Impact of Patient Payment Compliance Impact of Patient Payment Compliance By Bill Marvin The rise of consumer-directed health care and health plan deductibles has led to a dramatic increase in patient payments and the use of payment cards such as credit/debit and cards attached to health savings accounts (HSAs) and flexible spending accounts (FSAs). Historically, the healthcare industry had processed relatively small quantities of payment cards. As recently as 2007, healthcare payment card transactions accounted for less than $150 billion of the $4.5 trillion in total payment card spending. However, as a result of rising payment card processing in healthcare, the industry is now receiving greater scrutiny for payment card compliance. While other industries are prepared and acknowledge the importance of securing payment card data, the healthcare industry is just beginning to realize the importance of payment card security. Understanding and complying with payment security standards can help protect you and your patients from data breaches. Compliance excellence begins with a functional knowledge of the Payment card industry (PCI) security standards council and an understanding of how to mitigate the risks of a data breach. PCI Security Standards Council Overview Within the healthcare industry, we know that HIPAA sets the standards for securing PHI. similarly, the PCI security standards council was founded in 2006 to develop industry-wide technical data security standards for payment cards, governed by the payment card networks, Visa, MasterCard, Amex, Discover and JCB, the PCI Data security standard (PCI-DSS) defines the requirements and best practices in order to reduce fraud and security breaches. PCI compliance is required in order to process payment cards, primarily because the consequences of data breaches are significant. A Look at Data Breaches With the increase in patient payments and a lack of card security, payment card data in the healthcare industry has become a target for theft. Consider the latest figures on data breaches: The average cost of a data breach is $202 per record In 2008, more than 280 million payment card records were breached. In 2009, payment data breaches represented 98% of all data breaches. Previous Next