoring dashboard confirms Dentrix visibility
- β Document configuration settings in location runbook
β οΈ Common Failure Point: Antivirus exclusionsβensure Medix agents are whitelisted in any existing antivirus or endpoint protection to prevent conflicts.
π΅ Eaglesoft Integration
Prerequisites β Eaglesoft version 21 or higher β Patterson Technical Support contact (for complex configurations) β Local administrator access to Eaglesoft server
Integration Steps (Estimated: 3 hours per location, π΅ Medix-led)
- β π΅ Install Medix endpoint agent on Eaglesoft server
- β π΅ Configure monitoring for Eaglesoft services and processes
- β π΅ Set up database backup verification
- β π΅ Enable file-level protection for patient data directories
- β Test failover procedures do not conflict with Eaglesoft
- β Validate Eaglesoft performance post-agent deployment
π΅ Open Dental Integration
Prerequisites β Open Dental version 22.1 or higher β MySQL database credentials β Cloud vs. on-premise hosting determination
Integration Steps (Estimated: 2 hours per location, π΅ Medix-led)
- β π΅ Deploy endpoint agent (cloud: API integration; on-premise: server agent)
- β π΅ Configure MySQL monitoring with read-only credentials
- β π΅ Set up Open Dental backup verification
- β π΅ Enable audit logging integration for compliance reporting
- β Test reporting dashboard shows Open Dental metrics
Imaging System Integration
DEXIS Integration
β π΅ Install monitoring agent on DEXIS server/workstations β π΅ Configure image backup verification β Set up storage monitoring with alert thresholds (80% capacity warning) β Verify imaging workflow unaffected by endpoint protection
Carestream Integration
β π΅ Coordinate with Carestream support for agent compatibility confirmation β π΅ Deploy monitoring without disrupting image acquisition β Configure DICOM directory monitoring β Test image capture and retrieval post-deployment
CBCT Systems
β οΈ Common Failure Point: CBCT systems often run on dedicated hardware with specific software requirements. Do NOT deploy agents without explicit vendor approval.
β Document CBCT system make/model/software version β π΅ Medix confirms compatibility or exclusion plan β If excluded: Implement network-level protection only β Set up air-gap monitoring where applicable
Test Environment Setup
Centralized Test Environment (Recommended for DSO)
β π΅ Medix provisions isolated test environment mimicking production β Clone configuration from one representative location β Simulate common attack scenarios (phishing, ransomware, unauthorized access) β Validate alert generation and escalation paths β Test backup and recovery procedures
Validation Checklist
| Test Case | Pass Criteria | Verified By |
|---|---|---|
| Agent deployment | Agent reports to central dashboard within 5 minutes | Medix |
| Real-time monitoring | CPU/memory alerts trigger correctly | Medix |
| Endpoint protection | Test malware quarantined within 30 seconds | Medix + Internal |
| Backup verification | Automated backup test restores successfully | Medix |
| PMS access | No performance impact on PMS operations | Office Manager |
| Imaging function | X-rays capture and save without delay | Provider/Assistant |
Data Migration / Historical Data Ingestion
For Medix Dental IT, data migration is minimalβfocus is on log ingestion:
β π΅ Determine log retention requirements (HIPAA: 6 years minimum) β π΅ Configure historical log ingestion if replacing existing SIEM β Verify audit trail continuity for compliance purposes β Document data handling for any decommissioned systems
Security and HIPAA Compliance Verification
Pre-Go-Live Security Checklist (Per Location)
β π΅ Endpoint protection deployed to all workstations β π΅ Network monitoring active on all segments β π΅ Email security scanning enabled β Multi-factor authentication confirmed for all remote access β Encryption at rest verified for all PHI storage β Encryption in transit verified for all data transmission β Access logging enabled for all systems β Password policy enforced (complexity, rotation, no sharing)
Enterprise-Level HIPAA Checklist
β π£ BAA executed with Medix Dental IT (before any PHI exposure) β Data governance policy updated to reflect Medix as business associate β Access control matrix documented: who at Medix can access what β Audit log requirements confirmed (access logging, retention, review cadence) β Incident response plan updated to include Medix SOC β Data disposal procedures confirmed for any decommissioned Medix components β Subcontractor chain documented (Medix's downstream vendors)
Standardized vs. Location-Specific Configuration
Standardize Centrally (Configuration Template)
| Setting | Standard Value | Rationale |
|---|---|---|
| Password policy | 12+ characters, MFA required | Consistent security posture |
| Patch deployment window | Sunday 2β5 AM local | Minimize operational impact |
| Alert thresholds | CPU >90% 5 min, Disk >85% | Uniform monitoring |
| Backup schedule | Daily incremental, weekly full | Consistent recovery capability |
| Retention policy | 90 days logs, 7 years compliance data | Regulatory alignment |
| Endpoint protection level | Maximum (real-time + behavioral) | No security exceptions |
Allow Location-Specific Configuration
| Setting | Variation Allowed | Approval Required |
|---|---|---|
| Alert recipients | Local + central (additional local contacts OK) | Office Manager |
| Maintenance windows | Shift Β±2 hours based on office hours | Office Manager |
| Network segmentation details | Based on physical layout | Regional Manager + Medix |
| Local admin designation | 1β2 people per location | Regional Manager |
| Guest WiFi configuration | Based on patient area needs | Office Manager |
6. Team Training Plan
Train-the-Trainer Model
Champion Selection Criteria
| Criterion | Weight | Description |
|---|---|---|
| Role fit | 30% | Office manager preferred; tech-forward hygienist or assistant acceptable |
| Tenure | 20% | >12 months at location, committed to staying |
| Technical comfort | 25% | Regularly uses technology, learns new systems quickly |
| Peer influence | 15% | Respected by colleagues, can motivate others |
| Availability | 10% | Has bandwidth for 4β6 hours training + ongoing responsibilities |
Champion Responsibilities
- Complete certification training (4 hours)
- Deliver role-specific training to all location staff
- Serve as first-line support for IT/security questions
- Conduct daily check-ins during go-live week
- Submit weekly feedback during first month
- Train new hires ongoing
- Participate in quarterly champion network calls
π΅ Champion Certification Training (4 hours total)
| Module | Duration | Format | Content |
|---|---|---|---|
| Cybersecurity Fundamentals | 45 min | π΅ Video + quiz | Why this matters, threat landscape, DSO-specific risks |
| Medix Platform Overview | 60 min | π΅ Live demo | Dashboard navigation, key metrics, alert types |
| Incident Response Basics | 45 min | π΅ Interactive | What to do when you see an alert, escalation paths |
| Training Delivery Skills | 30 min | Video | How to train adults, handling resistance |
| Role-Specific Training Prep | 60 min | Self-study | Review all role training materials |
| Certification Assessment | 20 min | π΅ Online quiz | 80% pass rate required |
Role-Specific Training Outlines
Providers (Dentists/Specialists)
Training Time: 20 minutes Format: Office manager/champion delivers; optional π΅ Medix video
Content:
- What Medix does (protect patient data, keep systems running)
- What you'll notice: Nothing, ideallyβsecurity works in background
- What might change: MFA prompts, occasional update notifications
- When to alert IT: Unusual system behavior, suspected phishing, missing patient data
- π΅ Quick reference: One-pager on phishing identification
Common Resistance Points:
- "This slows me down" β Emphasize MFA takes <10 seconds; ransomware takes days to recover
- "We've never been hacked" β Share industry statistics; average dental breach cost
Day 1 Cheat Sheet for Providers:
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β MEDIX SECURITY - PROVIDER QUICK REFERENCE β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β Log in normallyβMFA may prompt on first use β
β β Report suspicious emails to [champion name] β
β β Lock workstation when leaving (Win+L or Cmd+Ctrl+Q)β
β β Never share passwords, even with "IT support" β
β β Contact champion if anything seems "off" β
β β
β EMERGENCY: Something's wrong with patient data? β
β β Tell office manager IMMEDIATELY β
β β Call Medix SOC: [number] β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Hygienists
Training Time: 15 minutes Format: Champion-delivered, group session OK
Content:
- Quick overview of why cybersecurity matters for patient trust
- Day-to-day: No changes to clinical workflow
- Technology reminders: Log out when switching operatories
- What to watch for: Unusual computer behavior, pop-ups
- Reporting: Tell the front desk or champion
Common Resistance Points:
- "I don't deal with the computer much" β You access patient records; you're part of protection
- "This is more work" β Logging out takes 2 seconds; breach recovery takes weeks
Day 1 Cheat Sheet for Hygienists:
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β MEDIX SECURITY - HYGIENIST QUICK REFERENCE β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β Lock your workstation when moving to another room β
β β Don't leave patient charts open unattended β
β β Report anything weird: pop-ups, slowness, errors β
β β Ask before plugging in USB devices β
β β
β SEE SOMETHING? SAY SOMETHING. β
β β Tell [champion name] or front desk β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Front Desk / Office Manager
Training Time: 45 minutes Format: π΅ Live webinar or champion-delivered with screen share
Content:
- Your role in the security chain (first contact for many threats)
- Email security: Phishing identification, suspicious attachment handling
- Password management: Vault usage, no sticky notes
- Patient communication: How to discuss our security practices
- Daily monitoring: What to glance at on the security dashboard
- Incident reporting: How to log and escalate
Common Resistance Points:
- "I already have too much to do" β This replaces worry about IT; Medix handles the heavy lifting
- "Patients don't ask about security" β They do ask about it, and regulators definitely do
Day 1 Cheat Sheet for Front Desk:
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β MEDIX SECURITY - FRONT DESK QUICK REFERENCE β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β DAILY: β
β β Check email for Medix alerts (review, don't panic)β
β β Verify backup completed (green check on dashboard)β
β β
β EMAIL SAFETY: β
β β Hover before clickingβdoes link match sender? β
β β Unexpected attachment? Verify by phone first β
β β "Urgent
AI-generated implementation guide based on public vendor information. Verify specifics directly with Medix Dental IT.