As we pack our bags and prepare for HIMSS19 in Orlando, I started to think about all the touchpoints where data and information can be comprised when traveling. Even though travel and healthcare are two very different industries, they both have multiple consumer touchpoints where security can be compromised. Let’s take a look at what healthcare can learn from traveling to HIMSS19.
Booking Your Flight
Today, most of us go online to book our flights and hotels rooms. In just a few clicks, we can choose our flight times, pick out our seats and even prepay for our luggage. It is a simple and seamless experience that makes it easy for consumers to plan ahead and rest easy knowing their travel arrangements are set. But let’s not forget about the Orbitz data breach that affected as many as 800,000 payment cards in 2016. All online data is at risk, but healthcare data is even more unique and valuable, making it a prime target for cybercriminals and hackers. It is so important for healthcare organizations to ensure that consumer payment card information stays off their network. Tokenization enables healthcare organizations to deliver a seamless and secure online consumer payment experience within their existing portals with cardholder data never touching their servers. As a result, consumers can make one-time payments and also have full access to their digital wallet for future or recurring payments while using any device. Likewise, healthcare organizations significantly reduce their PCI compliance efforts and ensure that cardholder data is protected.
Asking Questions About Your Travel
When you call into a hotel or airline with questions about your reservation, they are going to ask you for information that verifies your identity. In most cases this includes a reservation or confirmation number or it may require the credit card used for purchase. Whether you are paying a healthcare bill or calling about your hotel reservation, it is important to ensure your phone calls are secure so cardholder data cannot be compromised. Collecting payments over the phone presents a point of vulnerability that doesn’t exist with other payment channels due to the sound made by their key tones. The moment card data is keyed in, it is at risk. With VoIP protection, consumers are prompted to enter their credit card number into a keypad instead of speaking the credit card number to an employee. The dial tones created by the keying in of the credit card number are intercepted and then sent back to the call center employee as flat notes via a process known as dual-tone multi frequency (DTMF) masking. VoIP protection eliminates exposure of payment data and dramatically reduces the cardholder data environment and PCI scope, all while allowing conversations over the phone to be protected.
Time to Check In
You’re now only a day away from your trip and it’s time to get packing! Before even arriving to the airport, I can check in to my flight so that I have no additional steps to complete once I arrive. I can go onto my airline’s website, or simply log into their app, pull up my flight details and click check in. While there, I can confirm my flight times, see my departure gates, choose a different seat if needed and can add additional baggage if I realize I may have more luggage than I expected. Why shouldn’t patients have a similar experience? Healthcare organizations can interact with patients pre-service through their mobile device to accelerate online payment and eStatement adoption. Use this touchpoint to allow patients to view and understand their eligibility information before being billed, pay copays and balances with a digital wallet, enroll in eStatements and seamlessly pay all future bills with automatic payments. Plus, patients can save their payment information to a secure digital wallet to make their next payment experience convenient and protected. Consumers have come to want and expect frictionless experiences like these that allow them to control and manage their healthcare bills, or flight details, from their own mobile device or tablets.
Going Through Security
TSA security is put in place to make sure passengers have a safe flight and travel experience. It is important to ensure nothing that can cause harm to any individuals is brought into the airport or on to a flight. Healthcare organizations need to do the same when they consider what information they are letting onto their networks. If you regularly scan your networks for vulnerabilities, you can detect threats sooner and move faster to prevent attacks. Along with regular network scans, your organization should also consider patching your systems. A patch is a piece of software designed to update a program or the supporting data and operating system to fix or improve it. Patches can protect your systems from harmful threats lurking on networked devices. TSA puts in place guidelines for what you can and cannot bring with you when you travel. Healthcare organizations can arm themselves with the right tools and best practices to ensure that nothing harmful passes through the gates of their network.
Although healthcare is unique, there is much it can learn from the experiences that consumers have in other industries today. Are you going to HIMSS19? Schedule some time to go grab a cup of coffee with the InstaMed team or stop by booth #1987 to meet. We can talk more about how to improve payment security at your healthcare organization with InstaMed.