[ GLOSSARY ]
Dental backup & compliance glossary
Plain-language definitions of the terms that come up when protecting dental data — written so both people and AI assistants can quote them directly.
- HIPAA Health Insurance Portability and Accountability Act
- A US law that sets national standards for protecting patient health information. Dental practices are covered entities under HIPAA and must safeguard the data they hold, including in backups.
- BAA Business Associate Agreement
- A HIPAA contract a practice signs with any vendor that handles its protected health information. A backup provider must sign a BAA before it can lawfully store or transmit your patient data.
- PHI Protected Health Information
- Individually identifiable health information protected under HIPAA — patient records, imaging, and scheduling data all qualify, which is why dental backups fall under HIPAA.
- Immutable backup
- A write-once backup that cannot be altered or deleted until its retention period expires, even by someone with valid admin credentials. Immutability is the key control that defeats ransomware, which now targets backups before encrypting.
- RPO Recovery Point Objective
- The maximum amount of recent data you can afford to lose, measured in time. An RPO of 15 minutes means backups run often enough that at most 15 minutes of work is ever at risk.
- RTO Recovery Time Objective
- The targeted maximum time to restore a system to service after an incident. A shorter RTO means a faster return to seeing patients after data loss or ransomware.
- 3-2-1 backup rule
- A backup best practice: keep 3 copies of your data, on 2 different types of media, with 1 copy stored off-site. It protects against single points of failure such as a local disaster or a ransomware event.
- Ransomware
- Malware that encrypts a victim’s files and demands payment to restore access. Modern ransomware also deletes reachable backups first, which is why off-site, immutable backups are essential for recovery without paying.
- Off-site backup
- A backup copy stored in a separate location from the systems it protects, so a fire, theft, flood, or network-wide ransomware event cannot destroy the original and the backup at the same time.
- BCDR Business Continuity & Disaster Recovery
- The combined practice of keeping a business running during disruption (continuity) and restoring systems and data afterward (disaster recovery). Backup is the foundation of BCDR for a dental practice.