Last week, the InstaMed team hopped a plane to Madison, WI to host a group of Epic users at Rare Steakhouse on the Monday evening of Epic UGM. We were very happy to have the opportunity to talk with our customers and colleagues about the latest trends and hot topics in healthcare payments. With plenty of food and drink fueling the conversation throughout the night, we learned a lot about our guests’ doubts, concerns and demands regarding payment security in healthcare.
If you like your healthcare payment security they way we like our steak (well-done), then read on to learn more about the juiciest bits of insight our team walked away with at the end of the night.
Disclaimer: Forgive the meat-driven metaphors. Rare Steakhouse did such an excellent job of making us feel full and accommodated, we still have steak on the brain.
All Steak Should Be Ordered Rare for the Best Experience
Not exactly. However, this common misconception has many restaurant goers seeing bright-red on their plates when they don’t have to.
Don’t go through life with this always-rare mentality, especially when it comes to security breaches. Unfortunately, security breaches cannot be considered a rare event. Research from Symantec shows that between 2014 and 2015, there was a 125% increase in the number of breaches where 10 million or more people were affected. As security breaches increase, the healthcare industry has become a primary victim of these kind of incidents, especially when they are criminally driven. According to the Ponemon Institute, criminal attacks are now the leading cause of security breaches in healthcare.
As increasing patient payment responsibility is leading more healthcare organizations to expand their payment capabilities and open up more payment channels to accept payment, security must remain top of mind. More payment channels create more endpoints that are susceptible to security vulnerabilities, unless you take the proper precautions to be secure. Know where your risks are, know your PCI scope, and know how your payment vendor manages security and compliance on their end.
Although Medium-Well Seems Like A Safe Bet…
Sure, medium-well works for steaks, but you can’t get away with payment security that’s only done medium-well. As technologies continue to advance and compliance standards evolve, payment security is not something that you can just “check the box” on. It is something you must continue to monitor and invest time and resources into to make sure your organization is equipped with the highest levels of security and compliance.
If your plan is to rely on your payment vendor for protection, check to make sure they are really delivering the enterprise-level security your organization needs. If your vendor claims to be compliant and secure, ask to see their certifications. It simply isn’t worth the financial and reputational risks to let any potential vulnerabilities fall through the cracks. You want to make sure that every endpoint and all the data flows in between are secured at the highest level possible.
Go Ahead, Order That Filet Well-Done
Because why risk mad cow disease?
Payment security “well-done” means leveraging the best security technology and the highest standards of compliance for your organization’s healthcare payment process. Your best approach is to use a payment vendor who is a PCI Level One Service Provider to know you are processing payments in a way that is secure and compliant with PCI DSS. You want to be able to leverage a PCI-validated P2PE solution to know that payment information is protected from unauthorized parties from endpoint to endpoint. You also want to have the ability to deliver new payment methods like EMV, Apple Pay and Android Pay, which offer advanced security and also enable a positive consumer experience.
The next time you order steak at a restaurant, don’t feel pressure to get it rare. But when it comes to payment security in healthcare, always leverage the highest level of security available (think: USDA Prime Grade, not Standard or Commercial Grade). The risks are far more severe than a pretentious waiter scoffing at your knowledge of meat cooking temperatures.