Medix Dental IT
Implementation PlaybookDSO Β· Group Practice

Medix Dental IT

Step-by-step implementation guide β€” pre-implementation checklist, onboarding, staff training, go-live runbook, and ROI tracking.

Medix Dental IT β€” Implementation Playbook (DSO)

Medix Dental IT Implementation Playbook

Dental IT & Cybersecurity for DSO Operations


1. Executive Summary

What Medix Dental IT Does

Medix Dental IT provides enterprise-grade managed IT services and cybersecurity infrastructure specifically designed for dental organizations, encompassing network management, endpoint protection, HIPAA-compliant data security, disaster recovery, and 24/7 monitoring across multi-location dental operations.

Why DSOs Specifically Benefit

DSOs operating at scale face exponentially greater cybersecurity risk exposureβ€”each additional location multiplies attack surfaces, creates data governance complexity, and introduces inconsistent IT practices that threat actors exploit. Medix Dental IT delivers the standardization advantage: a single security posture across all locations, centralized threat detection that identifies patterns invisible at the practice level, unified compliance documentation for audits, and aggregated intelligence that turns your scale into a defensive asset rather than a liability. When one location encounters a novel threat, protection deploys across your entire portfolio within hours, not weeks.

Expected Timeline

Phase Duration
Decision to Contract 2–3 weeks
Pre-Implementation & Assessment 2 weeks
Wave 1 Pilot (2–3 locations) 3 weeks
Wave 2 Expansion (5–8 locations) 4 weeks
Wave 3+ Full Deployment 6–8 weeks
Total: Decision to Full Deployment 17–24 weeks

Timeline assumes 25–35 locations. Scale proportionally for larger portfolios.


2. Pre-Implementation Checklist (Weeks 1–2)

Technical Requirements

Hardware Assessment (Per Location)

☐ Document all workstations: age, OS version, RAM, processor (3 hours per location) ☐ Inventory all network equipment: routers, switches, firewalls, wireless access points (2 hours per location) ☐ Catalog all servers (on-premise or cloud-hosted) including specifications (1 hour) ☐ Identify all connected devices: digital sensors, imaging equipment, CBCT, intraoral cameras, 3D printers (2 hours per location) ☐ Document existing backup systems and last verified recovery test date (1 hour)

Software Inventory

☐ List all PMS instances with version numbers across locations (2 hours) ☐ Document imaging software platforms and versions (1 hour) ☐ Catalog all third-party applications with network access (2 hours) ☐ Identify shadow ITβ€”unauthorized software installed by staff (requires endpoint scan)

Network Requirements

Requirement Minimum Recommended
Internet Speed 100 Mbps symmetric 500 Mbps symmetric
Network Segmentation Basic VLAN Full micro-segmentation
Firewall Business-grade Next-gen with IPS/IDS
WiFi Standard WPA2-Enterprise WPA3-Enterprise

πŸ”΅ Vendor Onboarding Steps

☐ Week 1, Day 1: Schedule kickoff call with Medix Dental IT enterprise team (30 min) ☐ Week 1, Day 2–3: Complete vendor security questionnaire and provide requested documentation (4 hours) ☐ Week 1, Day 3: πŸ”΅ Receive dedicated account manager and technical implementation lead contacts ☐ Week 1, Day 4: πŸ”΅ Establish secure file sharing portal for sensitive documentation ☐ Week 1, Day 5: Execute BAA and master services agreement (legal review: 3–5 days) ☐ Week 2, Day 1: πŸ”΅ Complete vendor's technical discovery questionnaire (2 hours) ☐ Week 2, Day 2: πŸ”΅ Schedule network assessment scans for pilot locations

Key Contacts to Establish

Role Responsibility Response SLA
Account Manager Commercial issues, escalations 4 hours
Technical Implementation Lead Deployment coordination 2 hours
Security Operations Center (SOC) Active threat response 15 minutes
Tier 2 Support Complex technical issues 1 hour
Project Manager Timeline, milestones Same day

Data/Access Prerequisites

☐ Compile administrator credentials for all PMS instances (secure vault required) ☐ Document current Active Directory or identity management structure ☐ Gather existing VPN configurations and access lists ☐ Collect current firewall rules and network diagrams (if they exist) ☐ Identify all API connections between systems and document authentication methods ☐ Prepare list of all users requiring system access with current permission levels

🟣 Internal Stakeholder Alignment

Approval Requirements

Decision Approver Timeline
Budget allocation CFO/Board Pre-kickoff
BAA execution Legal/Compliance Week 1
Network access authorization CTO/IT Director Week 1
Location selection for pilots VP Operations + CDO Week 1
Staff training time allocation Regional Managers Week 2

Stakeholder Alignment Map

Stakeholder Communication Need Frequency Owner
Board/Investors ROI justification, risk mitigation narrative, milestone updates Monthly CEO
C-Suite Strategic alignment, budget tracking, escalation decisions Weekly VP Operations
Regional Managers Implementation timeline, resource requirements, location readiness Weekly Project Lead
Location Office Managers Detailed action items, training schedules, workflow changes 2x/week during rollout Regional Manager
Providers Clinical workflow impact (minimal for IT/security), downtime windows Pre-rollout briefing + as-needed Office Manager
IT Staff (if any) Technical handoff, ongoing collaboration model Daily during implementation CTO

Baseline Metrics to Capture

⚠️ Critical: Capture these metrics BEFORE deployment begins. ROI measurement is impossible without baselines.

Security Metrics (Capture per location and aggregate)

☐ Number of security incidents in past 12 months (ransomware, phishing, data breach) ☐ Mean time to detect (MTTD) security incidents (likely unknownβ€”note this) ☐ Mean time to respond (MTTR) to security incidents ☐ Number of failed backup/recovery attempts in past 12 months ☐ Current patch compliance rate (what % of systems are current?) ☐ Number of HIPAA-related audit findings in past 24 months

Operational Metrics

☐ IT-related downtime hours per month per location (PMS unavailable, network down) ☐ Help desk ticket volume per location per month ☐ Mean time to resolve IT issues ☐ Staff hours spent on IT troubleshooting (estimate from office managers)

Financial Metrics

☐ Current IT spend per location (managed services, break-fix, hardware) ☐ Cyber insurance premium and coverage limits ☐ Cost of last security incident (if applicable)

⚠️ Standardize Measurement Methodology

Metric Measurement Method Data Source Collection Frequency
Downtime Hours PMS unavailable Office manager log + PMS uptime reports Weekly
Incident count Formal incident reports only Current IT provider or internal Monthly
Ticket volume Total tickets opened Current ticketing system or email count Weekly
Patch compliance % endpoints with updates <30 days Endpoint scan (Medix provides) Baseline + monthly

Enterprise-Level Requirements

Network Standards Across Locations

☐ 🟣 Decide: Uniform ISP requirement or best-available per market? ☐ Document minimum bandwidth standards for the portfolio ☐ πŸ”΅ Confirm Medix compatibility with all current ISPs ☐ Identify locations requiring network infrastructure upgrades before deployment

Centralized vs. Location-Level Hosting Decision

Component Recommended Approach Rationale
Security monitoring (SIEM) Centralized Aggregated threat intelligence, single pane of glass
Backup storage Centralized with local cache Disaster recovery + fast local restore
Endpoint protection Centralized management, local agents Unified policy, minimal latency
Network monitoring Centralized Cross-location visibility
PMS hosting Per current architecture Don't change during security deployment

Identity & Access Management

☐ 🟣 Decide: Implement SSO across all systems? (Recommended: Yes) ☐ Document current identity providers (Azure AD, Google Workspace, none) ☐ πŸ”΅ Confirm Medix SSO integration capability with your identity provider ☐ Define access tier structure (admin, standard user, read-only, temporary) ☐ Establish centralized credential management policy

Centralized Credentialing & Access Control

☐ Create master user provisioning/deprovisioning workflow ☐ Define approval chain for elevated access requests ☐ Establish offboarding checklist (access revocation within 24 hours of termination) ☐ Document vendor access requirements and approval process


3. Location Readiness Assessment

Readiness Scoring Framework

Score each location 1–5 on each factor. Compute composite score.

Factor 1: IT Infrastructure Maturity (Weight: 25%)

Score Criteria
5 Workstations <3 years old, business-grade network equipment, 500+ Mbps internet, current PMS version
4 Workstations <5 years old, adequate network equipment, 200+ Mbps internet, PMS within 2 versions of current
3 Mixed-age workstations, consumer-grade network equipment, 100+ Mbps internet, PMS supported but dated
2 Some workstations >5 years, network issues common, <100 Mbps internet, PMS version approaching end-of-life
1 Outdated hardware throughout, frequent network failures, inadequate bandwidth, PMS unsupported

Factor 2: Staff Tenure & Adaptability (Weight: 20%)

Score Criteria
5 Low turnover (<15%/year), history of successful tech adoption, staff requests new tools
4 Moderate turnover (15–25%/year), one successful tech implementation in past 2 years, generally positive attitude
3 Average turnover (25–35%/year), mixed results with past tech changes, neutral attitude
2 High turnover (35–50%/year), one failed tech implementation, resistance to change
1 Very high turnover (>50%/year), multiple failed implementations, active resistance

Factor 3: Patient Volume (Weight: 15%)

Score Impact Assessment
5 Very high volume (>800 patients/month)β€”maximum impact but requires flawless execution
4 High volume (600–800/month)β€”significant impact, manageable risk
3 Moderate volume (400–600/month)β€”good balance of impact and risk
2 Lower volume (200–400/month)β€”lower risk but limited impact data
1 Low volume (<200/month)β€”minimal risk but not representative for pilot

Note: For Wave 1 pilots, score 3 is often idealβ€”sufficient volume for meaningful data without catastrophic risk.

Factor 4: Tech Stack Compatibility (Weight: 25%)

Score Criteria
5 PMS with documented Medix integration, modern imaging system, cloud-based ancillary tools
4 PMS with available integration, standard imaging system, mostly compatible tools
3 PMS supported but requires custom configuration, imaging integration possible with effort
2 Legacy PMS requiring workarounds, older imaging system, some incompatible tools
1 Unsupported PMS, imaging system requires replacement, significant incompatibilities

Factor 5: Local Champion Availability (Weight: 15%)

Score Criteria
5 Identified tech-forward office manager AND engaged provider, both committed to championing
4 Strong office manager willing to champion, provider supportive
3 Office manager willing but not enthusiastic, need to develop champion capacity
2 No natural champion, office manager overloaded, provider disengaged
1 Leadership vacuum at location, no viable champion candidate

Composite Score Calculation

Weighted Score = (Infrastructure Γ— 0.25) + (Staff Γ— 0.20) + (Volume Γ— 0.15) + (Compatibility Γ— 0.25) + (Champion Γ— 0.15)

Composite Score Readiness Tier Rollout Recommendation
4.5–5.0 Tier 1: Excellent Wave 1 candidate
3.5–4.4 Tier 2: Good Wave 2 candidate
2.5–3.4 Tier 3: Moderate Wave 3 candidate, may need pre-work
1.5–2.4 Tier 4: Challenging Requires remediation before deployment
<1.5 Tier 5: Not Ready Address fundamental issues first

Rollout Sequence Recommendation

Wave 1 Selection Criteria (2–3 locations)

  • Composite score β‰₯4.0
  • At least one location in each major market/region (for regional manager learning)
  • ⚠️ Avoid: Highest-volume location AND newest acquisition AND location with recent staffing upheaval
  • Include: One location that is "typical" of your portfolio (not the best, not the worst)

Wave 2 Selection Criteria (5–8 locations)

  • Composite score β‰₯3.5
  • Geographic clustering to enable shared regional support
  • Include at least one location with a different PMS if portfolio is mixed

Wave 3+ Selection

  • Remaining locations, sequenced by composite score (highest first)
  • Batch locations requiring similar remediation work

4. Rollout Strategy

Wave Structure Recommendation

Wave Locations Duration Purpose
Wave 1 2–3 3 weeks Prove concept, identify issues, refine playbook
Wave 2 5–8 4 weeks Scale validation, stress-test support model
Wave 3 8–12 4 weeks Full operational deployment
Wave 4+ Remaining 4 weeks each Portfolio completion

Buffer between waves: Minimum 1 week for learning capture, playbook refinement, and go/no-go assessment.

Wave 1 Pilot Selection

Ideal Pilot Profile

Criterion Rationale
High readiness score (β‰₯4.0) Minimize deployment friction, let the tool prove itself
Representative PMS Learnings apply to majority of portfolio
Engaged office manager Will provide quality feedback, not just complaints
Moderate volume Sufficient data without catastrophic risk
Accessible location Easy for support visits during stabilization
No major competing initiatives Staff bandwidth available

⚠️ Avoid for Wave 1

  • Flagship locations (too high-profile if issues occur)
  • Recent acquisitions (too many variables)
  • Locations with pending office manager changes
  • Sites with known infrastructure deficiencies

Timeline Per Wave

Wave 1 Detailed Timeline (3 weeks)

Week Activities
Week 1 πŸ”΅ Network assessment, agent deployment, initial configuration, test environment validation
Week 2 Champion training, staff training sessions, parallel monitoring (no changes to workflow)
Week 3 Full go-live, daily check-ins, issue resolution, feedback collection

Wave 2+ Timeline (4 weeks per wave)

Week Activities
Week 1 πŸ”΅ Assessment and deployment (accelerated using Wave 1 templates)
Week 2 Training (using train-the-trainer model)
Week 3 Go-live first half of wave
Week 4 Go-live second half, stabilization

Go/No-Go Criteria

Criteria to Advance to Next Wave

Category Go Criteria No-Go Threshold
Technical Stability <2 critical issues unresolved Any critical issue unresolved >48 hours
User Adoption >80% staff can perform basic functions <60% competency rate
Security Posture Zero new vulnerabilities introduced Any HIPAA compliance gap identified
Operational Impact <15 minutes added daily workflow time >30 minutes added time, or workflow disruption
Support Load <5 tickets per location per week >15 tickets per location per week
Champion Confidence Champion rates readiness β‰₯7/10 Champion rates readiness <5/10

🟣 Go/No-Go Decision Process

  1. Wave completion report prepared by Project Lead (Day 1 of buffer week)
  2. Regional Manager review and recommendation (Day 2)
  3. VP Operations + CDO decision call (Day 3)
  4. If No-Go: Define remediation actions and revised timeline (Days 4–5)
  5. If Go: Confirm Wave 2 location list and communicate to office managers (Days 4–5)

Rollback Plan

⚠️ Rollback Triggers

  • Critical security vulnerability introduced by deployment
  • PMS performance degradation >25%
  • Unrecoverable data integrity issue
  • Widespread staff inability to perform basic functions after training

Rollback Procedure

  1. πŸ”΅ Contact Medix SOC immediately (15-minute SLA)
  2. Document specific failure mode and affected systems
  3. πŸ”΅ Medix disables monitoring agents (preserves data, removes active components)
  4. Revert any network configuration changes using pre-deployment documentation
  5. Restore previous security tools (if any)
  6. Post-incident review within 48 hours

Rollback Scope Management

  • Single location failure: Isolate and rollback that location only; continue other wave locations
  • Pattern across multiple locations: Pause wave, rollback all affected locations
  • Fundamental incompatibility: Full program pause, executive escalation

5. Configuration & Integration (Weeks 2–3)

Practice Management System Integration

πŸ”΅ Dentrix Enterprise Integration

Prerequisites ☐ Dentrix Enterprise Server version 8.0 or higher ☐ SQL Server access credentials ☐ Network path to Dentrix data directory from Medix monitoring server

Integration Steps (Estimated: 4 hours per location, πŸ”΅ Medix-led)

  1. ☐ πŸ”΅ Deploy Medix secure agent on Dentrix server
  2. ☐ Create read-only SQL user for monitoring (do not use sa account)
  3. ☐ πŸ”΅ Configure backup monitoring for Dentrix database files
  4. ☐ πŸ”΅ Establish secure connection to Dentrix application logs
  5. ☐ πŸ”΅ Set up file integrity monitoring on Dentrix directories
  6. ☐ Test monitoring dashboard confirms Dentrix visibility
  7. ☐ Document configuration settings in location runbook

⚠️ Common Failure Point: Antivirus exclusionsβ€”ensure Medix agents are whitelisted in any existing antivirus or endpoint protection to prevent conflicts.

πŸ”΅ Eaglesoft Integration

Prerequisites ☐ Eaglesoft version 21 or higher ☐ Patterson Technical Support contact (for complex configurations) ☐ Local administrator access to Eaglesoft server

Integration Steps (Estimated: 3 hours per location, πŸ”΅ Medix-led)

  1. ☐ πŸ”΅ Install Medix endpoint agent on Eaglesoft server
  2. ☐ πŸ”΅ Configure monitoring for Eaglesoft services and processes
  3. ☐ πŸ”΅ Set up database backup verification
  4. ☐ πŸ”΅ Enable file-level protection for patient data directories
  5. ☐ Test failover procedures do not conflict with Eaglesoft
  6. ☐ Validate Eaglesoft performance post-agent deployment

πŸ”΅ Open Dental Integration

Prerequisites ☐ Open Dental version 22.1 or higher ☐ MySQL database credentials ☐ Cloud vs. on-premise hosting determination

Integration Steps (Estimated: 2 hours per location, πŸ”΅ Medix-led)

  1. ☐ πŸ”΅ Deploy endpoint agent (cloud: API integration; on-premise: server agent)
  2. ☐ πŸ”΅ Configure MySQL monitoring with read-only credentials
  3. ☐ πŸ”΅ Set up Open Dental backup verification
  4. ☐ πŸ”΅ Enable audit logging integration for compliance reporting
  5. ☐ Test reporting dashboard shows Open Dental metrics

Imaging System Integration

DEXIS Integration

☐ πŸ”΅ Install monitoring agent on DEXIS server/workstations ☐ πŸ”΅ Configure image backup verification ☐ Set up storage monitoring with alert thresholds (80% capacity warning) ☐ Verify imaging workflow unaffected by endpoint protection

Carestream Integration

☐ πŸ”΅ Coordinate with Carestream support for agent compatibility confirmation ☐ πŸ”΅ Deploy monitoring without disrupting image acquisition ☐ Configure DICOM directory monitoring ☐ Test image capture and retrieval post-deployment

CBCT Systems

⚠️ Common Failure Point: CBCT systems often run on dedicated hardware with specific software requirements. Do NOT deploy agents without explicit vendor approval.

☐ Document CBCT system make/model/software version ☐ πŸ”΅ Medix confirms compatibility or exclusion plan ☐ If excluded: Implement network-level protection only ☐ Set up air-gap monitoring where applicable

Test Environment Setup

☐ πŸ”΅ Medix provisions isolated test environment mimicking production ☐ Clone configuration from one representative location ☐ Simulate common attack scenarios (phishing, ransomware, unauthorized access) ☐ Validate alert generation and escalation paths ☐ Test backup and recovery procedures

Validation Checklist

Test Case Pass Criteria Verified By
Agent deployment Agent reports to central dashboard within 5 minutes Medix
Real-time monitoring CPU/memory alerts trigger correctly Medix
Endpoint protection Test malware quarantined within 30 seconds Medix + Internal
Backup verification Automated backup test restores successfully Medix
PMS access No performance impact on PMS operations Office Manager
Imaging function X-rays capture and save without delay Provider/Assistant

Data Migration / Historical Data Ingestion

For Medix Dental IT, data migration is minimalβ€”focus is on log ingestion:

☐ πŸ”΅ Determine log retention requirements (HIPAA: 6 years minimum) ☐ πŸ”΅ Configure historical log ingestion if replacing existing SIEM ☐ Verify audit trail continuity for compliance purposes ☐ Document data handling for any decommissioned systems

Security and HIPAA Compliance Verification

Pre-Go-Live Security Checklist (Per Location)

☐ πŸ”΅ Endpoint protection deployed to all workstations ☐ πŸ”΅ Network monitoring active on all segments ☐ πŸ”΅ Email security scanning enabled ☐ Multi-factor authentication confirmed for all remote access ☐ Encryption at rest verified for all PHI storage ☐ Encryption in transit verified for all data transmission ☐ Access logging enabled for all systems ☐ Password policy enforced (complexity, rotation, no sharing)

Enterprise-Level HIPAA Checklist

☐ 🟣 BAA executed with Medix Dental IT (before any PHI exposure) ☐ Data governance policy updated to reflect Medix as business associate ☐ Access control matrix documented: who at Medix can access what ☐ Audit log requirements confirmed (access logging, retention, review cadence) ☐ Incident response plan updated to include Medix SOC ☐ Data disposal procedures confirmed for any decommissioned Medix components ☐ Subcontractor chain documented (Medix's downstream vendors)

Standardized vs. Location-Specific Configuration

Standardize Centrally (Configuration Template)

Setting Standard Value Rationale
Password policy 12+ characters, MFA required Consistent security posture
Patch deployment window Sunday 2–5 AM local Minimize operational impact
Alert thresholds CPU >90% 5 min, Disk >85% Uniform monitoring
Backup schedule Daily incremental, weekly full Consistent recovery capability
Retention policy 90 days logs, 7 years compliance data Regulatory alignment
Endpoint protection level Maximum (real-time + behavioral) No security exceptions

Allow Location-Specific Configuration

Setting Variation Allowed Approval Required
Alert recipients Local + central (additional local contacts OK) Office Manager
Maintenance windows Shift Β±2 hours based on office hours Office Manager
Network segmentation details Based on physical layout Regional Manager + Medix
Local admin designation 1–2 people per location Regional Manager
Guest WiFi configuration Based on patient area needs Office Manager

6. Team Training Plan

Train-the-Trainer Model

Champion Selection Criteria

Criterion Weight Description
Role fit 30% Office manager preferred; tech-forward hygienist or assistant acceptable
Tenure 20% >12 months at location, committed to staying
Technical comfort 25% Regularly uses technology, learns new systems quickly
Peer influence 15% Respected by colleagues, can motivate others
Availability 10% Has bandwidth for 4–6 hours training + ongoing responsibilities

Champion Responsibilities

  1. Complete certification training (4 hours)
  2. Deliver role-specific training to all location staff
  3. Serve as first-line support for IT/security questions
  4. Conduct daily check-ins during go-live week
  5. Submit weekly feedback during first month
  6. Train new hires ongoing
  7. Participate in quarterly champion network calls

πŸ”΅ Champion Certification Training (4 hours total)

Module Duration Format Content
Cybersecurity Fundamentals 45 min πŸ”΅ Video + quiz Why this matters, threat landscape, DSO-specific risks
Medix Platform Overview 60 min πŸ”΅ Live demo Dashboard navigation, key metrics, alert types
Incident Response Basics 45 min πŸ”΅ Interactive What to do when you see an alert, escalation paths
Training Delivery Skills 30 min Video How to train adults, handling resistance
Role-Specific Training Prep 60 min Self-study Review all role training materials
Certification Assessment 20 min πŸ”΅ Online quiz 80% pass rate required

Role-Specific Training Outlines

Providers (Dentists/Specialists)

Training Time: 20 minutes Format: Office manager/champion delivers; optional πŸ”΅ Medix video

Content:

  • What Medix does (protect patient data, keep systems running)
  • What you'll notice: Nothing, ideallyβ€”security works in background
  • What might change: MFA prompts, occasional update notifications
  • When to alert IT: Unusual system behavior, suspected phishing, missing patient data
  • πŸ”΅ Quick reference: One-pager on phishing identification

Common Resistance Points:

  • "This slows me down" β†’ Emphasize MFA takes <10 seconds; ransomware takes days to recover
  • "We've never been hacked" β†’ Share industry statistics; average dental breach cost

Day 1 Cheat Sheet for Providers:

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ MEDIX SECURITY - PROVIDER QUICK REFERENCE           β”‚
β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€
β”‚ βœ“ Log in normallyβ€”MFA may prompt on first use       β”‚
β”‚ βœ“ Report suspicious emails to [champion name]       β”‚
β”‚ βœ“ Lock workstation when leaving (Win+L or Cmd+Ctrl+Q)β”‚
β”‚ βœ“ Never share passwords, even with "IT support"     β”‚
β”‚ βœ“ Contact champion if anything seems "off"          β”‚
β”‚                                                      β”‚
β”‚ EMERGENCY: Something's wrong with patient data?     β”‚
β”‚ β†’ Tell office manager IMMEDIATELY                   β”‚
β”‚ β†’ Call Medix SOC: [number]                          β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Hygienists

Training Time: 15 minutes Format: Champion-delivered, group session OK

Content:

  • Quick overview of why cybersecurity matters for patient trust
  • Day-to-day: No changes to clinical workflow
  • Technology reminders: Log out when switching operatories
  • What to watch for: Unusual computer behavior, pop-ups
  • Reporting: Tell the front desk or champion

Common Resistance Points:

  • "I don't deal with the computer much" β†’ You access patient records; you're part of protection
  • "This is more work" β†’ Logging out takes 2 seconds; breach recovery takes weeks

Day 1 Cheat Sheet for Hygienists:

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ MEDIX SECURITY - HYGIENIST QUICK REFERENCE          β”‚
β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€
β”‚ βœ“ Lock your workstation when moving to another room β”‚
β”‚ βœ“ Don't leave patient charts open unattended        β”‚
β”‚ βœ“ Report anything weird: pop-ups, slowness, errors  β”‚
β”‚ βœ“ Ask before plugging in USB devices                β”‚
β”‚                                                      β”‚
β”‚ SEE SOMETHING? SAY SOMETHING.                       β”‚
β”‚ β†’ Tell [champion name] or front desk                β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Front Desk / Office Manager

Training Time: 45 minutes Format: πŸ”΅ Live webinar or champion-delivered with screen share

Content:

  • Your role in the security chain (first contact for many threats)
  • Email security: Phishing identification, suspicious attachment handling
  • Password management: Vault usage, no sticky notes
  • Patient communication: How to discuss our security practices
  • Daily monitoring: What to glance at on the security dashboard
  • Incident reporting: How to log and escalate

Common Resistance Points:

  • "I already have too much to do" β†’ This replaces worry about IT; Medix handles the heavy lifting
  • "Patients don't ask about security" β†’ They do ask about it, and regulators definitely do

Day 1 Cheat Sheet for Front Desk:

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ MEDIX SECURITY - FRONT DESK QUICK REFERENCE         β”‚
β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€
β”‚ DAILY:                                               β”‚
β”‚ βœ“ Check email for Medix alerts (review, don't panic)β”‚
β”‚ βœ“ Verify backup completed (green check on dashboard)β”‚
β”‚                                                      β”‚
β”‚ EMAIL SAFETY:                                        β”‚
β”‚ βœ“ Hover before clickingβ€”does link match sender?    β”‚
β”‚ βœ“ Unexpected attachment? Verify by phone first      β”‚
β”‚ βœ“ "Urgent

AI-generated implementation guide based on public vendor information. Verify specifics directly with Medix Dental IT.