An owner I have never spoken to before starts with a half-sentence and trails off. "I've got a personnel situation with my front office, and a friend of mine said I should talk to you." Or: "We have something happening, and I'm considering my options." Or, the most common version: "She's not performing well, and I'm not sure what comes next."

They never say the word fire. The word the owner uses is "considering." Considering letting her go. Considering my options. Considering. The conversation is happening in the part of the owner's head where the decision has been made but not yet spoken, and the next thirty days of work are the part you can still get wrong.

Why the first move is the inventory, not the conversation

I want to make something clear before I say anything else. I am not the right person to talk to about whether you should let your office manager go. That is a conversation between you, your HR adviser, and your own read of the relationship. I am the right person to talk to about what your office manager is holding on your behalf right now: the Delta Dental provider portal login, the Aetna dental portal, three years of one-time-code routing you have never seen, the working knowledge of why a specific D2740 crown on a Cigna patient ended up paid on the second appeal instead of the first. The fastest, lowest-risk thing an owner can do in the first week of "considering" is not to act. It is to inventory.

I know that sounds anticlimactic. It is not. Most owners who call me at this stage are operating with a clear mental picture of the awkward conversation and a foggy mental picture of every system their office manager has had to log in to for the last few years. They are worried about the conversation. They are not yet worried about the half-day gap between "we are letting you go effective today" and the next claim that needs to get out the door. They should reverse those.

What your office manager or biller is actually holding

Here is what your office manager or biller is almost certainly holding. The Delta Dental provider portal. The Aetna dental portal. The Cigna dental portal. The MetLife portal. The UnitedHealthcare portal. The Guardian portal. Each state Blue Cross dental plan you take, on a different portal, each with their own quirks. The bank login. The merchant-services console. The login to whatever insurance verification tool the practice pays for. The login to your practice management system, including the user account with the highest-privilege role. The text-message routing for the one-time codes that every one of those portals throws at her three times a week. The spreadsheet (it is always a spreadsheet, and you have never seen it) where she has been quietly tracking which portal sends the OTP to her personal cell phone, which goes to the practice line, which goes to a Gmail address she set up in 2021 that nobody else has the password to.

She is also holding the small operational shortcuts you do not see. Which payer reliably eligibility-checks before 8 a.m. and which one stalls until lunchtime. Which biller at Cigna she has built rapport with. Which D-codes the Delta portal has flagged as needing additional documentation more than once, and the format of the documentation that gets them paid on the first appeal. The reason claims have been getting paid out of your office is some combination of carrier-portal workflow and tribal knowledge built up inside one person.

None of that is in your practice management system. None of it is in your filing cabinet. None of it is sitting in a "passwords" Google Doc your office shares (and if it is, you have a different problem, which we can also talk about).

Why owners feel a quiet panic before the conversation

The reason owners feel a quiet panic in the days after "considering" is that they have intuited this, but cannot yet name it. The smart move, before any difficult conversation happens, is to make it nameable. Get everything she holds onto a list you control. Not in a way that signals to her that something is changing. The list is the thing you do not yet have.

What I tell owners on the first call

What I tell owners on that first call is: spend a week, before you decide anything else, getting all of it onto paper or into a system you own. The portals. The usernames. The multi-factor authentication (MFA) routing for each one. The bank login. The PMS user accounts and what each one can do. The vendor logins. The shortcut accounts (the personal cell phone, the gmail address). The fee schedules, downloaded as files, not as logins. The payer correspondence she has been managing out of her own email signature.

The second thing I tell them, if a new hire is already in the picture (and roughly half the time, there is one), is to onboard the new hire to all of it before any conversation with the existing employee. Not after. Before.

Day one of the new person should be a working day, not a recovery day.

The owner who treats their new insurance coordinator's first morning as a forensic exercise has already lost two weeks of clean claim throughput. The owner who hands their new hire a clean set of credentials, and a working list of what each portal does, has bought back those two weeks.

The third thing I tell them, which is less procedural and more about how this lands inside the practice, is this: the most security-conscious thing you can do as an owner is to separate who runs the billing from who holds the credentials to do the billing. Those are two different jobs. They have been the same job at your practice for some unspecified number of years, because nobody designed it otherwise and the person who ended up holding everything was the one who would not leave. Owners who run their practice with that boundary in place are not paranoid. They are insulated. They are not the same as owners who have nothing on paper and a person on the other side of a difficult conversation.

I want to say something about the conversation itself, because owners ask me. The owners who plan the credential side before the personnel side are, in my experience, the same owners who treat the conversation with their office manager with care. They are not in a hurry. They are not lashing out. They are preparing. The preparation is the thing that makes the conversation, when it comes, professional rather than rushed. I have been on enough of these calls to recognize the pattern. The owners who call me at this stage tend, by some measure, to be the ones who do the rest of it well too.

Why no practice ever has this in one place

Now, the part I have a product opinion about. The reason this kind of preparation is hard to do alone is that the dental carrier-portal layer in this country is structurally fragile. There are hundreds of dental carriers a practice might need to log in to, depending on which plans you take. Every one of them rolls out its own MFA system. Several of them route one-time codes to a cell number you registered four years ago. Some of them lock the account if you fail two attempts. None of them were designed for a practice whose ownership of those credentials might need to change hands without notice. The default state of every private practice I have ever seen is that the access to the most critical layer of the revenue cycle (the part where claims get submitted, denials get appealed, eligibility gets checked, money gets posted) sits inside one person in the front office. Until something forces the owner to think about it, it stays that way.

Unify exists, in part, because we built our company around this exact scenario. We make the carrier-portal credentials yours, the owner's. Your biller or insurance specialist uses Unify to log in to the portals they need. Unify routes the one-time codes automatically. The audit history of who logged in to which portal, and when, stays in your hands. We have built workflows into Unify for over 350 dental carriers. When the day comes that you have the conversation with someone in your front office, you do not chase logins. You click a button. The credentials rotate. Your new hire walks in on Monday and the portals open the way they always have.

The HIPAA part that actually matters

The HIPAA part of this, the part that actually matters in a private practice, is about the audit trail. The rules require a unique user identifier and a record of who accessed protected information when, and that includes insurance portals because they contain protected information. Shared logins in Chrome do not satisfy that. A "passwords" tab in your office's spreadsheet does not satisfy that. A system that maintains a per-user audit history on top of the same underlying credentials does, which is, for the avoidance of doubt, what we have built. The audit trail is also useful for the much more practical reason that on the day of a difficult conversation, you have a record of what happened in those portals last week and the week before. You are not piecing it together from memory.

If you're reading this in that moment

If you are reading this because someone you trust forwarded it to you, or because you searched for something close to what you are dealing with, the next step I would suggest is short. Talk to me. Book a demo with me directly, here: https://calendly.com/tanner-unify/unify-demo. The call is 30 minutes. I will not talk you into anything you are not ready for. I will walk through your practice's stack with you, ask a few questions about your front office and your portals, and tell you honestly whether Unify is the right thing for you to set up before the conversation happens, or after, or whether you should do the inventory yourself first. If it is not the right time, I will tell you that too.

The owners who call me before the conversation are the ones I work with longest. The ones who call me after are the ones who wish they had called me before.