With the increase in patient payments and lack of card security, payment card data in the healthcare industry has become a target for theft. This situation may cause a significant financial risk for you and your patients.
Be aware of potential outcomes of data breaches, as:
- Economic impact on your practice
- Loss of patients
- Bad publicity for your services
- Fines from payment card networks
- Legal fees for lawsuits and settlements
- Increase of merchant processing fees
- Cancellation of Merchant Account
The security standards listed below will help mitigate the risk of data breach in your practice:
- Never copy or store payment card data. The risk of storing payment card are serious, including fraud from inside personnel, or even a data breach
- Install and maintain a firewall configuration to protect cardholder data
- Protect all systems against malware and regularly update anti-virus software or programs
- Do not use vendor-supplied defaults for system passwords and other security parameters
- Restrict access to cardholder data, and assigning a unique identification (ID) to each person with access ensures that each individual is uniquely accountable for their actions.
- Track and monitor all access to network resources and cardholder data. The presence of logs in all environments allows thorough tracking, alerting, and analysis when something does go wrong.
- Continue to educate your employees to prevent an unintentional breach. Statistically, 70% of all breaches are the result of theft which is generally due to employee carelessness.
Payment card breaches are real, and there are severe costs associated with them. It is vital to your business and your patients to ensure that your office complies and stays up-to-date with Payment Card Industry (PCI) Standards, maintaining a high level of security for payment card data. By taking security measures, you can build lasting trust with your patients while enhancing and safeguarding your business and your reputation.