How healthcare providers handle safeguards to protect payment and PII

Semafone released a survey which aimed to identify the underlying consumer sentiment on payment experiences with their healthcare providers.

Over the last 20+ months, the healthcare system has endured significant challenges and turbulence as a result of the COVID-19 pandemic. Providers of all sizes have been pushed to their limits from every direction, including fast-tracking significant digital transformation initiatives to securely adapt workflows and deliver patient care safely.

In fact, 81% of healthcare executives say the pace of digital transformation in their organization is accelerating, and 93% report they are innovating with a sense of urgency to compress decade-long transformation initiatives into two- to three-year plans, according to Accenture.

The survey reinforces the need for healthcare organizations to integrate digital technology and solutions into all areas of the business ecosystem, including secure payment technology to provide peace of mind and ensure patients enjoy secure and seamless payment experiences.

Large hospital networks need to regain trust

Today’s patient experience does not end when the doctor leaves the room — it encompasses every aspect of care, including the payment and billing process. Between large hospital networks, private practices, specialists, and urgent care, the survey found that 44% of respondents felt that private practices handled payment and personally identifiable information most securely, and large hospital networks were rated by even fewer at 33%.

With a 25% increase in healthcare data breaches year over year and reports of hospitals accounting for 30% of all large data breaches, patients have a heightened sense of awareness and interest in the processes their providers take to protect their information. Due to the extensive networks they serve, large hospital entities, especially, need to pay more attention to the digital transformation measures taken to keep information secure.

“Regardless of size, the entire healthcare industry must do better at navigating and preventing data breaches,” explained Gary E. Barnett, CEO of Semafone. “The sheer number of breaches in and out of healthcare is problematic. Fortunately, there are solutions that provide security and help meet compliance standards, but many of today’s companies still rely on outdated processes for operations. It is no longer acceptable to claim they aren’t aware that highly efficient, effective, and automated solutions exist to save time, money, and risk. Healthcare organizations must seek the right technologies and processes to protect the patient experience.”

Patients’ expectations are high

With so much choice and information available, consumers’ expectations have risen. The perceptions they hold of their healthcare providers will impact the future of healthcare for generations to come. Many fail to remember that contact centers are often the first point of interaction for patients and should therefore be a critical area of focus when it comes to healthcare security—or they risk losing patients.

The survey found that 66% report they would leave a healthcare provider if their payment or personal information was compromised in a data breach due to the provider’s lack of security measures. Further, nearly 90% of consumers believe healthcare providers should face financial penalties for not having proper safeguards in place to protect their personal or sensitive information in case of a data breach.

“No organization will ever be able to predict or prevent every potential breach, but it is crucial to take steps to reduce risk and protect PII,” Barnett said. “By breaching a single system in the contact center, cybercriminals can move from one network infrastructure to the next, jeopardizing the entire healthcare organization and putting sensitive patient data out in the open. We must take steps to curb these threats and answer the increasing demands of consumers to keep data secure with technology that is readily available. If we don’t, the potential of exposing data could be reason enough for patients to leave healthcare organizations altogether.”

Adopting technology solutions that strike a balance, delivering both data security and patient care is critical for providers. When discussing patient protection, payment security must be viewed as an equally important element alongside HIPPA and HITRUST to meet and exceed patients’ expectations.

The approach, preference, and view of payments has changed

Driven by the ongoing pandemic, consumers have changed the way they pay medical expenses and bills, transitioning away from in-person (28% decrease) and mail payments (17% decrease) to alternatives like online systems via provider or website (15% increase), mobile apps (23% increase), and phone (8% increase). As billing becomes increasingly digital, having solutions in place that support payment compliance regulations, like the Payment Card Industry Data Security Standard (PCI DSS), in accordance with privacy measures put in place to protect other sensitive data, is imperative to implementing secure frameworks.

Amid the changes in preferences, healthcare providers should be transparent about the secure methods and technology leveraged across channels. Although consumers feel confident that healthcare providers do a good job disclosing how they keep payment information secure (79%), the survey found that 56% do not know where the data is stored.

As a patient, understanding where and how personal and payment information is stored is important to protect against potential fraud and breaches, in addition to building trust that providers comply with HIPAA and other compliance regulations. Given the large number unaware of where their data is stored, providers have an opportunity to increase education and communication with patients to, in turn, improve the experience and overall sentiment toward the providers for the future.

Even with all the challenges endured and processes adopted over the last year and a half, the healthcare industry is still facing an uphill battle to secure data and personal information. The risk of fraud and data breaches has not halted amid the pandemic. As the industry heads into a new year, it’s time to take charge of the data and ensure the patient experience is the best it can be.