When buying a dental practice, the technology you inherit can add or subtract tens of thousands of dollars from the deal’s real value — and most buyers find out after they’ve signed. A proper dental practice technology checklist covers six areas: practice management software, digital imaging systems, network infrastructure, workstations and servers, HIPAA compliance status, and vendor contracts. Miss any of these during due diligence and you’re absorbing costs the seller never disclosed.
Dental practices are sold on production numbers, patient count, and collections. Technology rarely comes up in the broker’s presentation — but it’s one of the fastest ways for an acquisition to go sideways. Software licenses don’t transfer automatically. Imaging sensors fail without warning. Former staff can still log into systems long after closing.
This checklist is written for dentists and investors in the process of acquiring a practice. Whether you’re buying your first solo office or adding a second location, work through this before you sign.
Key Takeaways
– Practice management software licenses (Dentrix, Eaglesoft, Curve) typically do not transfer automatically — confirm this in writing with the vendor before closing.
– Digital X-ray and CBCT systems can cost $15,000 to $120,000 to replace; inspect sensor age, software compatibility, and manufacturer support status as part of due diligence.
– HIPAA compliance cannot be assumed — a practice with a clean history may still have an unsegmented network, unencrypted laptops, or shared logins that create immediate liability for the new owner.
– A pre-closing IT assessment typically costs $500 to $2,000 and regularly uncovers $10,000 to $50,000 in deferred technology costs.
– Budget 5-10% of the technology replacement value for Year One IT costs, separate from the purchase price.
Why Technology Due Diligence Is Missed in Most Practice Acquisitions
Dental practice brokers are excellent at presenting financial performance. They are not IT consultants. The standard due diligence package covers tax returns, patient charts, equipment appraisals, and lease terms. It almost never includes a network assessment, a software license audit, or a HIPAA compliance review.
This gap costs buyers money.
Dr. Sarah K. purchased a two-operatory practice in East Ridge in 2024. The practice had modern-looking operatories and solid collections. What the disclosure documents didn’t mention was that the digital X-ray system was running on a sensor platform the manufacturer had discontinued in 2022. The software still worked — barely — but the sensor required a proprietary USB controller that was no longer manufactured. Within eight months of closing, the sensor failed. The replacement cost, switching to a current platform compatible with her new practice management software, was $34,000. She had paid full fair-market value for equipment that was functionally end-of-life.
A pre-closing IT assessment would have caught this. It would have taken about three hours and cost a fraction of that replacement bill. The findings could have been used to renegotiate the purchase price or require the seller to replace the equipment before closing.
If you’re buying a dental practice in the Chattanooga area, our dental IT team at ETTC offers pre-acquisition technology assessments that give you a clear picture of what you’re inheriting before you sign.
1. Practice Management Software
Practice management software is the operational center of a dental practice. Before closing, you need to know exactly what’s in place, whether it transfers, and what it will cost to maintain.
- Identify the software and current version. Common platforms include Dentrix, Eaglesoft, Curve Dental, Open Dental, and Carestream Dental. Each has different licensing terms, support costs, and data migration requirements.
- Confirm whether the license transfers. Many software licenses are tied to the selling entity’s tax ID or corporate structure. When ownership changes, you may need a new license at full price. Contact the vendor directly and get written confirmation before closing.
- Check support contract status. Is the software under active support? A practice running an unsupported version of Dentrix is one update cycle away from a serious problem.
- Verify data ownership and migration rights. Your patient data belongs to the practice, but extracting it in a usable format can require vendor assistance — and sometimes a fee. Confirm this before closing.
- Assess compatibility with your preferred systems. If you plan to add digital X-ray, intraoral cameras, or patient communication software after acquisition, verify they integrate with the existing platform.
Also look for these supporting tools:
- Patient communication and recall: Weave, Lighthouse 360, Demandforce
- Digital forms and paperless intake: Yapi, Modento
- Billing and insurance: built-in billing modules or third-party services
2. Digital Imaging Systems
Digital imaging is typically the most expensive technology in a dental practice — and the most likely to carry hidden replacement costs.
- Identify every imaging system in the practice. This includes digital X-ray sensors (periapical, bitewing), panoramic units (pan), and cone beam CT (CBCT) if present. Intraoral cameras are lower cost but should also be documented.
- Check the age of each sensor. Digital X-ray sensors have a useful life of roughly 7-10 years. Sensors over eight years old should be inspected carefully. They’re close to end of service life and replacement costs are significant.
- Confirm software compatibility. Imaging software (Dexis, Carestream, Apteryx, VixWin) needs to be compatible with your practice management software and the Windows version you’ll be running. Legacy imaging software tied to outdated operating systems creates long-term problems.
- Verify manufacturer support status. Some imaging platforms have been discontinued. If the sensor requires a software version no longer supported by the manufacturer, you’re one hardware failure away from replacing the entire system.
- Get the serial numbers and check warranty or service contract status. CBCT units often have active service contracts — find out whether they transfer and what they cover.
Estimated replacement costs to factor into your budget:
- Digital X-ray sensor (single): $3,000 to $8,000
- Panoramic X-ray unit: $15,000 to $35,000
- Cone beam CT (CBCT) unit: $50,000 to $120,000
3. Network Infrastructure and Security
The network is what holds everything together — and it’s usually the least visible part of a practice acquisition. Most buyers never look at it.
- Identify the router, firewall, and wireless access points. Consumer-grade equipment (Netgear home routers, basic TP-Link devices) is not appropriate for a HIPAA-regulated environment. Business-grade firewalls with active threat management are required.
- Check whether patient and guest Wi-Fi are separated. Clinical Wi-Fi used by workstations and imaging equipment must be on a separate network segment from the Wi-Fi offered to patients in the waiting room. This requires VLAN configuration, not just a different password.
- Confirm whether a server exists and assess its age. Many older practices run on-premise servers hosting their practice management data. Servers older than five years are high replacement risk and should factor into your Year One budget.
- Review remote access setup. How does the IT vendor access the network remotely? Open RDP (Remote Desktop Protocol) ports are a serious security vulnerability and a common ransomware entry point. Remote access should run through a VPN with Multi-Factor Authentication (MFA).
- Ask for network documentation. Does the current IT provider have a diagram of the network, a device inventory, or a record of what’s been configured? Practices with no documentation signal that IT has been unmanaged for years.
If you’re not sure whether the network is HIPAA-ready, our cybersecurity services for Chattanooga businesses include a network security assessment that identifies exactly what needs to be addressed.
4. Workstations, Hardware, and Peripherals
- Count and document every workstation. Note the make, model, operating system, and approximate age. Workstations running Windows 10 reached end of Microsoft support in October 2025 — any Windows 10 machine you inherit will need to be upgraded or replaced in your first year.
- Check for systems still running Windows 7 or Windows 8. This is more common than you’d expect in older practices. These systems cannot receive security patches, cannot meet current HIPAA security standards, and create compliance exposure from day one.
- Inventory printers, scanners, and specialty hardware. Dental-specific peripherals — intraoral cameras, digital impression scanners (iTero, 3Shape), and electronic signature pads — all have their own software dependencies and support considerations.
- Assess the physical condition of cabling and the network closet. Unlabeled cables, an unorganized server room, or a router tucked behind a cabinet with no documentation are signs of years of unmanaged IT. It’s not a dealbreaker, but it’s a cost signal.
Hardware replacement budget benchmarks:
- Standard dental workstation: $900 to $1,400
- Server (if replacing): $3,000 to $8,000 depending on size and configuration
- Managed switches and access points (if upgrading): $800 to $3,000
5. HIPAA Compliance Audit
This is where many acquisitions create immediate legal exposure for the new owner. When you purchase a dental practice, you assume responsibility for its HIPAA compliance status. Whatever was out of compliance before you signed becomes your problem on day one.
- Request the most recent HIPAA risk assessment. HIPAA’s Security Rule requires a documented risk assessment. If the seller cannot produce one, that’s a significant compliance gap you’re inheriting — and one that OCR (the Office for Civil Rights) requests in virtually every investigation.
- Review Business Associate Agreements (BAAs). Every vendor that handles patient data — your IT provider, cloud backup service, email platform, and practice management software vendor — requires a signed BAA. Missing BAAs are a direct HIPAA violation.
- Audit user accounts for former employees. Former staff should have their system access revoked on their last day. In practices we’ve assessed after acquisition, finding active accounts for employees who left months or years earlier is extremely common.
Dr. Marcus T. acquired a practice in East Brainerd in late 2025. During our post-closing IT onboarding, we found three active user accounts in his practice management software belonging to employees who had left between 18 months and three years prior. Two of those accounts had accessed patient records after their termination — not maliciously, but because no one had revoked access. Each access event was a potential HIPAA breach requiring evaluation under the Breach Notification Rule. The seller had no idea. The investigation and documentation to close out the risk took over a month.
- Verify encryption on all laptops. An unencrypted laptop that’s lost or stolen is a reportable HIPAA breach requiring patient notification. This is one of the most common violations — and one of the easiest to prevent with Windows BitLocker or Apple FileVault.
- Confirm network segmentation. Clinical workstations and patient data should not be accessible from the guest network. If segmentation isn’t in place, it needs to be addressed before or immediately after closing.
For a full checklist of what HIPAA requires from your IT environment, see our HIPAA IT compliance checklist for dental offices.
6. Vendor Contracts and IT Support Agreements
- Identify who currently handles IT support. Is there a managed IT provider with a contract? A break-fix vendor called when things break? Someone informal? Understand the current arrangement before closing.
- Review all technology vendor contracts. Look for auto-renewal clauses, cancellation penalties, and terms tied to the current ownership entity. Software subscriptions, internet service agreements, and equipment leases may not transfer automatically.
- Get a list of all recurring IT-related monthly costs. Practice management software, cloud backup, phone system, patient communication tools, and internet service all add up. Knowing the actual monthly tech spend gives you an accurate cost basis.
- Confirm domain name and email ownership. Who controls the practice’s domain name and email accounts? These must transfer to you at closing. If the seller’s IT vendor controls the domain registration, require written transfer as part of the asset purchase.
What to Budget for IT in Year One
Technology due diligence isn’t only about finding problems — it’s about knowing what to plan for. Even a well-maintained practice will have Year One IT costs.
| Item | Estimated Cost | Notes |
| Network security assessment and remediation | $1,500 to $4,000 | Firewall, VLAN, MFA setup |
| HIPAA compliance remediation | $1,000 to $3,500 | Risk assessment, BAAs, policy documents |
| Workstation upgrades and replacements | $900 to $1,400 per machine | Budget for any Windows 10 or older systems |
| Practice management software re-licensing | $1,500 to $8,000 | Varies by platform and number of users |
| Ongoing managed IT support | $150 to $400 per user/month | Flat-rate proactive coverage |
A conservative Year One IT budget for a 3-4 operatory acquisition with average-age technology: $8,000 to $20,000 separate from the purchase price. If the assessment reveals an aging server, end-of-life imaging system, or significant HIPAA remediation needs, that number can be higher.
Use assessment findings as a negotiating tool. A problem identified before closing is a line-item you can negotiate. The same problem discovered after closing is just your expense.
Before closing on his second location in Hixson, Robert L. hired ETTC to do a full technology assessment. We found a seven-year-old server running the practice’s entire Dentrix installation, two workstations still on Windows 7, and no documented HIPAA risk assessment. Robert used the findings to negotiate $12,000 off the purchase price and required the seller to replace the server before closing. The assessment cost him $1,500. It returned $12,000 in negotiating use the same week.
Frequently Asked Questions
Do software licenses transfer when I buy a dental practice?
Usually not automatically. Most practice management software licenses (Dentrix, Eaglesoft, Curve Dental) are tied to the business entity or tax ID. When ownership changes, you typically need to contact the vendor directly to transfer or issue a new license. Always confirm this in writing before closing.
What should I do with the existing IT vendor when I take over a practice?
Evaluate them before committing. Ask for network documentation, a list of what’s currently under management, and any outstanding issues. Some sellers’ IT vendors are excellent. Others are informal arrangements with no documentation and no accountability. You’re not obligated to keep them — and an independent IT assessment gives you an objective picture before you decide.
How long does a pre-acquisition IT assessment take?
A thorough assessment of a typical 3-5 operatory dental practice takes 2-4 hours on-site and produces a written report within a few days. The report covers hardware inventory, software status, network configuration, and a prioritized list of issues with estimated remediation costs.
Is the seller’s HIPAA compliance my problem after closing?
Yes. When you acquire the practice, you take on its patient records, its HIPAA obligations, and — if there are undisclosed compliance gaps — potential exposure for violations that occurred before you took over. A documented assessment at closing, showing the compliance status you inherited and what steps you took to remediate, is the best protection you have.
What are the most common technology problems found in dental practice acquisitions?
In our experience, the three most common issues are end-of-life imaging software with no upgrade path, active user accounts belonging to former employees, and an unsegmented network where patient data is reachable from the guest Wi-Fi. All three are fixable — the key is finding them before they become your problem.
The Bottom Line on Dental Practice Technology Due Diligence
Technology is a material part of every dental practice acquisition. The tools, systems, and compliance obligations you inherit on closing day affect your operations, your budget, and your legal exposure from that moment forward. A proper dental practice technology checklist covers practice management software, digital imaging, network security, hardware inventory, HIPAA compliance, and vendor contracts.
The cost of missing something is real. The cost of checking it properly is not.
ETTC has been providing dental practice IT support in Chattanooga since 2010. We offer pre-acquisition technology assessments, post-closing IT transitions, and ongoing managed IT for dental practices throughout Hamilton County, Catoosa County, and the surrounding region. If you’re in the process of buying a dental practice and want an independent technology review before you sign, call us at (423) 779-8196 or schedule a free consultation.
Published by Mark Bryant, Owner and Founder of East Tennessee Technical Consultants. ETTC has provided managed IT services to Chattanooga businesses and dental practices since 2010.
Using this checklist for your own assessment? We’ve made the ETTC Pre-Acquisition Technology Assessment Form available as an interactive checklist — the same form our technicians fill out on-site. Open it, fill in your findings, and print or save as a PDF.