CBCT Imaging for your Practice: Is Now the Time?

By Dr. Kenneth R  Webb

As I walked the exhibit floor at the AAO Annual Session in San Diego this past April, I stopped and talked to several of the company reps displaying the latest generation of CBCT scanners. Competition is good – what struck me is how far this technology has come in such a short period of time. Effective dose, image quality, and versatility are three areas where the advances are most impressive. I have witnessed these advancements first hand in my practice where we have been using CBCT since 2012 and recently upgraded a satellite office from a 2D digital Pan / Ceph to an “Ultra Low Dose” current generation CBCT scanner. I’d like to share some of my thoughts about the 2D to 3D transition.

Effective Dose
I encourage anyone interested in CBCT technology to search for studies authored by Dr. John Ludlow and his team. Dosimetry data and image quality for many CBCT scanners (both older and current generations) have been researched in great detail. Comparative data for 2D dental radiographic imaging (both intra and extra oral) is also available. By replacing our 2D Digital Pan / Ceph with a current generation CBCT scanner we have reduced the effective dose of our diagnostic records imaging by approximately 60%. (Ludlow JB, Walker C. AJO-DO, 2013;144 (6): 802-817) This is accomplished with one, approximately 5 second, ultra-low dose CBCT scan compared to the two longer duration exposures (pan then ceph) required with 2D imaging. Certainly a win-win for our patients.

What else can we use the 3D data for? Digital models: used to assess the inter-arch and intra-arch relationship as well as aiding the determination of arch length and arch width requirements and assessing arch symmetry. Modelling labs can produce articulated 3D study models from the CBCT data (DICOM) files.

STL files of the patient’s dentition and occlusion can be uploaded into whatever software you may be using in your office for 3D model storage and viewing. Additionally, these models can be used (with appropriate software) to produce treatment simulations by “moving” individual teeth or the arches as a whole. Imagine completing your diagnostic records with Intra / Extra Oral photos and one 5-second CBCT scan!

Viewing the Diagnostic Data
The software that comes with a CBCT scanner can easily produce the customary 2D diagnostic images that we are used to evaluating (panoramic, lateral and A-P ceph). In addition – you see everything! The data can be viewed in sagittal, axial or coronal sections (slices) or as a 3D “volume rendering” which can be rotated and sliced (“clipped”) at will. So why is this additional information gained from CBCT imaging important?

You will see pathology in the 3D data that isn’t visible with standard 2D imaging. When pathology is visible in 2D, the 3D data can more accurately ascertain location, extent, and character of the area of concern. This is beneficial to our patients.

Developmental Anomalies
One of my first revelations when we began imaging in 3D was the prevalence and extent of “individual anatomic variation”. But how much is too much? We have made referrals to medical specialists for significant developmental anomalies in the cervical spine, nasal cavity and paranasal sinuses. Patients / parents are appreciative of the thoroughness of our diagnostic process that includes 3D imaging.

They get their own paragraph! Your patient smiles at you and you notice a vertical asymmetry and occlusal plane “smile” cant. Is it caused by hemimandibular hyperplasia, condylar hyperplasia, a unilateral expansive lesion in the maxilla, a growth response to unilateral progressive condylar resorption (to name a few) or a growth response to a foreign object lodged in the nasal cavity? I’ve seen them all. Similar clinical presentations – different treatment plans.

Condylar position in centric occlusion, condylar size and shape, glenoid fossa morphology, condylar osseous morphology, joint space, findings suggestive of degenerative joint disease – both active and stable. It is hard to argue that these are not important considerations in our diagnostic process.

The value of volumetric and cross-sectional analysis of the naso – pharyngeal airway and its relationship to orthodontic diagnosis and treatment planning has, and continues to be, studied in great detail. Is the growth and development of a patient who presents with narrow arches, an anterior open bite or anterior crossbite, tongue thrust and a strong mouth breathing pattern secondary to adenoid / tonsillar hyperplasia, a deviated nasal septum, environmental allergies or restrictive airway dimensions in general? Should your imaging modality include an assessment of these areas?

And there is more…
Orthognathic surgical treatment planning, TAD placement guidance, precise localization of ectopic and supernumary teeth, and assessment of treatment progress – including evaluation of root torque. All are possible or enhanced with 3D imaging. And by managing scan parameters (field of view, scan time and voxel size) at an effective dose equal to or less than 2D imaging modalities.

So, if you haven’t brought this technology into your practice – is now the time?

At the 2017 AAO Winter Conference in Ft. Lauderdale, Mr. Chris Bentson reported on a survey of recent (2016) U.S. Orthodontic Residency graduates: 88% responded that they had used CBCT imaging for diagnosis and treatment planning during their residencies including 21% that used it on all patients.

For the 2013 graduates, the responses were 76% and 9% for the same questions.

Based on these statistics, are we that far away from 3D imaging being included in the “standard of care” discussion? Embracing new technology is not easy but the value added for the practitioner and our patients is significant. The orthodontic educators who expertly taught my generation faced a similar situation during their careers with a then relatively new technology: panoramic radiographic imaging. My generation faced the challenges of transitioning from analog imaging (film) to digital.

Change is not easy. The transition from 2D to 3D imaging in your practice will require a financial and educational commitment. The whole staff will be a part of this paradigm shift. A positive – 3D imaging will be a differentiator for your practice. If you are seeking an associate, partner or complete transition, 3D imaging will make your practice more attractive to the next generation of orthodontists.

3D imaging will benefit you and your patients. Is now the time?

2017 Winter Conference – Technology: Balancing Profit, Lifestyle & Patient Care

By Dr. Doug Depew

The 2017 AAO Winter Conference is quickly approaching. Our theme of this year’s meeting Technology: Balancing Profit, Lifestyle and Patient Care.  It promises to be a meeting filled with information for both newer and established practices to help make those tough decisions on what technology is important to use in our practices and when we may wish to invest in it.

The meeting will begin with keynote speaker Jack Shaw.   Mr. Shaw is a world- renowned technology futurist who will be discussing how cutting edge and disrupting technologies will change the way we do business and run our practices in the coming years.

IT guru Steve McEvoy will be answering some of those pesky questions we all have about computer hardware, effective and cost-efficient data backup, and security.   In the ever changing world of computers, what you hear at this meeting will certainly be different than what Mr. McEvoy would have talked about even a couple of years ago.

On Friday afternoon we’ll have a lively discussion by Drs. Greg Jorgensen and Neil Kravitz regarding building our practices through social media, websites, and Internet marketing. Their success in these areas has been paramount in growing their thriving practices.

Saturday morning will begin with Dr. Aaron Molen sharing his experience and thoughts on bringing emerging technology into our practices to help create more efficient and more comfortable patient care.

We’re excited to have Drs. Ed Lin and Christian Groth discussing how to integrate some of the latest technology hardware into our orthodontic practices. This includes workflows for using CBCT, Scanners and 3D Printing.

The conference will conclude with Chris Bentson and Charles Loretto with a discussion on how technology can affect the value and profitability in our practices. This should help answer the question about at what stage of practice a doctor might consider investing in advanced technology.

The location for the meeting is at the gorgeous Marriott Harbor Beach Resort and Spa in Ft. Lauderdale, Florida. The dates are February 10-11, 2017. The schedule is organized in a way to allow some time for afternoon recreation.

There will be plenty of time allotted for attendees to ask questions of the speakers to be sure all bases are covered.   To learn more and to register, visit https://www.aaoinfo.org/meetings/2017-winter-conference-technology-balancing-profit-lifestyle-patient-care

Encrypting your Laptop

By Steve McEvoy, Technology Consultant

steveMDepending on your interpretation of the HIPAA regulations your Practice’s HIPAA policy (you have one right?) might mandate that Protected Health Information (PHI) on portable electronic devices within your Practice should be encrypted.

Let me interpret that last sentence into English – If there is any chance that you have any information related to your patients on your laptop, it’s probably a good idea to encrypt the laptop to keep the attorneys and HIPAA Nazi’s away in the event that it is stolen or lost.   You probably have your own personal data on the laptop too, so this is good for several reasons.

I would expect that if I could canvas all of you reading this article that 90+% have PHI on your laptop in some form (as minor as an email message) and less than 1% of you will have your laptop data encrypted. I expect that most laptops that get stolen or lost now don’t get reported and the Doctors are just silently hoping it doesn’t get discovered.

You want to encrypt your laptop, but how do you accomplish this?   I’d like to be able to tell you the how to is simple “Just do this…” but I can’t.   Depending on your equipment you have to consider your options. If you invest the time to read through the article below the conclusions at the bottom will get you started on getting this done.

The Background that Matters

Encryption is basically a process where data stored on a computer is scrambled in a pattern using an encryption key.   The process is complicated, but renders the information useless to anyone unless they possess the key.

There are various levels of encryption, you might have heard of it described as 128 or 256 bit encryption.   This is referring to the length of the key.   A key is a string of 0’s and 1’s (binary language) and the bits mentioned describe how many characters there are.   For example, 8 bit encryption would be 2 to the power of 8 possible combinations of 0’s and 1’s, so 256 possible keys if you do the math.   If you used 8 bit encryption it would be pretty easy to just try each of the 256 keys to unlock your data.   Now consider that 128 bit encryption has 3.438 possible keys, specifically 340,282,366,920,938,463,463,374,607,431,768,211,456. That is a lot!   256 bit encryption has 1.1577 possible keys, and is generally considered unhackable (unless you’re the NSA). Fun fact – many banking websites now use 2048 bit encryption!

I’ve heard rumors that the number of bits used matters to HIPAA, but I have NOT been able to confirm for myself.   The rumor goes that 128 bit is NOT good enough for safe harbor. ‘Safe harbor’ meaning that if you lose it you don’t have to report it. It suggests that 256 bit is good enough for safe harbor.     Personally I think any level of encryption will keep your data safe since no one is likely to invest the time or effort to decrypt Dental records. They are going to take your stolen laptop, reload Windows and resell it on eBay or Craigslist for a quick buck.

If we agree that we want encryption and we’ll go with 256 bit, now what? It gets tricky here, so hang in with me.

Your two choices for Encryption

The encryption process (taking your data and mashing it up using the encryption algorithm with your key) takes computing power.   Something has to actually ‘do’ all that work.   That something can be one of two methods generally:

  • Software based encryption that has a little program plugged into Windows that is converting all the information on the fly, and thus this method uses some of your laptops CPU power and memory to get it done.
    • This is great because it is a solution that can work on any computer, in particular those that don’t have the special hardware.
    • On older laptops this can make them feel even slower (noticeably so) and can turn it from marginal to use to no fun at all to use.   Some older laptops just can’t deal with the load. I’ve seen it make a cheap 5 year old laptop nearly unusable.
    • There is some cost to this usually, ranging from free to perhaps $130.
  • Hardware based encryption is a solution where there is a special encryption chip (either on the hard drive storing the data or within the laptop) to do all the thinking. This method doesn’t borrow any resources from your laptop’s CPU or memory.
    • This is great since it won’t slow down your computer, even if it’s an older model.
    • Even new computers or hard drives don’t all have this hardware standard – you need to look for it.   When you order a new Dell or HP business laptop you need to select a hard drive with Opal security.   The cost increase is minimal, typical $20 to $50.

Software encryption is appealing to many since Microsoft began to include BitLocker for free in specific versions starting with Windows Vista.   There are only two versions of Windows Vista/7 that do include it, Ultimate and Enterprise editions. Unfortunately the vast majority of Windows 7 out there is Home or Professional editions. You can do an ‘In Place Upgrade’ of Windows 7 Professional to Ultimate, but it costs ~$130.   The good news comes in Windows 8 – Microsoft now includes BitLocker as standard in both the Pro and Enterprise versions of Windows 8.   So, if you have Windows 7 Ultimate, Enterprise or Windows 8 Pro version on your laptop enabling software encryption is as easy as going to Control Panel and clicking on BitLocker and following the prompts.   Allow from a few hours to 2 days for the initial encryption to complete (knowing you need to leave the laptop alone and plugged in for that period).   Pay close attention to the performance impact after BitLocker is setup. If you can’t notice the difference you are in great shape. If performance sucks afterwards, you can always turn it off and go back to normal again.

It is possible to replace your old slow hard drive with a new drive that includes hardware encryption.   A fancy super-fast Solid State Drive (SSD) with Opal security can be had for as little as $114 now (I am a big fan of the Samsung 840 Pro, and others like Intel make good units). The move to SSD will likely speed up your laptop substantially in general so it might be worth it on its own. Remember to factor in the cost of having your IT person help you copy your old drive to the new one and enable the encryption.

Just because you have an Opal compliant drive installed doesn’t mean it’s turned on.   Something has to work with it to turn it on and provide a key.   Unfortunately Windows 7 Ultimate and Enterprise editions can ONLY do software encryption – they have no idea about Opal drives or what to do with it. The good news is that Windows 8 BitLocker now has the intelligence to work with Opal drives and can control it for you. So, Windows 7 BitLocker you will get Software encryptions only, Windows 8 you can get Software or Hardware if your drive is compliant.

There are more Software encryption options than Windows BitLocker. As with many Microsoft features, BitLocker is sort of the bare bones of what is needed.   Third party companies such as Dell and Sophos have add-in applications for Windows that can do the same thing as BitLocker, maybe even better with less of a performance impact.   Dell Data Protection Encryption (DDPE) is available in several versions, but for about $50 you can add it to any version of Windows and turn on Software OR hardware encryption if you drive is compliant.


None of these personal solutions may be truly 100% HIPAA compliant. If you believe that there needs to be a constant level of electronic auditing to be able to prove that your laptop was encrypted at the moment of loss, you need a better solution. DDPE for example has an ‘Enterprise’ level license that will include this kind of auditing, but at a cost. The individual license cost only goes up marginally, to perhaps $80, but you need to have an armada of Server software running somewhere that does the auditing process and an IT person to set it all up.

Personally I think this is overkill, and if your Practice’s HIPAA policy states that you shall BitLocker 256 bit encrypt, and you do it, just write a letter to yourself (or from your IT person) that states that “On this date we enabled 256 bit Bitlocker encryption on Laptop with serial number 1234, and stored the encryption key in this safe place” and sign it. Keep this document someplace safe.   You could add a periodic audit to this on an annual basis where you check that BitLocker is enabled (remember that it can be as easily turned off as it was to turn on) and document that you checked on the specific date.


Really, really, really read this section and follow its suggestions. It’s based on the school of hard knocks I have personally attended.


If you enable encryption on your laptop I guarantee you this will cause a nightmare for your IT person down the road if you have a hardware failure (like a drive failure, Windows corruption due to spyware or virus, etc). I have lived this multiple times.   Without encryption, IT people have a substantial bag of tricks to try and recover fragments of data from your dead or dying hard drive (most of the time we can get part or all of your data back). With encryption, the drive thinks your IT person is just a bad guy and works to prevent access.   So, all those precious family photos or lectures you’ve prepared are at risk of complete loss.

You need a regular backup of your laptop data. We all know you should be doing this already, but rarely does anyone take the time to do it.   If you are, kudos to you!

My suggestion is to invest in an Internet Backup solution for your laptop in order to keep a near real-time backup copy of your data on your drive.   Other than the initial setup (which is very easy), you don’t need to do anything else. It will just run in the background anytime you are connected to the Internet.   The solutions are cheap now from companies like Carbonite, Mozy and Oak Tree Storage. A personal plan from Carbonite with unlimited storage is just $5 per month now, less than a quad shot vente latte at your favorite coffee shop. [One of you is going to ask “Is an Internet Backup HIPAA Compliant?” and that is a good questions but I don’t have space to answer here in detail other than “Probably Yes”]

Make sure your backup is complete BEFORE you turn on the encryption. An Internet backup might take from a few hours to a few weeks to complete the initial sync depending on how much data you have.

Don’t Lose your Key!

Regardless of what method of encryption you enable, all of the solutions are going to need to store a copy of the encryption key. Some solutions might use a special chip on your laptop called a Trusted Platform Module (TPM chip), and others might want you to attach a USB thumb drive.   If you use a thumb drive, just get a drive specifically for this purpose (they cost as little as $10 now) and then store the USB drive in a safe place (like a safe or lock box). Label the drive what it’s for “Encryption Key for my Laptop” and DON’T carry this drive around or use it like a regular USB key for your files, etc.   Think about it, if you lose the key someone has a critical part of your encryption process.   You might be able to make a copy of the encryption key file in several safe places (like a folder on your laptop that is then sucked up in the Internet backup).

Don’t keep the only copy on your laptop thinking that the encrypted drive is the safest place.   When the drive fails, your IT person will be asking you for a copy and you will be stuck with your keys locked in the car essentially. Another reason you might need a copy on USB key is that some laptops can sense ‘tampering’ and will lock themselves down if they think someone is trying something fishy to hack the encryption. The only way to unlock the drive and get your laptop functioning again will be to present the encryption key.

Encrypt it All or Don’t Bother

Some solutions offer you a way to have just an encrypted folder or similar setup where only a portion of the laptop hard drive is encrypted. It wouldn’t take much of a lawyer to tear you apart on this, essentially requiring you to prove that there was no possibility of there being PHI on the unprotected portion of the drive. Don’t use a half measure – use a solution that encrypts the entire drive.

A Password is Essential

There isn’t much point to encrypting your laptop if you don’t have a good password on your Laptop.   Imagine if your laptop was set to just automatically login without stopping for a username and password.  The thief would have direct access to your data without even needing to consider hacking the encryption.  Make sure you have a strong password.   Check out our previous Blog post on this.

What about Mac’s?

I am no Mac expert so I won’t try to be. A little research with Google points out that the latest versions of the Mac OS now include FIleVault2 (it appears that all you need to do is just enable it).   It will fully encrypt you Mac hard drive at the 128 bit level.   I don’t know if this is Software or Hardware encryption. I am not sure how this will play with Mac’s setup with BootCamp partitions, but I suggest you do a little research or enlist your Mac genius of needed. I’d still advise that you make sure you have a full regular backup in place.

What Would I Do?

Ok, you’ve suffered through the entire article to get to this. Here’s what I would do based on a few scenarios:

  • If I had an older laptop I was ready to replace – get a new laptop with Opal drive included and Windows 8 Pro and then enable BitLocker
  • If I had a decent existing laptop on a Windows version that already included BitLocker, I would just enable Software encryption and know the performance hit will be a little bit but not enough to matter
  • If I had a decent existing laptop on a version of Windows that did NOT include BitLocker and I didn’t want to replace the drive and OS (due to the hassles) I would get a third party encryption application like Dell Date Protection Engine (DDPE) or Sophos and setup software encryption.
  • If I had a decent existing laptop and was willing to upgrade the hardware and OS, I would get a new fancy SSD with Opal drive and then install Windows 8 Pro and use BitLocker to control it.
  • For any of these solutions I would add the Do-It-Yourself auditing to document the setup was completed and periodically review that it’s still enabled.
  • I would be sure to keep one copy of the encryption key on a USB drive in my safe, and another copy in a folder on my encrypted drive that would also get backed up by my Internet Backup plan.

If I had done one of these scenarios and my laptop was lost or stolen, I would rest easy that the data was safe.