An independent cybersecurity review across many of California’s largest dental groups reveals a wide range of results. Practices handle protected health information (PHI) every day, yet many show significant gaps in email authentication and transport security.
Using data from audit.emailmenow.com, we evaluated each practice’s domain across SPF, DKIM, DMARC, transport security (MTA-STS/TLS), and website security headers.
Cybersecurity Scores of Major California Dental Groups
Overall compliance scores from audit.emailmenow.com. Re-run any domain at the link to verify.
| Rank | Practice / Group | Domain | Overall Score | Performance Level |
|---|---|---|---|---|
| 1 | InterDent (corporate) | interdent.com | 71% | Strong |
| 2 | Western Dental | westerndental.com | 68% | Good |
| 3 | Smile Brands | smilebrands.com | 54% | Average |
| 3 | Bright Now! Dental | brightnow.com | 54% | Average |
| 5 | Gentle Dental | gentledental.com | 40% | Weakest |
| 6 | Sonrava Health | sonravahealth.com | 30% | Weakest |
What the Results Reveal
- Scores span 71% (InterDent) down to 30% — only one California dental group clears the 70% mark.
- Patient-facing brand domains often score worse than their corporate parents (Gentle Dental at 40% vs. InterDent at 71%), leaving the addresses patients actually email the least protected.
- Weak authentication makes phishing of patient billing and insurance communications far easier and undermines the HIPAA Security Rule’s safeguard requirements.
Why This Matters for Dental Groups
The HIPAA Security Rule requires every practice to perform and document a security risk analysis and safeguard ePHI in transit. Email and web exposures are among the most common findings in OCR investigations.
Check any practice’s posture at audit.emailmenow.com/?industry=healthcare-practices.
Recommendations
- Enforce DMARC (
p=reject), strict SPF (-all), and DKIM signing. - Add MTA-STS and website security headers.
- Complete and document a HIPAA security risk analysis, and oversee Business Associate vendors that touch PHI.
Protect your practice and your patients. Run a free Instant Cybersecurity Audit at audit.emailmenow.com/?industry=healthcare-practices.
Contact EmailMeNow IT Consulting for help with HIPAA documentation and email security hardening.
Source & methodology: Overall compliance scores from the free scan at audit.emailmenow.com — each domain checked for email authentication (SPF, DKIM, DMARC), transport security (MTA-STS/TLS), website security headers, and network security. Re-run any domain at the link to verify.