Dental AI guide
Browser Extensions Are Reading Your Patient Data
When a staff member opens your PMS in a browser, every extension they've installed can potentially read what's on the screen — patient data, to a tool you never vetted.
When the PMS is open in Chrome or Edge, browser extensions — Grammarly, AI assistants, screenshot tools — can read the page, including patient data, and send it to their own servers, often overseas. It is extraction that nobody chose.
No patient data required. Use these guides for practice workflow education, not patient-specific advice.
Many browser extensions ask to "read and change all data on all websites". When the PMS is one of those websites, the extension can read patient information — and you never decided to share it.
This is general educational material for dental practice owners and staff, not legal advice.
Two privacy laws apply in NSW. As well as the Commonwealth Privacy Act 1988 and its Australian Privacy Principles (APPs), dental practices in NSW are also bound by the NSW Health Records and Information Privacy Act 2002 (HRIP Act) and its Health Privacy Principles (HPPs). Read the considerations here against both. General information, not legal advice.
Why this matters
If your practice opens its PMS, booking system or email in a web browser (Chrome, Edge, Safari), then every extension installed in that browser is a piece of software with potential access to what's on the screen.
Many popular extensions request the permission "read and change all data on all websites you visit". With that permission, the extension can read the page content of your PMS — patient names, notes, treatment details — and send it back to the extension's own servers, often overseas. This is the extraction problem again, except no one chose to extract anything; an installed tool does it silently.
The everyday culprits
These are the kinds of extensions staff install without thinking:
- AI writing assistants and grammar tools (e.g. Grammarly-style tools) — they read text fields to "improve" them.
- AI chat / "summarise this page" assistants — they read the whole page.
- Screenshot and screen-recording extensions.
- Transcription and meeting tools.
- PDF, coupon, shopping and "free" utility extensions — often the riskiest, with broad permissions and unclear owners.
The danger is not that the staff member is careless — it is that a tool installed for a personal reason quietly gets access to patient data the moment the PMS is open.
Also in the full guide
- How to check what's installed
- Managed vs personal browsers
- What good looks like
Optional — get a customised version
Request the version adapted for your practice
The guide above is free to read and download. If you would like a version tailored to your practice workflow, leave your details below. Use practice-level details only. Do not include patient names, treatment details, clinical notes, X-rays, invoices or identifiable emails.