An independent cybersecurity review across many of Pennsylvania’s largest dental groups reveals a wide range of results. Practices handle protected health information (PHI) every day, yet many show significant gaps in email authentication and transport security.
Using data from audit.emailmenow.com, we evaluated each practice’s domain across SPF, DKIM, DMARC, transport security (MTA-STS/TLS), and website security headers.
Cybersecurity Scores of Major Pennsylvania Dental Groups
Overall compliance scores from audit.emailmenow.com. Re-run any domain at the link to verify.
| Rank | Practice / Group | Domain | Overall Score | Performance Level |
|---|---|---|---|---|
| 1 | SmileBuilderz | smilebuilderz.com | 54% | Average |
| 1 | Great Expressions Dental Centers | greatexpressions.com | 54% | Average |
| 1 | Bright Now! Dental | brightnow.com | 54% | Average |
| 4 | Heartland Dental | heartlanddental.com | 48% | Below Average |
| 5 | Aspen Dental | aspendental.com | 42% | Weakest |
| 6 | Gentle Dental | gentledental.com | 40% | Weakest |
| 7 | Dental Dreams | dentaldreams.com | 34% | Weakest |
What the Results Reveal
- Scores top out at 54% — no dental group serving Pennsylvania reaches even an above-average posture, and the field falls to 34%.
- The Pennsylvania-based SmileBuilderz ties the national DSOs at the top (54%); several large multi-state chains land in the Weakest band, despite the protected health information they handle.
- Weak authentication makes phishing of patient billing and insurance communications far easier and undermines the HIPAA Security Rule’s safeguard requirements.
Why This Matters for Dental Groups
The HIPAA Security Rule requires every practice to perform and document a security risk analysis and safeguard ePHI in transit. Email and web exposures are among the most common findings in OCR investigations.
Check any practice’s posture at audit.emailmenow.com/?industry=healthcare-practices.
Recommendations
- Enforce DMARC (
p=reject), strict SPF (-all), and DKIM signing. - Add MTA-STS and website security headers.
- Complete and document a HIPAA security risk analysis, and oversee Business Associate vendors that touch PHI.
Protect your practice and your patients. Run a free Instant Cybersecurity Audit at audit.emailmenow.com/?industry=healthcare-practices.
Contact EmailMeNow IT Consulting for help with HIPAA documentation and email security hardening.
Source & methodology: Overall compliance scores from the free scan at audit.emailmenow.com — each domain checked for email authentication (SPF, DKIM, DMARC), transport security (MTA-STS/TLS), website security headers, and network security. Re-run any domain at the link to verify.