Direct answer: Adrian Dray, UK Director of Partnerships at CareStack, argues that the single biggest strategic mistake UK dental practices are making right now is adopting AI and cloud technology driven by fear of missing out rather than genuine operational understanding, and that the practices which will win over the next five to seven years are those that build on architecturally sound, scalable platforms and treat telephone call data as a primary business intelligence asset. Drawing on seven years as a data protection officer and senior privacy advisor across both the dental sector and financial services, Dray identifies three compounding problems in UK dentistry: legacy systems that were never designed for scale, invisible revenue leakage through unanalysed phone calls, and compliance risk that is accumulating quietly in server rooms and storage boxes. His platform CareStack, now live across more than 140 UK practices, and its sister AI telephony product VoiceStack, used by more than 250 UK practices, are built to address all three simultaneously. The core action for any UK dental practice owner or group leader is to audit what is actually happening on their incoming calls, because until that data is visible, every growth strategy is built on a significant blind spot.
There is a moment that Adrian Dray describes from his years as a data protection officer at IDH, one of the UK's largest dental groups, that captures the dysfunction at the heart of how British dentistry has historically approached technology adoption. A new solution would arrive at the table. The sales presentation would be compelling. Internal excitement would build. The project would carry a price tag approaching £10 million. And Adrian's job was to be the person who pointed out that the underlying product was a white-labelled generic tool that had never been designed for dentistry, that the supplier did not understand the regulatory nuances of the sector, and that the promises made in the demo were structurally unlikely to survive contact with the operational reality of a busy dental group.
"As a sector, we were kind of given a bit of a bad hand. It was a case of typically white-labelled products which weren't really designed for dentistry. The suppliers didn't really understand the nuances of the market, and they just chucked dental in front of it and then pay the handsome tax that we all know as the dental tax for that."
It was a role that earned him a nickname he recounts with the resigned humour of someone who has since been proved right: the Revenue Prevention Officer. The sting in that label matters, because it points to something important about where UK dentistry has been stuck. The instinct to protect practices from bad technology decisions was, in the absence of genuinely good alternatives, indistinguishable from blocking progress entirely.
Adrian left IDH, built a GDPR consultancy, spent time as a senior privacy advisor at the Royal Bank of Canada, and eventually found himself sufficiently convinced by the architecture and ambition of CareStack to leave a senior financial services role and join a dental tech startup. He is now UK Director of Partnerships, and his perspective sits at a rare intersection: someone who has spent years on the buying side of dental technology decisions, who understands data protection and compliance at institutional level, and who is now helping to build the platform he spent much of his career wishing existed.
The Architecture Problem: Why Most UK Dental Technology Is Built for the Wrong Scale
The UK dental market currently comprises approximately 12,500 to 13,000 practices across all four nations, with around 11,000 in England alone. Approximately 90% hold an NHS contract. The top 4 corporate groups own roughly 12% of the market and are continuing to trim their portfolios. The independent practices buying those released sites are becoming micro-DSOs, and the operational demands of running multiple sites are arriving before most of those buyers have the systems infrastructure to handle them.
This is the context in which Adrian's distinction between two fundamentally different types of cloud architecture becomes critical. One type of cloud practice management system was designed for an individual practice and then scaled by adding additional instances. The other was incubated inside a dental group from the outset, with multi-site governance, centralised administration and same-store growth built into its foundational architecture.
"CareStack is one of the very few practice management systems which was incubated inside of a DSO, inside of a dental group. So the underlying architecture understands scale, understands growth. And that means that as a group, when you want to update certain branding, certain features, certain pricing, rather than going into every individual practice system to do that, you can do that from a super admin level."
For a UK practice owner managing three sites today with ambitions to reach ten, the practical consequence of this distinction is significant. A system designed for individual practices will require individual configuration changes for every update, every pricing revision, every new feature rollout. A system designed for groups makes those changes once, at the top level, and propagates them instantly across the entire estate.
CareStack launched in the UK in late 2024 and has taken more than 140 practices live on its practice management system. That figure is notable context for a system that only gained full NHS billing capability in the six months prior to recording, given that NHS contracts represent approximately 90% of the market.
The pressure driving practices towards cloud migration is now coming from multiple directions simultaneously. Legacy server-based systems are signalling that meaningful development is ending. Security vulnerabilities in on-premise infrastructure are accumulating. AI tools that require clean API integrations cannot function effectively on client-server architectures. Patient expectations around online booking, self-service portals and digital communication are rising. The migration is not a question of if, as Adrian frames it. It is a question of which cloud platform and when.
"The movement to cloud is inevitable. It's about what, it's a case of how much pressure is building up for that. You've even got your current provider that's telling you you have to."
For a broader analysis of what the migration from legacy to cloud infrastructure means for the competitive positioning of UK dental practices and groups, see The Great Dental Reset: Why 2026 Will Reward the Prepared, Not the Big.
The Telephone Intelligence Gap: The KPI No One Is Measuring
One of the most consistently underestimated revenue problems in UK dentistry is not happening in the clinical chair. It is happening on the phone line, and it is invisible to the vast majority of practice owners because they have never had the tools to see it.
Adrian's description of VoiceStack, CareStack's AI telephony product, now deployed across more than 250 UK practices, begins with a deliberate reframing. The first thing that dentists think when they hear the words AI phone system is a robot receptionist. That is not what VoiceStack is.
"What it does is it is a unique piece of software that provides practice owners and group leaders understanding, clarity and confidence over the decisions that they can make by tapping into a piece of data that for the longest time has been kind of invisible to them. And that's what's happening on telephone calls."
VoiceStack is built on a training dataset of over one million dental patient calls, a distinction Adrian is deliberate about emphasising at a time when generic AI phone systems are entering the dental market with no sector-specific training and aggressive long-term contract terms. As a telecom provider itself, CareStack owns the underlying software and develops it against the specific requirements of NHS and private dental practice in the UK. Every call is transcribed in real time. A summary follows almost immediately, capturing caller type, reason for call, treatment discussed, and crucially, the outcome: was a new patient call converted to a booked appointment?
That final metric is the one that tends to produce the most uncomfortable conversations.
"When you pull that data through and you have a look at the metrics for the first time, dental practice owners get an understanding of, oh my, we only convert 20% of our new patient calls into a booked appointment. Why is that?"
The reasons VoiceStack surfaces are varied and often actionable. Availability gaps. Pricing concerns surfaced in conversation. Receptionist handling that is not calibrated to convert specific treatment inquiries. And perhaps most interestingly, demand signals that practices have been receiving and losing without knowing it.
Adrian's example of an implantologist who is only available twice a month, while implant inquiry calls are coming in at a volume that could support a much fuller schedule, illustrates the operational intelligence gap with precision.
"The receptionist isn't going to go to the practice owner and say, hey boss, just to let you know, we had about a hundred implant calls this week. We've got an implantologist who's only here twice a month, so we couldn't book him in. I thought you'd want to know that just in case you're doing any kind of recruitment strategy. They're not going to do it. They're not paid to do that. They're not business coaches."
The calls are coming. The demand is there. But without the data infrastructure to surface it, every missed conversion is invisible, and every staffing decision that could address it is based on intuition rather than evidence.
Adrian's framing of this as a question not of how many leaks are in the bucket, but of understanding that most practices do not yet know how big the bucket is, has a direct implication for any growth strategy built on marketing spend. Meta advertising data provides click-through rates and cost per lead. VoiceStack answers the question that matters most after that: what percentage of those leads that picked up the phone actually booked?
For further analysis of how the front-of-house function in dental practices is being transformed from a cost centre into a revenue intelligence asset, see The Front Desk Is a Revenue Engine, Not a Cost Centre: How Automation and AI Are Transforming Dental Operations.
FOMO, FOMU and the Psychology of AI Adoption in UK Dentistry
Adrian's analysis of where UK dentistry currently sits in its relationship with AI is worth examining carefully, because it is one of the most psychologically precise assessments of the market available from someone operating inside it daily.
He identifies two governing fears that drive most technology decisions in the sector: FOMO, the fear of missing out, and FOMU, the fear of messing up. These two states are not sequential. They are in tension with each other at all times, and the market is currently experiencing a moment where FOMO is dominant, which Adrian regards as a serious risk.
"We have a group that are in the FOMO kind of stage and feel like they have to have AI and they're stupid if they don't have AI. The problem we've got is that there are too many software providers that can't even spell AI, let alone actually talk about it and implement it into their solutions."
The specific concern Adrian raises is about reselling: AI products that are being white-labelled and deployed by software vendors who have no meaningful relationship with the underlying product, no ability to influence its development, and no capacity to ensure its safeguards. The practices that adopt these tools in a FOMO state will have a FOMU moment relatively quickly, and when that happens the reputational damage extends beyond the individual vendor to the entire category of technology it represents.
This pattern is not new. Adrian notes that dentistry has been through equivalent cycles with other product categories and the same dynamics have played out consistently. The naysayers who wait are too slow. The early adopters who rush at poorly validated products get burned. The winners are the practitioners who move at the speed of evidence rather than the speed of hype.
His caution about AI-powered voice and communication tools in particular is pointed. Vibe-coded AI receptionists built by developers without dental sector knowledge or compliance infrastructure are already causing data breaches and reputational damage to practices. The risks are not hypothetical.
"My biggest concern is that we're going to have whole technology lines that can get destroyed because a 17-year-old learns how to vibe-code AI receptionists, and then it starts causing data breaches and destroying the reputation of a dental practice. And that's already happening."
For UK dental leaders, the framework Adrian offers is straightforward: do not evaluate AI tools on the basis of whether they are AI. Evaluate them on service, support and innovation track record, with the ability to leave on a monthly rolling contract if any of those three criteria are not being met.
Compliance as Competitive Advantage: What Practice Owners Need to Know Before Buying or Selling
Adrian's background as a Group Data Protection Officer and senior privacy professional gives his compliance guidance an unusual quality: it is simultaneously more technically precise and more practically reassuring than most of what practice owners encounter on the subject.
His core argument is that a risk-based approach to data protection is not only permissible but appropriate, provided it is accompanied by full accountability. Absolute compliance with the letter of GDPR, in the sense of avoiding every technically non-compliant tool, would make it effectively impossible to run a modern dental practice.
"If you were to be 100% compliant with the law, which no one really understands how to be anyway, you would not be using WhatsApp. You would not be using ChatGPT. You would not have a business."
What accountability means in practice is a genuine understanding of three categories of risk: regulatory risk, which includes the possibility of ICO investigation and enforcement; legal risk, which encompasses compensation claims; and reputational risk, which in dentistry is the most immediately damaging of the three.
His account of walking a practice owner through a live ransomware attack, where a backup drive had been physically connected to the compromised server and was encrypted alongside it, illustrates the accountability principle in its most operational form. The ICO will investigate. The question it asks is not whether the breach happened, but what response was mounted, what was documented, and what structural changes are being made to prevent recurrence.
The acquisitions dimension of compliance is where Adrian's concept of "data lemons" becomes most directly actionable for the growing number of UK practice owners and groups buying from the corporate consolidators who are currently trimming their portfolios.
"Look at your paper records. Are you going to buy a practice that when you open up the loft, there's 30, 40 years of boxes of records up there or in a coal shed or in a doghouse? Because that's where you have huge problems. A dental negligence lawyer asking for data that's probably held in one of those boxes. Or I have seen this where you've got local school kids who break into the coal shed and start flicking through medical record notes."
The due diligence checklist Adrian recommends for any acquisition is specific: audit paper record storage and destruction status; locate and assess digital backup architecture; confirm that backups are not stored on devices physically connected to the primary server; and verify where data currently lives across every integration in the practice's technology stack. Buying a poorly governed data estate is not just a compliance problem. In the event of a breach or a negligence claim, it is a financial and reputational liability that transfers with the acquisition.
For an analysis of the people-centred leadership requirements that accompany AI adoption in dental organisations, see People-First AI: Why Most AI Projects Fail in Dentistry (and How Leaders Get It Right).
The Barber Shop Test: Where Human Connection Becomes the Competitive Moat
Adrian closes the substantive part of the conversation with a thought experiment that cuts through most of the noise in the current AI debate in dentistry. He recounts a question from his barber, Mario, that he had not found a satisfying answer to from any technology vendor: when would you be happy with a robot cutting your hair, even if it could do a better job?
"Never, never Mario, because I look forward to our chats. I look forward to the fact that I can tell you something I know you don't know about. I love the fact I'm not distracted by my phone. It's probably the one hour a month that I could put my phone away and people don't disturb me. I'm having my hair cut. And I get to have that human experience with him."
The same logic applies in the dental surgery with compounding force. A patient's relationship with their dentist is built on a combination of clinical trust and human familiarity that no AI system is going to replicate. The value of that relationship is what drives retention, referral and treatment acceptance in a way that no recall automation, however intelligent, can substitute for.
What AI can do, and what Adrian argues it should be evaluated on its ability to do, is handle the administrative and transactional burden that currently competes with that relationship for the attention and energy of every person in the practice. The booking confirmation. The recall reminder. The wait list management. The call overflow that goes unanswered. The implant inquiry that arrives when the implantologist's diary is full and nobody tells the practice owner.
"All the other bit of boring stuff, I do want it to be automated. I do have an expectation on that. I don't want it to make it feel like I'm searching for the arc of the covenant to book a patient appointment."
This is the operating model that the most intelligently designed dental AI platforms are converging on: not the removal of the human from the surgery, but the strategic reallocation of human time and attention away from the tasks that AI handles better, towards the interactions where human presence is irreplaceable. Getting that reallocation right is the leadership challenge of the next five years for every dental practice and group in the UK.
For an analysis of how the operational design of dental practices needs to evolve to support this reallocation, see Scaling Dentistry Without Breaking It.
Key Takeaways
UK dental practices currently converting only 20% of new patient telephone calls into booked appointments are experiencing a revenue leakage problem that is entirely invisible without call analytics infrastructure. Auditing new patient call conversion rate is the single highest-leverage operational action available to most practices right now.
The distinction between cloud platforms designed for individual practices and those architecturally built for multi-site dental groups is not a technical detail. It is the difference between a system that requires individual configuration per site and one that allows group-level changes to propagate instantly across an entire estate. For any practice with growth ambitions beyond two or three sites, this distinction determines how fast and how efficiently scaling can happen.
The current FOMO wave in dental AI is generating a category of white-labelled, vendor-resold AI products with no sector-specific training, no meaningful compliance infrastructure, and aggressive long-term contract terms. UK dental practices should evaluate AI tools exclusively on service, support and innovation track record, with the contractual freedom to leave on a monthly rolling basis if any of those criteria are not being met.
Data protection compliance in dental practice should be managed as a risk-based discipline, not as an absolute compliance exercise. The key is full accountability: documented understanding of regulatory, legal and reputational risk, with a clear response protocol in the event of a breach. The ICO's primary concern in an investigation is not whether a breach occurred, but what response was mounted and what structural changes are being implemented.
Any UK practice owner or group operator acquiring a dental practice from a corporate divestment should conduct specific due diligence on paper record storage and destruction, digital backup architecture and the location of all data held across the practice's current technology integrations. Compliance liabilities transfer with the acquisition.
The practices that navigate the current AI transition most successfully will not be those that adopt the most tools. They will be those that identify precisely which tasks should be automated and which require human presence, and then invest in building the system architecture that enables that distinction to be made reliably, at scale, and in real time.
Long-term telecom contracts in the dental sector benefit only the telecom provider. Any AI telephony system that cannot be evaluated, retained or exited on a monthly rolling basis should be treated as a structural misalignment of interests between the vendor and the practice.
About TechDental
TechDental is a strategic intelligence platform for founders, executives, operators and investors shaping the future of dentistry.
Through high-level analysis and systems-focused conversations, we explore how AI, governance frameworks and operating model design influence performance, scalability and enterprise value in dental organisations.
If you are building, scaling or investing in dentistry and want independent, systems-level insight into AI, governance and capital readiness:
For strategic advisory, board briefings or keynote speaking enquiries: www.techdental.com/advisory
The future belongs to those who deploy technology with discipline.
© 2026 RIG Enterprises Limited. All Rights Reserved. This article was authored by Dr. Randeep Singh Gill and is published under the TechDental brand, a trading name of RIG Enterprises Limited (Company No. 11223423), incorporated in England and Wales on 23 February 2018, registered at 1a City Gate, 185 Dyke Road, Hove, England, BN3 1TL. All editorial content, analysis, synthesis and intellectual property contained within this article are the original work of the author and remain the exclusive property of RIG Enterprises Limited. Opinions and statements attributed to named guests reflect the views of those individuals as expressed during recorded interviews and are reproduced here for editorial and informational purposes. No part of this article may be reproduced, distributed, transmitted, republished, or otherwise exploited in any form or by any means, whether electronic, mechanical, or otherwise, without the prior written consent of RIG Enterprises Limited. Unauthorised reproduction or use of this content may constitute an infringement of copyright under the Copyright, Designs and Patents Act 1988.