In June 2016, Phoenix-based Banner Health suffered a major security breach by cyber attackers, exposing the healthcare, payment and healthcare plan information of more than 3.7 million patients. A subsequent investigation revealed that the hackers gained access through Banner’s payment processing system.
But Banner Health isn’t alone – in 2015, 253 healthcare breaches were reported, the highest number to date. There’s evidence that the healthcare industry is being specifically targeted by hackers at the same time credit card processing is increasing significantly among providers, partly due to FSA and HSA card payments. Payment security is equivalent to data security for your patients, so here are three ways you can help protect your organization and patients while streamlining the payment process.
- Tokenization and Encryption
Tokenization is a method of payment security that is key to defending against possible breaches. With tokenization, credit card data is removed from your payment network and stored at a secure, offsite location. A “token” is used to access your patient credit card data – and since token data is useless to cyber thieves, tokenization presents one of the highest levels of payment security. Point-to-point encryption (P2PE) also helps protect data by encrypting data after it is entered and not decrypting until it reaches its secure destination, allowing zero opportunities to be interrupted in transit. The best approach for healthcare organizations is to find a payment vendor that offers both tokenization and P2PE for an enhanced, layered approach to security.
- PCI Compliance
The healthcare industry is no stranger to compliance regulations, but payment processing is an entirely different ballfield. Finding a payment vendor that is compliant with the Payment Card Industry Data Security Standards (PCI DSS) is essential to protecting data and minimizing fraud liability at your practice. Make sure that any payment vendor’s PCI compliance is verified before you contract with them.
- EMV Chip Cards
As of October 2015, any organization that has not made the transition to accept EMV chip and pin cards with be held liable for any instances of credit card fraud. And, after several high-profile payment breaches that have hit retailers like Target and Home Depot, consumers are more educated and more aware about credit card security – consequently, they will expect healthcare providers to make the switch to EMV-compliant solutions. Take the opportunity now to find a payment provider that supports EMV chip cards and minimizes fraud liability for your practice.
The rate of healthcare security breaches doesn’t seem to be slowing down, which is why payment security should be top of mind for healthcare providers. Forte’s single source payment solutions offer the highest degree of PCI-compliant security, lower administrative costs, and the payment flexibility required by healthcare organizations.
The Forte Virtual Terminal payment gateway processes credit and debit cards with immediate tokenization through Forte’s data centers that are protected by 24/7 video surveillance and armed onsite security. eChecks are also verified and tokenized through the Forte point of sale system, giving patients the payment options they expect while also defending your practice against nonpayment by instantly validating funds. All transactions can be monitored in real-time through your merchant account, so payments are fast, accurate and seamless. For both established and growing practices, Forte services can be configured so that you get the exact payment features you need along with the highest grade of security to ward off potential data theft.
Safeguard your organization today – learn more about how Forte healthcare payment solutions help prevent fraud by calling 866.290.5400 or by emailing firstname.lastname@example.org.