Last editedApr 20232 min read
If you work in healthcare, you already know that security comes top of the list of priorities. It’s up to you to protect your patient’s financial records, so make sure you choose a healthcare payment processing tool that’s up to the task.
What is PHI (Protected Health Information)?
Protected health information, or PHI, includes certain identifiable details such as a patient’s name, date of birth, and credit card number. Providers are responsible for securing this information. If you’re processing healthcare payments, you’ll need to find a solution that’s secure enough to handle and transmit credit card details.
Are a patient’s financial records covered by HIPAA?
The Health Insurance Portability and Accountability Act, or HIPAA, mandates that healthcare providers must keep personal health information secure. This includes medical test results, prescriptions, treatments, and diagnoses. HIPAA also mandates that the patient’s billing info is kept secure, including any financial and personal records as well as their medical details. The act not only covers digital data, but also oral and written records.
Does a payment processing provider need to be HIPAA-compliant?
Yes, in many cases it’s important to find a HIPAA-compliant payment processor. When handling certain data, processors must have a business associate agreement, or BAA. This is designed to protect against data breaches. While payment processing itself isn’t covered by HIPAA, any activity like reporting and billing management would require this level of compliance.
To determine whether your payment processor is HIPAA-compliant, you’ll need to first determine whether they’re considered a business associate or not. Those that merely process payments do not need a BAA. Those that specifically handle protected information like reporting and medical billing do qualify as business associates and require a BAA.
How does medical payment processing work?
The specific process will depend on the method your patients use. In the case of debit or credit card payments, a patient first swipes or enters their card details at the point of sale or payment gateway. At this stage, the card reader contacts the payment processor for authorization. This means the card information is shared with the issuing bank for approval.
Once approved, the merchant transfers funds via the payment processor to a card association for settlement. Transactions are batched together for processing, where they are transferred and settled in the appropriate bank account. You can learn more about these specifics in our guide to online payment processing.
How to choose the right healthcare payment processing solution
There’s a wide range of healthcare payment solutions out there, each with its own set of features. Here are five key aspects to consider as you compare your options.
1. Data protection: Make sure the processor securely stores, handles, and transmits data in line with all HIPAA requirements.
2. Payment methods: Does the solution offer a selection of different payment types and methods? In addition to card payments this might include bank transfers and recurring payments.
3. Integrations: How well does the processor integrate with your existing software for a joined-up workflow?
4. Costs and fees: In addition to the usual per-transaction fees, are there additional hidden costs involved? How does the system handle late fees and chargebacks?
5. Fraud detection: Fraudulent payments are a serious issue in medical payment processing, so make sure there is built-in fraud protection.
Top 13 healthcare payment processing tools
Here are a few of the top healthcare payment processing tools. Each offers their own pros and cons, so it’s worth comparing features and fees carefully.
Host Merchant Services
Leaders Merchant Services
Flagship Merchant Services
Dharma Merchant Services
Chase Payment Solutions
Get in touch to get ahead of your competition
GoCardless offers a cost-effective alternative to card payment processing ideal for healthcare providers. You can automate your invoicing process using ACH Debit for full control over payment details. Payments are authorized and collected directly from patient bank accounts, reducing the chance of fraud and payment failure. Our Success+ tool helps you retry collection in the event of any failure the first time around. It’s easy to set your customers up with GoCardless, allowing them to save the time and stress of managing healthcare payments.
We can help
GoCardless is a global payments solution that helps you automate payment collection, cutting down on the amount of financial admin your team needs to deal with. Find out how GoCardless can help you with one-off or recurring payments.