Back to Practice Pulse

    The Hidden Risks of Unauthorized PMS Integrations

    12 min read
    Compliance
    Practice Tips
    Dental practice owner concerned about software security risks
    Share this article:

    That software integration seemed harmless enough. Now your PMS credentials are stored on a server you do not control, and you have no idea who else might have access.

    The Integration Explosion in Dental Technology

    The modern dental practice runs on software. Beyond your practice management system, you likely use separate tools for patient communication, online scheduling, payment processing, insurance verification, analytics, and revenue cycle management. Each of these tools promises to make your practice more efficient, and many deliver on that promise.

    But efficiency comes with a catch. Most of these tools need to connect to your practice management system to function. They need access to patient data, appointment schedules, treatment records, and financial information. The question that many practice owners never think to ask is how that connection actually works.

    Not all integrations are created equal. Some software vendors build their connections through official partnerships with PMS platforms, using documented and supported methods that the PMS vendor has explicitly approved. Others take shortcuts, using unauthorized methods that the PMS vendor never sanctioned and may not even know about. These unauthorized integrations create risks that are invisible until something goes wrong.

    Understanding the difference between authorized and unauthorized integrations is not just a technical concern. It affects your practice's security, your HIPAA compliance posture, and your operational stability. The risks are real, and they are worth understanding before you connect another tool to the system that runs your practice.

    What Makes an Integration "Unauthorized"

    An authorized integration uses methods that the PMS vendor has explicitly approved. Major platforms like Dentrix, Eaglesoft, Open Dental, and Curve Dental all provide documented ways for third-party software to connect. These might include official APIs, certified bridge programs, or partnership agreements that govern how data moves between systems.

    An unauthorized integration bypasses these official channels. The software vendor finds a way to access your PMS data without going through the approved process. There are several common methods.

    Screen scraping is perhaps the most common approach. The software logs into your PMS using actual user credentials and reads data directly off the screen, mimicking what a human user would see. It navigates through menus, clicks buttons, and extracts information from whatever appears on display. To your PMS, this looks exactly like a staff member using the system.

    Direct database access is another approach. Some software connects directly to the underlying database that powers your PMS, bypassing the application layer entirely. This requires knowledge of the database structure and typically happens without the PMS vendor's knowledge or approval.

    Credential harvesting involves the software collecting and storing your staff's login credentials so it can access the PMS whenever it needs to. These credentials might be stored on the vendor's servers, potentially alongside credentials from hundreds of other practices.

    Each of these methods achieves the same goal of accessing your PMS data, but they do so in ways that create risks the vendor is unlikely to mention during their sales presentation.

    Security Risks You Cannot See

    When you grant a vendor authorized API access, you typically grant limited, specific permissions. The vendor can read certain data and perhaps write certain data, but the access is bounded and auditable. You can revoke it at any time without changing anything else about your system.

    Unauthorized integrations work differently. When software logs in using staff credentials, it has exactly the same access that staff member has. If that staff member can view patient records, delete appointments, modify treatment plans, and adjust financial entries, so can the software. There are no guardrails limiting what the integration can access.

    More concerning is where those credentials go. When you provide login credentials to a software vendor for screen scraping purposes, those credentials typically leave your practice. They are stored on the vendor's servers so the software can log in repeatedly without asking you for the password each time. You are now trusting not just the vendor's software, but the vendor's entire security infrastructure.

    If that vendor experiences a data breach, your PMS credentials may be exposed. An attacker who obtains those credentials can log into your practice management system from anywhere. They can access patient records, financial data, and everything else in your PMS. The breach did not happen at your practice, but you bear the consequences.

    Even without a breach, you have limited visibility into how your credentials are being used. Is the vendor accessing your system once a day? Once an hour? Are they pulling only the data they need, or are they downloading your entire patient database? With authorized integrations, these questions have clear answers. With unauthorized integrations, you are trusting the vendor's word.

    The HIPAA Implications

    Your practice management system contains protected health information. Under HIPAA, you are responsible for ensuring that PHI is handled appropriately, even when you share it with business associates.

    When you engage a software vendor who accesses your PMS, that vendor typically becomes a business associate. You should execute a Business Associate Agreement that establishes their responsibilities for protecting the data they access. Most legitimate vendors will sign a BAA without hesitation.

    But a BAA is only as meaningful as the vendor's ability to fulfill its obligations. A vendor using unauthorized integration methods may be creating compliance risks that the BAA cannot address.

    Consider screen scraping. When software logs into your PMS using staff credentials, the access appears in your audit logs as if that staff member performed it. If you need to demonstrate to an auditor that you know who accessed what patient records and when, you may find that your logs are filled with entries that were actually the software, not your staff. Your audit trail becomes unreliable.

    Consider credential storage. HIPAA requires that you implement appropriate safeguards for systems that contain PHI. When your PMS credentials are stored on a vendor's server, that server effectively has access to your PHI. Do you know what safeguards the vendor has implemented? Have you verified their security practices? Can you even audit their systems?

    Consider data handling. When a vendor extracts data through unauthorized methods, do you know where that data goes? Is it stored in a compliant manner? Is it encrypted appropriately? Is access limited to personnel who need it? With authorized integrations through official channels, these questions are typically addressed in the partnership agreements. With unauthorized integrations, you may have no visibility at all.

    The fundamental problem is that unauthorized integrations operate outside the compliance framework that both you and the PMS vendor have established. You cannot demonstrate appropriate oversight of something you cannot see or control.

    Operational Fragility

    Beyond security and compliance, unauthorized integrations create operational risks that can disrupt your practice without warning.

    Screen scraping depends on the PMS interface remaining exactly as expected. When you open your PMS and see a patient list, the software sees the same thing and knows exactly where to look for each piece of data. But interfaces change. The PMS vendor releases an update that moves a button, changes a menu structure, or modifies how information is displayed. A human user adapts instantly. Screen scraping software breaks.

    Your practice might arrive Monday morning to discover that the integration you rely on stopped working over the weekend. The software cannot navigate the updated interface. Data is not flowing. The reports you depend on are empty. And because the integration was never officially supported, you cannot call the PMS vendor for help. You are entirely dependent on the third-party vendor to update their scraping logic to match the new interface.

    This fragility compounds across updates. Every time your PMS vendor releases a patch, security update, or version upgrade, there is a chance the unauthorized integration will break. The more frequently your PMS updates, the more frequently you may experience disruptions. And you may have no warning before it happens.

    Direct database integrations have similar problems. Database schemas change between versions. Fields get renamed, tables get restructured, relationships get modified. An integration that works perfectly with Dentrix G6 may fail completely with Dentrix G7 because the underlying database is different. Again, you are dependent on the third-party vendor to reverse-engineer the new database structure and update their integration accordingly.

    Authorized integrations are designed to be stable across updates. PMS vendors notify their partners about upcoming changes, provide transition periods for deprecated features, and maintain backward compatibility where possible. The integration is part of a supported ecosystem rather than a hack that might break at any moment.

    The Vendor Incentive Problem

    You might wonder why vendors would use unauthorized methods when authorized options exist. The answer usually comes down to speed, cost, and competitive positioning.

    Building an authorized integration requires partnership with the PMS vendor. This might involve technical review, certification processes, contractual agreements, and ongoing relationship management. It takes time and resources. A vendor eager to get to market quickly might decide that building a screen scraper is faster than going through the official partnership process.

    Some vendors cannot obtain official partnerships. PMS vendors have standards for who they partner with, and not every software company meets those standards. A vendor who has been declined for official partnership, or who does not want to submit to the review process, might build an unauthorized integration as their only path to market.

    Other vendors simply do not prioritize integration quality. Their focus is on features and sales, not on the underlying infrastructure that connects to your systems. An unauthorized integration that works today is good enough to close deals, even if it creates problems later.

    The challenge for you as a practice owner is that vendors using unauthorized methods rarely advertise that fact. The sales presentation focuses on what the software does, not how it connects to your PMS. You might never know the integration is unauthorized unless you ask the right questions, and even then, you might not get a straight answer.

    Recognizing the Warning Signs

    Certain indicators suggest a vendor may be using unauthorized integration methods, even if they do not admit it directly.

    If the vendor asks for staff login credentials to set up the integration, that is a strong signal of screen scraping. Authorized API integrations use tokens or keys generated specifically for the integration, not user credentials. There is no legitimate reason for a vendor to need your team's usernames and passwords.

    If the vendor cannot name their specific partnership or certification with your PMS platform, be cautious. A vendor with official integration should be able to say "We are a certified Dentrix partner" or "We use the Open Dental bridge program" and point you to documentation confirming that relationship.

    If the vendor's integration breaks frequently after PMS updates, that pattern suggests screen scraping or direct database access. Authorized integrations are designed to be stable. Repeated breakages indicate the vendor is working outside the supported framework.

    If the vendor is evasive about how their integration works technically, consider why. A vendor confident in their integration methods should be able to explain them clearly. Vagueness or deflection might indicate they prefer you not know the details.

    If the vendor cannot provide clear answers about where your data goes and how it is protected, that is concerning regardless of the integration method. But it is especially concerning when combined with other warning signs.

    Protecting Your Practice

    The best protection is asking questions before you connect any new tool to your PMS. Inquire specifically about the integration method, request documentation of any official partnerships, and verify those partnerships independently through the PMS vendor's published partner lists.

    Review what access you are granting. If a vendor needs credentials, understand why and consider whether you are comfortable with that arrangement. If you proceed, use a dedicated service account with limited permissions rather than providing credentials for a staff member who has broad access.

    Monitor your PMS audit logs. Look for patterns that might indicate automated access, such as the same user logging in at unusual hours or performing repetitive sequences of actions. Unusual audit trail entries might reveal that software is accessing your system in ways you did not expect.

    Include integration methods in your vendor due diligence. When evaluating new software, ask how it connects to systems like your PMS. Make integration security part of your decision criteria, not an afterthought.

    Consider the operational implications. A tool that saves you twenty minutes a day is not valuable if it fails unpredictably and requires hours to troubleshoot. Stability and reliability matter alongside features and price.

    The Broader Perspective

    The risks of unauthorized integrations are not theoretical. Practices have experienced credential compromises, compliance violations, and operational disruptions because of software that connected to their PMS through unsanctioned methods. The incidents rarely make headlines, but they happen regularly enough that the pattern is clear.

    As dental technology continues to expand, the number of tools wanting to connect to your PMS will only grow. Each connection is an opportunity for improved efficiency, but also a potential exposure point. Understanding how those connections work, and insisting on legitimate integration methods, protects your practice from risks that are easy to overlook and difficult to remediate.

    Zeldent connects to your PMS through official integration partnerships with major platforms. No credential storage, no screen scraping, no unauthorized database access. Just secure, stable, compliant data exchange. If you are evaluating reconciliation tools and want to see what proper integration looks like, schedule a demo.

    Share this article:

    Ready to protect your practice revenue?

    Missed collections and revenue leaks add up quickly. With Zeldent, you can automatically safeguard your income, prevent revenue loss, and simplify dental billing in one streamlined platform.

    Related Articles