Our special guest is Steven McEvoy, an IT Professional and Project Manager for MME Consulting, a computer company specializing in serving dental practices nationwide. Steve is here to discuss cyber security. He exposes the loopholes, but he also provides solutions. Orthodontic practices are lucrative, making them a prime target for hackers who can leverage you and hold your data as ransom. This episode is a must-listen-to protect your data from ransomware and bad actors.
IN THIS EPISODE:
KEY TAKEAWAYS:
Achieving practice growth isn’t as simple as it used to be. But with groundbreaking technology and new communication channels to reach more patients, People + Practice is an orthodontic marketing agency that firmly believes that there’s never been a better time to be in practice.
EPISODE TRANSCRIPT
What follows is an AI-generated transcript. The transcript may contain errors and is not a substitute for watching the video.
(00:00:00) Dr. Leon Klempner: So what would you do if you came into the office on Monday, turned on the lights, turned on your computer, and couldn't access your patient charts? You got a big screen with a big X on it with a timer that said within 48 hours we're gonna delete all your files unless you paid us X amount of dollars.
Phishing. Worms. Trojans. Ransomware. Social engineering. Lions, tigers, and bears. Oh my. Today's topic, cyber security.
(00:00:38) Narrator: The future of orthodontics is evolving and changing every day. But although the way to achieve practice growth has changed, there's never been a better time to be an orthodontist. Let's get into the minds of industry leaders, forward thinking orthodontists, and technology insiders to learn how they see the future of the orthodontic specialty.
Join your hosts, Dr. Leon (00:01:00) Klempner and Amy Epstein each month as they bring you insights, tips, and guest interviews focused on helping you capitalize on the opportunities for practice growth. And now, welcome to the golden age of orthodontics with the co founders of People and Practice, Dr. Leon Klempner and Amy Epstein.
(00:01:20) Dr. Leon Klempner: Welcome to the golden age of orthodontics. If you don't recognize me by now, uh, you haven't been watching the podcast. I'm Leon Klempner, retired board certified orthodontist, director of, uh, and craniofacial orthodontist at the icon school of medicine at Mount Sinai and part time faculty at Harvard. And of course, the CEO of People in Practice.
And I'm joined by my oldest daughter. I guess it comes a point where that isn't necessarily something I should say about you, right? I'm fine with it, really. You're fine with it. Okay.
(00:01:58) Amy Epstein: Yeah. (00:02:00) But that's okay. I like it. You're like, who am I? Yeah, I'm Mo. I'm the oldest of three. Um, I'm also the COO of people in practice, which is a digital marketing consultancy for orthodontists that my dad and I started to help practices market their, their practice in their communities.
Um, I wanted to say, if you don't recognize my dad. Um, if you're looking for him at the AIO or any of these, uh, trade shows and conferences, he's a six foot four. He's in the cloud. So if you look up a little bit and you look for the gray hair, that's how you can find him. So today we're thrilled to have as our guest, Steve McAvoy.
So aside from when I asked Steve, how do I introduce you? He said, uh, car guy, a nerd and a Canadian hiding in California. But moreover. He's an I. T. Professional and project manager for M. M. E. Consulting, a computer company that specializes in serving dental (00:03:00) practices nationwide. He has 20 years experience working hands on with the technologies used in ortho practices like yours.
He's a past chair of the A. A. O. Committee on Information Technology, a Which is called CTEK. He speaks regularly at AIO conferences about computer technology and cyber security as it applies to an ortho practice. Steve, thank you for coming today. We are so happy to be talking with you.
(00:03:25) Steve McEnvoy: Hey, it's great to be here.
Yeah, I'm enjoying the opening, so I can't wait to see what comes next. Well, that was
(00:03:32) Dr. Leon Klempner: the end of the podcast. Thanks for watching. All right, Steve. So, um, I get the whole cybersecurity thing, right? As an orthodontist, I get it. Uh, there are bad actors out there and there are things that we need to do, but here's what I don't understand is we're small potatoes.
I mean, there's so many big corporations, there's banks, there's governments, there's all sorts of stuff that, that's out there. So why (00:04:00) exactly would we be so attractive
(00:04:03) Steve McEnvoy: as targets? That's a great question, and I think it comes back to two things. First, you're a lucrative target. Um, uh, I don't think it takes much research from a hacker's perspective to realize that Um, an orthodontist or an oral surgeon or a dental specialist, you know, at least makes a decent living.
Uh, so they know there's a little bit of money, you know, if they could dig in and get at it. But what really motivates them is that they know that they can get some leverage on you. Uh, they, they understand that people in healthcare, uh, dental markets included, have HIPAA constraints. And if they can even get to the smallest piece of your data.
They can leverage you because the threats a little different, you know, in the open, you were talking about, you come in and your computers ransomware. Well, if you're Joe Schmo auto mechanic and you have a (00:05:00) good backup, you just say, forget it. You bad guys. I'm going to just restore my computer and I'm back into operation.
The bad guys attacking you are going to get in. They're going to ransomware the computer and they're going to take out a little piece of your data. Yeah. They don't have to take your whole patient database, but they're going to grab a few things and the threats going to be modified. Not only do we have your data encrypted and that's going to interrupt your business, but if you still don't pay us, we're going to publish literally publish this patient information.
Online on the dark web, I've put it up for sale and now you're going to have a guaranteed HIPAA violation and they know that you have that pressure to avoid that. So you're more likely to pay the ransom. I guess a 3rd thing in their favor, why it matters is that I think they understand that most dental specialists are, uh, small businesses.
And (00:06:00) they probably don't have the best cyber security defenses. If they're going to attack a bank, there's defense there. But if they think about, well, maybe the average orthodontist doesn't do, doesn't care that much about cyber security, maybe it's an easier target. So those are sort of the primary drivers that I think make you a juicy target for the bad guys to come after you.
Mm hmm.
(00:06:24) Amy Epstein: You know, we've always had, um, some defenses in place, like the one of the oldest ones I can remember is the antiviral pro antivirus programs. Um, now with the ransom, uh, you know, people taking over your computer and holding your information ransom and all the phishing emails and scams and that we're seeing lately.
Is that still a thing? The antivirus software, is that so relevant to us?
(00:06:54) Steve McEnvoy: Yeah, it is. Um, you know, uh, it's, again, another great question (00:07:00) is, do I still need antivirus on my computer in this day and age because the threats have changed, but yeah, there's, there's still the old layer of, uh, risk that's out there, but the antivirus programs.
Have gone through a generational change as well. And many practices aren't using the best tools at this point. The, the people that make any virus programs have realized that the threats are dynamic and gotten more complicated and social engineering scams and ransomware are much harder to detect. If you think in the old days, what we used to fight off was pop ups on our computer screens, right?
You get, you know, Oh, go to Vegas and win a free Corvette now. We're trying to fend off ransomware and they're trying to, and the virus looks different every day. Every new ransomware attack is a unique thing. So an old school antivirus program was just used to looking for a particular pattern, uh, an executable file that's (00:08:00) coming in attached to an email.
If it matched that pattern, it would stop it. But now it's a hacker that makes something that's completely dynamic. So there's a better antivirus tools that are out there today, or I just sort of going to refer to them as next gen antiviruses, and they're available for multiple companies. They, they're more intelligent, so a traditional antivirus program, like you might have used.
Five or seven years ago, like from a program company like Symantec or Norton or whatever would cover about 50 percent of the threats that are probably presented to you today, leaving 50 percent of the new things. unprotected for you. A next gen antivirus is targeting that, that other 50%. They are looking for odd behavior on your computer, which is really hard to detect.
But imagine if you have a reception computer and the receptionist in a normal day touches a few files on the server. She uses the (00:09:00) practice management program. She prints a little bit. She never transfers any files out to the Internet. But suddenly, if the next day she's touching 25, 000 files, she's touching every image or photo or x ray on the server, and she's sending data out to the internet continuously.
Well, the next gen antivirus tools kind of use like an AI approach. They go, that's weird. And weird is dynamic, right? So they just figure out that there's something really unusual happening on this computer and they lock it down. It's like pulling off the network cable. They stop it dead in its tracks.
Now the computer is polluted and screwed up, but they also send off a flare. So to whoever your IT people are that are managing the next gen antivirus tool, they get an email or a message or something pops up on a console that says, Hey, there's a really serious thing happening over here on reception. We don't know what it is, but we isolated it before it could really get (00:10:00) out of it, you know, get any further in the network.
So that's the type of tool I think that. You know, all practices should be monitored, migrating to, and they're not really called next gen antiviruses. The buzzword, if someone's out shopping for one is an EDR, um, an EDR solution, uh, endpoint detection and response. And they're available from multiple companies, Sentinel 1, WatchGuard,
(00:10:26) Amy Epstein: CrowdStrike, other.
Is it costly? What are we talking about in terms of an EDR?
(00:10:31) Steve McEnvoy: Yeah, they cost a little bit more and the software makers, of course, have used this as an opportunity to turn it into a subscription rather than a, uh, buy it once and use it for, you know, 5 years thing. They're probably about, you know, 5 to 7 and a half dollars.
Depending on the product and the features you're getting, but if you planned on like 7 a computer per year, uh, which is still pretty reasonable, it was that like a venti latte,
(00:10:57) Amy Epstein: something like that. Yeah, I mean, in the context of what (00:11:00) we're talking about, it seems like a very modest and reasonable price to pay.
I have one quick question for you, which is just to clarify, uh, going back to what phishing scams, social engineering. Scams. Is that, is that what you're talking about? Can you just define that for me? Because it was a phrase I hadn't heard before.
(00:11:19) Steve McEnvoy: So honestly, that is, to me, that is the current biggest risk that's out there that's happening, that hackers are realizing they're up against hard firewalls and next gen antivirus tools now, and the weakest part of the whole system in your office.
Is the person, right? Um, so they're, they're, they're not trying to breach directly into the computer. Now they're trying to fool the staff member. And I think, you know, if you, if you think back, right, we're kind of all aware of at this point, what fishing was and, you know, fishing in the old days was you get that email message from the Nigerian prince that said, you know, I just need to (00:12:00) transfer these 4 million over to the US.
Can you help me? And none of us really fall for that. I hope anymore. But the social engineering scams now are much more sophisticated. And when I look at incidents that I've been part of, uh, helping people out, it's been much more intelligent scams that they get fooled with. And I can give you some examples, um, that are real world have happened to orthodontic practices.
The first is. An office manager sends an email to the finance person in the office and says, Hey, here's the landscaper's bill. You know, maybe it's 1, 000, you know, please pay it and the finance person normally gets bills forwarded from the, uh, the office manager and dutifully. Cuts the check and puts the check, you know, you know, like an orthodontist, you probably many of you out there can relate, you know, you get a (00:13:00) stack of checks at the end of the week and you're signing, you know, you're flipping them over and signing them and you're doing all your payables just by chance.
The orthodontist is signing that check for that landscaper and goes, wait a minute, this is going to the wrong place and asks the finance person. Well, why are we, you know, paying this to a slightly different looking company? And the finance person goes, well, because the office manager sent me the bill like normal.
Well, what really had gone on there. is that a hacker had broken into the office manager's email account. Uh, the office manager had some bad password habits. She used the same username and password for everything. So, somewhere else in the internet, she got breached, you know, maybe over at one of the other hacks, at like companies like MyFitnessPal and stuff where their data gets leaked out onto the internet.
And she used the same username and password for the company email. (00:14:00) And... So the hacker though, got in and read all her email. They sat inside the mail system and figured out the power structure. They realized that there was a finance person. They realized that the doctor was involved in the process and then they.
Saw that the office manager would periodically forward, you know, the invoice for the, uh, the landscaper stuff to the finance person. So they faked it, right? Because they were in her email. They just made an email up with a fake invoice that looked like the landscaper, but with slightly different payment locations and sent it off to the finance person.
Right? So they got opportunity, they got into the email system, they looked around, they took time, and then they made a very crafted, unique hack. Against that particular practice. So that was like 1, 000 scam. But an even more popular scam that's happening now that I wanted to share (00:15:00) is a clinical staff member.
Again, email sends an email message to the office manager who is in charge of payroll. And she says, you know, I've got a new bank account. I've changed banks. Can you please change my direct deposit for my paycheck to go to this new routing number and bank account information? The office manager dutifully makes the change, and it takes 2 pay cycles for that clinical staff member to.
Walk over and finally show up in the office manager's office and go, I haven't been getting my paychecks. And then the office manager goes, Well, hey, I changed it to your new bank account. Maybe the information was wrong. And then the clinic person goes, What do you mean you changed it? I haven't changed my bank account.
And the scenario is very similar. The, the hacker got into the email system, looked around, so they breached the (00:16:00) clinic's person's email, realized, sat, read, figured out the power structure. And then sent this email that looked like it was from the clinic person and they got two paychecks. So, you know, that's like, now we're talking about a four or 5, 000 score for the hacker.
So both of those antivirus wouldn't have helped you new firewall wouldn't have helped you. It's really, that was a social engineering attack and breaching somebody's credentials that worked the scam both times, you know, um,
(00:16:32) Dr. Leon Klempner: First of all, you're scaring me right
(00:16:34) Steve McEnvoy: now.
(00:16:36) Dr. Leon Klempner: I mean, that's some sophisticated activity that's going on.
So, um, that makes me nervous. So, you know, what is it called? Endpoint
(00:16:49) Steve McEnvoy: detection and response software? Detection and response. EDR. All right. All right.
(00:16:54) Dr. Leon Klempner: Noted. Um, so it's customary for us (00:17:00) to have one of our viewers. Uh, ask a question, uh, of our guests. So, um, if you don't mind, I'm going to play that now and then I'll have you respond.
Sure.
(00:17:14) Guest Question-Mark Bronski: Hey Steve, it's Mark Bronski from New York City. Uh, I've listened to you speak in the past about building a cybersecurity defense, sort of like building a brick wall to protect against online attacks. Where would you suggest that we start? It's really important. Thank
(00:17:28) Steve McEnvoy: you. Well, thanks, Dr. Bronski.
That's a great question. And probably the one that I think stops most practices from actually getting going. They just don't. Don't know what's the first thing to do, right? And the first thing to do, I think, is the easiest and least expensive. You need to make a CEO commitment. Whoever, if it's your business, you have to make a mantra choice.
We are going to improve. That is the (00:18:00) absolute number one first thing. Um, And once you're convinced your job is pretty simple as the CEO, you need to empower somebody else to deal with it. I'm not telling you, you need to be the one going out and buying the next gen antivirus or working on this. But you have to let your staff know that this is a real deal for the practices.
You, you've watched this thing, you're freaked out a little bit about the risk happening to you. So it's time to start doing it, but do it in bite sized pieces, right? Because if you just say, I got to get it all done tomorrow, again, you'll get nowhere. It's like writing a website, a website, you know, everybody has great intentions, but you still have to do it one little bite brick at a time.
So empowering others. That means you have to sit down with your staff, maybe during the, uh, the weekly staff meeting and tell them you're scared completely about the cybersecurity risks that are out there. Show them this podcast. Um, Tell them this isn't going to happen to us. (00:19:00) I'm going to take this really serious going forward.
Then get your office manager, whoever your lieutenants are involved. Tell them, look, I'm willing to spend a little bit of money. Spend some practice time and resources on this. Let's get started building in a brick at a time. So. You know, empowering your office manager, but what you really need is your nerds to help, right?
Whoever your nerd is that does your I. T. support needs to look at what your situation is and. There are probably a couple of different types of nerds, you know, I'm a nerd. So I think of it as a compliment, but the, um, you have
(00:19:41) Amy Epstein: two, by the way, you've got two, three nerds on this podcast right now. Hello,
(00:19:47) Steve McEnvoy: there's, there's those that don't care.
About cyber security, there may be an I. T. person that's, you know, got the attitude. Well, it doesn't really matter. It hasn't happened to, you know, the, the, the mechanic shop that (00:20:00) I support down the street or the library. I help over here. So why should it matter to you as an orthodontist if they don't have the mindset?
The cyber security mindset to help you that may be one of your big cyber security problems, but maybe they do have the mindset. So now to maybe to I'm going to try and help help my my brethren it people out there, but they're beaten down. You know, the, maybe they've proposed things like this in the past, but oh, it costs money.
Don't talk to me about that. You know, we haven't had a virus here before, you know, don't sell me that next gen antivirus. Don't, you know, do any of that stuff. So they just stopped trying. Right. They've been beaten down by price pressure so often that they don't really propose the solution. But if they're cyber security savvy and you just pick up the phone and go, Hey, I saw this scary thing.
Can you help me? You're going to see their eyes. You know, they're going to get. Yeah, I can help you. Thank you for asking. (00:21:00) Right. And then they're going to figure out what the right tools are to help you out. So I think you need to reach out. See if you've got to, you know, tell them you want help. If the guy blows you off or the person blows you off, maybe you're not talking to the right guy.
If they're like excited to try and help you now, get into the discussion and talk with them. So empower them to come help you is where I would go next. And then how do you know if you have a cybersecurity guy that really knows what they're doing? If you really still are uneasy, get an outside opinion.
You know, bring in somebody that's a cyber expert or, you know, give me a call or give one of the cyber security consultant companies a call and get a third party opinion. You know, they'll charge you for it. You know, hopefully a reasonable fee. They'll take a look at your current set up and go, wow, you're in great shape or wow, you're not in great shape.
And maybe here's the things you should work with your people on to tune things up. So that's how I would approach it. If I was Dr. Brodsky.
(00:21:58) Amy Epstein: Definitely. I mean, that's a (00:22:00) good advice. And I also think, you know, basically what you were talking about with the, uh, social engineering scams, I, you know, it sounds to me like it makes sense to have a sit down with the team as well, if that's the link.
And I don't know if there's training on common scams or just things you definitely should never do, but that seems to be like a low hanging fruit. Issue that might be able to be just like question everything.
(00:22:28) Steve McEnvoy: Yeah, well, cyber cyber security training really boiled down to what your staff need to learn is actually almost a requirement now in most cyber insurance for dental offices, it's a requirement that once a year you put your staff through, uh, phishing training and, uh, the it people you work with.
Might offer it or the, I know there's cyber security companies out there like black talent, et cetera, that offer it as a service as well. So, you know, they have a, like a literally an online (00:23:00) training system. You get a certificate, you know, it's all recorded. It only takes an hour for the staff to go through it.
And it helps keep them kind of keenly aware of what they're watching for. What's a phishing attack. What's a social engineering scam look like. And when you hire new staff. Again, they're not in sync with the rest of your staff that are on annual training, so you could give them this online training and, uh, you know, get them caught up with the rest of the team.
(00:23:26) Amy Epstein: So, Steve, I have 2 questions I want to ask you, and I want to make sure we can fit them both in. The first one is about, um. Like the most common question that you get asked by orthodontists, like, what's the one thing that everybody has on their mind? I want to make sure we address that.
(00:23:43) Steve McEnvoy: Sure. Well, if you think about those two social engineering scam examples I gave you, where was, where was the weak spot, the password, the, uh, the, a human flaw that we all want to, the cybersecurity stuff gets in the way.
So how do we (00:24:00) simplify it? We use the same passwords over and over again, which is a catastrophe. Hackers absolutely exploit this. And why are we doing that? Because trying to remember 150 different passwords for all our online services is a huge, almost impossible task. So the most popular question I get is, Well, what do I do about that?
I'd like to, I'd like to use a password manager or something like that. Steve, is there something you would recommend? Well, I can tell you what I don't recommend to start with. Putting it in a note in your iPhone or your Android phone. Um, you know, that's a pretty common thing. Doctor will walk up to me to talk and he'll show me.
Well, yeah, I keep it all here in my phone. That's safe, isn't it? And I'm like, heck no. Somebody breaches your iCloud account. All that stuff's not encrypted. It's available. Now they have all your passwords. Um, putting it on a post it note. Putting it on a sheet of paper in the right, if you're right handed on the right hand drawer and you're inside your office, honestly, I find (00:25:00) stuff in when I can't get into a computer.
I just look in the drawer on whichever handed side of the computer. The user is. And often I find a sheet of paper in there with all the passwords on it. Um, putting it in a document on your office file server. Also a train wreck. Most people aren't aware that the servers index where they read all the files that are on the server.
So if one of your staff is someplace else in the office and tells them, searches the server and says, can you show me anything with the word password or Invisalign in it? It'll give them the answer. So the real place to put it. Is in a password manager, and there are lots of apps that are out there that can do it, but I'm going to tell you about one that I use.
I don't get anything for telling this. I use it personally. I use it with our company. I use it with our customers. It's called 1 password. It's the number 1. Password and it's a Canadian company and it ticks all the boxes. (00:26:00) Um, they offer, I think, a free individual user account for just a person, but I don't think free is good in any password manager because if it's free, you're the product.
So, what I want is reasonable and I think 1 password for their proper professional accounts is 3 bucks a month. It's less than a latte. And for five bucks a month, they have a fantastic deal, a family plan, which allows up to five people to share the same password reservoir. And the idea is pretty simple.
There's a concept of a vault. If you just get an individual account, you just get one vault and all your passwords go into it. Because what do you care, right? Your Netflix login, your Invisalign login, your office computer login all go in there because nobody's sharing it with you. In a family or a business situation, you create different vaults.
You make one for finances. Maybe you and your wife or husband share that. Um, in the office scenario, maybe you, the office manager, and the finance (00:27:00) person share that vault. And then there's another vault called online services. Maybe you put the office Wi Fi system and the Netflix login and stuff in that.
And everybody in your, that you allow one password login to your data can get into that vault and you have your own private vault, you know, for the bank, you know, your bank accounts and stuff like that. So it's a fantastic tool. It works on windows, Mac, iPhones, androids, and it all syncs, right? So if you share a.
A vault, and you each have it on your phone, it's always in replication and everything's always there. So it's a fantastic tool for a reasonable price. And that's how you can get away from using the same password over and over again. You would have a login for the email system. You keep it in your one password and you integrate it with your Google Chrome browser and it fills it in for you automatically.
So, um, then you can have a unique password for service.
(00:27:56) Amy Epstein: Okay. That was comprehensive and very, it seems (00:28:00) straightforward, uh, to implement too. It sounds like a first brick to me. Um, one last question that we have for you is about the, um, cloud based PMS versus local PMS. And is one more secure than the other?
I mean, there's a bit of a feeling that maybe you're more secure if you're in the cloud and there's. More, you know, protection around rather than having a local server. But what do you what are your thoughts there?
(00:28:27) Steve McEnvoy: Yeah, that's a really great question. I think people gravitate to the cloud because they're thinking it'll be it'll be more secure.
Um, and I believe in most cases it is because they're now there's full time nerds that work for whatever companies PMS you use that are trying to defend it. Right? So rather than you just having your information on your own server and your own local I. T. People, you sort of offloaded that risk that hopefully they're smart people taking care of it, although it's now exposed on the Internet in (00:29:00) some sense.
Um, but yeah. You can't ignore the computers inside your practice still. You're thinking, Oh, great. I got rid of the practice management. It's all up there in the cloud. We use Gmail or Office 365 for our email. So our workstations here in the office don't matter anymore. They absolutely do. I've seen several attacks on cloud based systems that almost were successful.
And the mechanism of the attack is always the same. They still trick the person sitting at reception with some sort of phishing scam. They get on that computer and they don't reveal themselves. And they turn on something like a keylogger. What a keylogger is, is it's recording all your keystrokes. So essentially what they get is the username and password for your web based practice management or whatever web based service you're using, and then they, but they've got remote access to that (00:30:00) computer.
So then what they do is they'll wait till the end of the day when you're no longer there. And then they just come in and they log in to your practice management system and they can get in there. And remember, I told you right at the beginning, why is a orthodontic practice such a juicy target? All they need to do is extract a little bit of data.
Patient data, EPHI, and now they can ransom you and they can go, Hey, I've got some X-rays, pay me. And so you still need to care about your inside office computers just as much as when the PMS was inside. So next gen antivirus, phishing training for your staff, all that stuff still matters, I think, in a cloud situation.
(00:30:44) Amy Epstein: Okay, we're gonna take a moment to digest everything that you, uh, just said and, and try to sleep tonight. Good luck with that. Yeah, seriously. This has been very helpful. Um, and, you know, full disclosure, (00:31:00) if a client of mine ever asks about IT security or whatever, I refer them over to Steve. And this is the reason why.
He's extremely knowledgeable, very helpful. Um, and we're not in any business relationship, but, um, you know, obviously this is someone who, Well versed in what he does. So Steve, thank you so much for being here today. If anyone listening wants to reach out to you for a consult, get an evaluation or just get a third perspective, which or outside perspective, like you recommended, how did they reach you?
(00:31:31) Steve McEnvoy: Sure. Well, um, thanks again for those kind words first off, but, um, somebody could reach out to me, just my email is probably the easiest way. Um, probably have that in the show notes somewhere, but it's Steve. At M M E consulting. com, Mary, Mary echo consulting. com. And, uh, you know, I'd be interested to learn about their particular pain points or whatever they're worried about.
Um, and I would suggest, you know, if they come to the AOs, uh, (00:32:00) they can come maybe see me in person, you know, as I, uh, I often get a chance to speak. So I'm on for the 2024 event coming up. You know, if they want to come in. Watch whatever the latest scary thing is that I'm going to scare the heck out of people with, but then they can talk to me in person after that lecture as well.
And I'd be happy to, you know, learn more about what's going on for them and kind of a final parting word would be as. Don't panic, you know, make the mantra decision today, right? This doesn't cost a fortune. We're talking a few lattes worth of investment and some training. So just decide you want to make the process better inside your practice, empower the people they're going to help you.
Talk to your IT person, talk about the next gen antivirus, and just get started building that brick wall. And, you know, do a little bit this month, do a little bit next month, and I think things are going to work out. And you'll just keep raising that wall a little higher, a little higher as time goes on.
(00:32:59) Amy Epstein: Steve, thank (00:33:00) you so much for being here again. We really appreciate it. We will have you back if you're open to it. Thank you. You can subscribe or download other episodes of the Golden Age of Orthodontics on Apple Podcasts, Spotify, SoundCloud, and now YouTube, or wherever you get your podcasts. And if you enjoyed it, we'd appreciate you telling a colleague.
For more information about the marketing and growth consulting that we do here at People in Practice, you can visit our website at pplpractice.
(00:33:28) Steve McEnvoy: com. Thank you
(00:33:31) Dr. Leon Klempner: very much for watching or listening. Uh, at People in Practice, you'll often hear me say that we speak ortho. We're a full service marketing company that lets you actually rely on us to communicate your practice accurately and represent you effectively in your local community.
So what's the takeaway from today's podcast? Well, for me, it's important for us to keep in mind that our target audience.
(00:33:58) Steve McEnvoy: Uh, are (00:34:00) moms, young
(00:34:00) Dr. Leon Klempner: adults that are now digital natives. I mean, they respond best to a digital workflow that respects their time. So, we can't ignore that. Uh, that means offering texting, digital forms, a virtual initial screening, uh, and an AI driven remote, uh, treatment monitoring system.
All the things that make their lives much easier. And all of this... Obviously, it needs to be HIPAA compliant and secure, just like Steve outlined. So remember, for forward thinking orthodontists, it's never been a better time to be an orthodontist. We are in the Golden Age, so take advantage. See you next time.
(00:34:46) Narrator: Thank you for tuning in to the Golden Age of Orthodontics. Subscribe now on Apple Podcasts, Spotify, or visit our website at thegoldenageoforthodontics. com for direct links to both the audio and video versions of this (00:35:00) episode.