Technology Advancements and Obsolescence: What That Means for Your Dental Practice

As part of its mission to advance oral healthcare through innovation, security, and collaboration, the Dental Integrators Association proudly features thought leadership contributed by its member organizations. Each article in this series offers practical insights, shared experiences, and timely strategies from those working at the intersection of IT and dentistry. Together, we are building a smarter, stronger community one idea at a time.

Thank you to Coastal Networks for contributing this article to the Voices of Dental IT series. We appreciate their willingness to share perspective and experience with the DIA community.

This article was authored by Steve Mueller and Josh Crithfield (Co-founders of Coastal Networks).

As we are all aware, there is a relentless push forward regarding technology in both our personal lives and in the workplace. This constant innovative spirit has created many great advancements in the field of dentistry that could not have even been imagined three decades ago. However, as technology continues to advance, many older technologies are heading toward obsolescence. This is true with analog technologies such as film radiographs and paper charts, but it is also true with digital technology as well. Whether we are talking about phones, computers or other digital devices, you are likely familiar with being forced to part with a cherished device because it is no longer useful due to slow performance or lack of support. It is an inevitable byproduct of this forward momentum.

October 2025 marked the retirement of one of the most popular computer technologies of this century, the long-dreaded end of Microsoft Windows 10. Win10 was released back in 2015 and at the time was the latest in a series of computer operating systems released by Microsoft since their original release of Microsoft Windows back in the 1980s. It solved many of the crippling issues created by several less glamorous versions prior, propelling it to become one of the most popular versions ever released. In 2021 Microsoft released Windows 11, adding security, interface, management and AI advancements to the Windows platform, while at the same time continuing to support Windows 10 for another four years.

Eventually, it becomes very costly and cumbersome to support older products indefinitely making the retirement of older software technology inevitable. Although there is no official retirement date for Windows-11, there are still versions of Windows whose support is set to expire in the near future. Microsoft has announced that it will end extended support for Windows Server 2016 on January 12, 2027. That means after that date, Windows Server 2016 will no longer receive regular security updates, bug fixes, or standard Microsoft support.

So what does this mean for your practice?

For many dental practices, this is more than a technical deadline. If your practice management system (like Dentrix, Eaglesoft, Open Dental, etc.), imaging platform, (like Dexis, Carestream) or shared file folders depend on a server you have either in your office or hosted in the cloud – this is where you may need a plan.

What does “expiring” actually mean?

“Expiring” does not mean your server shuts off on January 12, 2027. Your server will usually keep running. Users can still log in, applications may still open, and files may still be accessible. The real issue is that, like with Windows-10, the server becomes an unsupported platform. After support ends, newly discovered vulnerabilities may remain unpatched, software vendors may stop certifying their applications on that operating system, and Microsoft will no longer treat it as a supported production platform.

In plain terms: the server can keep working, but it becomes steadily riskier and harder to defend, maintain, and justify.

What happens if you do not upgrade?

The biggest issue is security exposure. Once a server is out of support, attackers know that any future weaknesses may never be fixed unless you are paying for a temporary Extended Security Updates (ESU) program. Unsupported servers also tend to create downstream problems: newer backup agents, browsers, security tools, and management platforms eventually stop supporting them. Microsoft’s own guidance says end of support means the end of security updates and can create security or compliance issues for business applications.

Operationally, not upgrading usually leads to one of four outcomes:

  1. You accept growing cyber risk,
  2. You end up paying extra for short-term stopgaps like “ESU”.
  3. A critical application forces an urgent migration later.
  4. A security or audit event turns the project into an emergency instead of a planned refresh.

Can Windows Server 2016 still be used in a HIPAA regulated environment?

The careful answer is this: HIPAA does not name a required operating system version, so there is no rule that says, “Windows Server 2016 is automatically noncompliant on a specific date.” HHS states that the HIPAA Security Rule does not mandate minimum operating system requirements. But that does not mean an unsupported server is safe from a HIPAA standpoint. HHS also says regulated entities must assess risks to electronic protected health information (ePHI), including risks from unpatched software, and must reduce those risks to a reasonable and appropriate level. In recent OCR guidance, HHS specifically states that risk analysis includes vulnerabilities from unpatched software and that organizations should apply patches or take other remedial action to reduce risk.

So the practical answer for healthcare is this: running an unsupported server that stores, processes, or provides access to ePHI becomes increasingly difficult to defend under HIPAA, especially if there is no documented risk analysis, compensating controls, transition plan, or supported patch path. It is not an automatic violation by date alone, but it is a growing compliance risk that becomes harder to justify after support ends.

So how do I know which version of Windows I have?

Because servers are for the most part out of sight for most of the time, many practice managers and owners are not aware of intricacies in how they operate. If your server was purchased before 2022, your system could possibly be using Win2016 or an even older version, this would be a good time to consult your information technology specialist to determine where your system stands and what your options are.

So what are my options?

Until recently, most dental practice management and imaging systems created in the past 30 years require a centralized local data repository to store your records. This is where your server fits in. If you are using a system like Dentrix, Eaglesoft, PracticeWorks and in most cases OpenDental, you will want to decide whether to keep what you have or explore new options such as cloud-based practice management and imaging systems. Then consult your trusted IT partner, because it is important to know what is involved before making a switch.

Upgrade and keep it on premises

If your practice decides to keep the current on-premises practice management and imaging system it would likely involve replacing aging hardware and deploying a supported (likely the latest) version of Windows Server. Then migrating roles and applications over to the new platform. This makes sense when the practice relies on local imaging systems and large files like CBCT scans moving across your local office network. Because of the technical knowledge required, this would almost certainly be done with help from your IT partner.

The pros:

  • Requires less training since you will keep your current system in place for the most part

  • Causes fewer disruptions as these sever transitions can usually be completed in one to two days for most small practices

  • Upfront cost is spread over in most cases a 7–9-year lifespan if configured properly

The cons:

  • Could be a significant upfront cost because professional server hardware is required.

  • May limit practices that are considering opening multiple physical locations (if sharing patients between locations)

Use Extended Security Updates as a temporary bridge

Microsoft has announced ESU for Windows Server 2016. This is important, but it should be treated as a bridge, not a destination. Microsoft describes ESU as a last-resort option for customers who need to run certain legacy products past end of support. ESU provides security updates, but not new features or general modernization.

The pros:

  • ESU is a licensing option that allows windows Microsoft to continue providing needed security updates to your current server
  • Nothing changes immediately, you keep your existing server for the covered period
  • Allows for short-term risk reduction while a real migration plan is executed

The cons:

  • Additional cost for “kicking the can down the road”
  • Microsoft positions Extended Security Updates (ESU) as a temporary bridge and states they can be available for up to three years after end of support, depending on the offering and scenario
  • Does not solve aging hardware concerns. In many cases, your hardware is may already 7+ years old and has been operational 24 hours a day, every day since it was installed. It is very important to make sure these systems are constantly monitored by your IT support professionals for potential failures. Every hour your practice cannot see patients because of a computer system outage costs thousands of dollars and even more in reputational damage

The move to cloud-based practice management/imaging systems

As you can probably imagine changing your practice management system means making significant changes to the way your practice operates. It is important not to make a short-sighted tactical decision just to avoid replacing your local office server with one hosted offsite by the software vendor. Decisions like this require a great deal of planning and should be made with a strategic goal in mind. Right now, there are still several months to plan this, and if you need even more time, ESU can be a useful bridge.

Things to consider when selecting a cloud-based solution

What is my data and where is it stored?

Although your practice management system may now be in the cloud (hosted in an offsite data center), it’s likely that much of the patient information you are required to keep secure may still be stored on your local computers or need to reside on a local server

  • CBCT data – may CBCT system rely heavily on local storage or hybrid designs

  • Document data – documents like Word, Excel, and Adobe documents may contain patient information

  • Email data – although most email is cloud based, local copies are sometimes created

  • Web browser data – there may be patient data saved in your web browser

Now that my server is gone, how do we manage security?

In many cases in addition to being the central repository for your practice management and imaging systems, and other shared systems on your network, the server also acts as a security guard by protecting access to the system through Windows Active Directory, it handles the login experience you see when you are requested to sign in to your computer system first thing in the morning. “Individualized access to patient information” is a requirement of the HIPAA Security Rule and can be addressed through cloud identity platforms such as Microsoft 365 or Google Workspace which can help support HIPAA-required access control and unique user identification when they are configured and managed appropriately.

  • Microsoft 365 –Your IT partner can replicate and even improve the security and file sharing requirements your practice may want or need.

  • Google Workspace – Google’s business platform also has credential-based systems that can be used to meet the authentication, file sharing and message security requirements.

  • Custom Solutions – you can create custom security solutions based on your needs and the requirements of the HIPAA security rule

What should my practice do now? What is the next step?

Start with an assessment, not a panic purchase. Your IT partner can assist with this and will likely be able to provide you with the information and options your practice needs. Because of the unique technology challenges and complexities in the field of dentistry, it’s very important when looking for an IT provider to partner with a company that is an expert in the dental field. The last thing you want to do is spend your valuable time bringing an entire organization up to speed on how your practice operates.

A Dental IT partner should be able to…

  • Have extensive knowledge and experience with many different dental practice management and imaging systems
  • Be familiar with common dental hardware platforms such as CBCT systems, intraoral camera systems and intraoral sensors, many of which require extensive experience or specialized training.
  • Because of the compliance requirements, your IT partner should be cybersecurity experts
  • Provide compassionate helpdesk and remote technical services, because they understand that not everyone is a technical expert and should not be treated as if they should be
  • Recommend or provide third party solutions to common dental practice challenges.

The Dental Integrators Association connects dental practices with experienced IT professionals who understand the unique requirements of dental technology, from practice management software to digital imaging systems.

Get Involved

Find a DIA Member – Explore trusted providers in your area

Submit an Article – Share your insights with the industry

Follow Us in LinkedIn – Stay connected with the community