To help solve this, the healthcare industry needs a more flexible approach to streamline its payment process, enhance payment security, and manage PCI scope. This is where semi-integrated payments can help.
With semi-integrated payments, the amount due is generated by the healthcare revenue cycle system and sent to the payment terminal. Once the card holder uses a card for payment at the terminal, the credit card data travels directly to the transaction processor for payment authorization. The authorization response from the processor is sent directly to the smart terminal, which forwards the confirmation to the healthcare revenue cycle system.
In this payment environment, sensitive card data never comes in contact with the healthcare revenue cycle system or the provider’s back office infrastructure. This strengthens payment security while it reduces the PCI scope. In the event of a breach or attack on a healthcare provider’s revenue cycle system, cyber criminals won’t gain access to any credit card information because the system didn’t come in contact with it.
A semi-integrated payment environment brings many benefits to healthcare providers. Here are a few reasons to adopt this new architecture:
1. Improved Security and Encryption: Eliminates cardholder data from the revenue cycle system
With a semi-integrated payment solution, healthcare providers can reduce their vulnerability to data breaches by keeping sensitive card data out of their revenue cycle environment. A typical semi-integrated solution is also compatible with payment security technologies such as point-to-point encryption (P2PE), which encrypts and protects payment card data as it’s transmitted from the payment terminal to the payment processor. This provides additional security and renders the encrypted data useless to attackers, even if they manage to compromise the transmission.
By keeping the healthcare revenue cycle system and back office systems out of the transaction flow, semi-integrated payment solutions reduce PCI scope. For healthcare providers, this can result in huge cost savings on compliance and increase the chances of a successful PCI audit. It also saves time because a PCI audit takes less time with a semi-integrated solution than it does with a fully integrated environment
As payment technology moves forward, healthcare providers need to be more agile and responsive to changing customer demands. A semi-integrated solution separates the merchant’s systems from the payment process, which allows them to adopt changes or upgrades to their point of sale or back office systems without affecting payment security.
Given these benefits and the need for stronger security, healthcare providers should consider a semi-integrated approach when upgrading their payment solutions. It provides an easy path to streamline the payment process while reducing PCI scope and greatly improving security. It also saves time and money by helping providers future-proof their payment infrastructure for what may come next.
To request more information about our healthcare solutions, click here.
Jeffrey Fountaine is Director, Healthcare Strategy at Ingenico Group, North America