SERVICE 03 · ONLINE DATA BACKUP

Encrypted, three-layer backups your practice can actually recover from.

One of the most important services we offer, because a backup is only as good as the restore. We back up critical files daily and verify them, so a hardware failure is a half-day inconvenience instead of an existential one.

Sold as an add-on service. HIPAA BAA provided. 3-2-1 backup strategy.

FEATURES

A backup plan built for dental data, not generic file storage.

Patient records and imaging archives are not interchangeable with ordinary business files. They have HIPAA obligations and restoration timelines that a generic cloud backup plan won’t account for. This is sold as an add-on, not bundled into the monthly maintenance package.

✓

Three-layer backup setup: an internal Windows image, an external drive (your current local backup), and an encrypted cloud copy stored off-site

✓

Cloud copy retained for one month off-site, giving you a rolling restore window without storing years of cloud data you don't need

✓

Encrypted, off-site backup of patient records and practice management databases (Eaglesoft, Open Dental, Curve, and more)

✓

Imaging archive backup, DICOM and proprietary formats from Dexis, Carestream, Sirona, Planmeca, and iTero

✓

HIPAA Business Associate Agreement (BAA) provided, required for any vendor touching patient data

✓

Test restores performed throughout the year, so you know the backup is actually usable when needed

✓

Industry-standard 3-2-1 strategy: 3 copies, 2 different storage media, and 1 copy stored off-site

✓

Ransomware-ready recovery design with isolated backups that cannot be overwritten by infected production systems

✓

Backup health alerts monitored by our team so issues are caught before they become emergencies

Good Fit For

When this is the
right fit

✓

Any dental practice storing patient records electronically. HIPAA compliance is non-negotiable regardless of practice size

✓

Practices with large imaging archives (CBCT, intraoral scanning) where data volume grows quickly and losing it isn't an option

✓

Offices that have survived or witnessed a ransomware event and want a recovery plan that actually works

Probably Not A Fit For

When something
else fits better

•

Offices looking for local-only backup without an off-site copy. On-site-only backup doesn't survive fire, flood, or ransomware

•

Practices that want years of cloud-stored backups. Our cloud copy is a rolling one-month restore window, not a long-term archive

Honest scoping means we say “no” sometimes. If this isn’t the right fit, we’ll point you to what is.

In The Field

The on-site half of the 3-2-1 strategy: server, network rack, and the local backup target.

HIPAA & Compliance

What HIPAA actually
requires (and what “we
have a backup” doesn’t
cover).

Most practices know they need to back up patient data. Fewer know the specific HIPAA requirements around off-site storage, BAAs, and verified restore procedures. Here’s what the rule actually says.

HIPAA requires off-site backup

The HIPAA Security Rule (45 CFR § 164.310(a)(2)(iv)) specifically requires a retrievable exact copy of ePHI stored in a separate location from the primary. “We have a local backup” doesn't satisfy this.

BAA is not optional

Any third-party vendor that stores, processes, or transmits ePHI must sign a Business Associate Agreement with your practice. We provide one. If your current backup vendor hasn't offered one, that's an exposure.

Backup tests, not just backup reports

A backup log that says “success” only means data was written somewhere. We run test restores at random throughout the year to confirm the backup is actually usable.

Imaging files are large and grow fast

CBCT scans, panoramics, and intraoral image sets are significantly larger than text records. Practices that don't account for imaging volume in their backup strategy often discover the gap only after a failure.

Database retention vs. backup retention

Texas requires adult dental records to be kept for at least 7 years from last treatment. That’s a database-retention requirement, not a backup-retention one. Our cloud backup keeps a rolling one-month copy off-site; your PMS keeps the long-term record.

VERIFY YOUR BACKUP

Find out if your current
backup would actually
recover your practice.

We'll review your current backup setup, verify your HIPAA posture, and tell you what a real disaster recovery would look like before you find out the hard way.

Request a backup review → Browse all services