How to improve digital payments security for your health system

September 01, 2021

As more healthcare transactions move online, now is the time to ensure your health system is protected with industry leading security measures.

By Tyler Eppley, Vice President, U.S. Bank


The number of digital payments is rising rapidly, a trend that shows no signs of slowing down as the COVID-19 pandemic accelerates the shift towards online purchases and transactions. In fact, digital payment volume continued to grow over 30% in the second quarter of 2021, according to Visa.1

The same is happening in healthcare, driven, in part, by the adoption of virtual care delivery and new opportunities for text and email payments. But as more transactions move online, fraudsters are developing increasingly sophisticated tactics to compromise cardholder payment data.

With most healthcare organizations embracing digital payments as a long-term solution and not just a quick fix during the pandemic, now is the time to ensure your health system is protected with industry-leading security measures. Here are some ways to offer your patients peace of mind about their payment information being secure:


First things first: Secure your organization at every touchpoint

Technology is always evolving to keep up with the latest threats, so as your healthcare organization continues to accept more digital payments, make sure you’re using the newest and best security tools available.

P2PE Validated is the gold standard in the payment security industry, using even more stringent assessments by the PCI Security Standards Council. Many organizations use P2PE, but only P2PE Validated solutions have fulfilled the rigorous security requirements and testing procedures specified by the Council. This means a P2PE Validated solution offers the highest level of security for payment card data stored and processed on your system.

Healthcare organizations using a P2PE Validated solution also benefit from reduced PCI DSS compliance validation efforts and a simplified self-assessment questionnaire. However, keep in mind that only P2PE solutions listed on the PCI Council website are approved by the Council as validated solutions and have been assessed to the complete PCI P2PE Standard.

When implementing any security solution, remember to protect every touchpoint for both patient and non-patient payments, from the parking garage to the cafeteria to the ER. All environments should have advanced security features — even the gift shop, which is where most payment data breaches occur in a healthcare and hospital environment. 


Leveraging new technology

Today’s patients are very interested in using innovative new payment methods, such as QR codes, mobile apps and text to pay. Our 2021 Healthcare Payments Insight Report shows that 31% of U.S. healthcare consumers want their medical provider to support Zelle, Venmo, PayPal or a similar online money transfer service, while almost 50% said they’d use pay-by-text if available.

When incorporating these new technologies, it’s important to include them in your overall security strategy so you don’t leave your healthcare record systems and patient payment data open to vulnerabilities. For example, something that may be stopping patients from using innovative and convenient payment methods is a fear of their payment data being stolen. In our report, we found that of those who would not choose to pay by text, security concerns are the top reason. And 35% of respondents who want to further modernize digital payments indicate they’re concerned about security.

Consumers continue to worry most about their social security number and credit or debit card information being stolen; medical history and health plan information are less of a concern. This means it’s critical to choose a payment processing solution that prioritizes security across all touchpoints, from in person to online and mobile. 


Ease fears with a patient communications strategy

Once you’ve invested in the best security measures for every payment touchpoint, it’s important to let your patients know what you’re doing to keep their data safe. This way, they can feel comfortable and confident using the digital payment methods they prefer, which can speed collection and save your staff from having to follow up on past-due bills.

Sharing that you’re using top-of-the-line security tools is key because patients perceive the healthcare industry to be less secure for payments than retail or restaurants, according to our report. While this is an improvement from healthcare’s sixth position in terms of concerns over security last year, clearly there is still room for improvement — especially as many patients are using digital payments in healthcare for the first time during the pandemic.

Some ways to educate patients include messaging at the point-of-sale or transaction site that indicates all data collected is secure and outlines where they can find more information on the specific protocols being used. This messaging can also be included on your patient portal, IVR system, and paper and e-statements, as well as scripted for staff to reiterate in person or via phone.


Ready to take the next step securing digital payments in your healthcare organization? Learn more about security trends and patient expectations in our 2021 Healthcare Payments Security Report.

Tyler Eppley is the vice president of healthcare payment solutions at U.S. Bank and has worked exclusively with providers for more than 15 years to optimize revenue cycle operations and improve the patient experience.

Related content

How-to guide: What to do if your identity is stolen

Money muling 101: Recognizing and avoiding this increasingly common scam

Automate escheatment for accounts payable to save time and money

Protecting elderly parents’ finances: 6 steps to follow when managing their money

3 awkward situations Zelle can help avoid

Proactive ways to fight vendor fraud

Cybersecurity – Protecting client data through industry best practices

Webinar: How to stay safe from cyberfraud

Restaurant survey shows changing customer payment preferences

Webinar: CSM corporation re-thinks AP

Digital Onboarding helps finance firm’s clients build communities

Higher education strategies for e-payment migration, fighting fraud

The mobile app to download before summer vacation

5 Ways to protect your government agency from payment fraud

Improve government payments with electronic billing platforms

Authenticating cardholder data reduce e-commerce fraud

Unexpected cost savings may be hiding in your payment strategy

Dear Money Mentor: How do I set and track financial goals?

4 benefits to paying foreign suppliers in their own currency

Benefits of billing foreign customers in their own currency

Real-time payments: the next major treasury disruptor

Ways prepaid cards disburse government funds to the unbanked

Want AP automation to pay both businesses and consumers?

Enhancing the patient experience through people-centered payments

Government billing survey: The digital transformation of the payment experience

Automate accounts payable to optimize revenue and payments

Colleges respond to student needs by offering digital payments

Dear Money Mentor: How do I begin paying off credit card debt?

30-day adulting challenge: Financial wellness tasks to complete in a month

4 ways to make practical use of real-time payments

Cybercrisis management: Are you ready to respond?

Tailor Ridge eBill case study

How to keep your assets safe

Overcoming the 3 key challenges of a lump sum relocation program

Learn to spot and protect yourself from common student scams

Higher education and the cashless society: Latest trends

Managing the rising costs of payment acceptance with service fees

How to spot an online scam

Tap-to-pay: Modernizing fare payments pays off for transit agencies and riders

Streamline operations with all-in-one small business financial support

6 timely reasons to integrate your receivables

How COVID-19 is transforming healthcare payments

Luxury jeweler enhances the digital billing and payment customer experience

How Everyday Funding can improve cash flow

Payment industry trends that are the future of POS

Modernizing fare payment without leaving any riders behind

Access, flexibility and simplicity: How governments can modernize payments to help their citizens

Webinar: Approaching international payment strategies in today’s unpredictable markets.

What is a CLO?

Webinar: Mobile banking tips for smarter and safer online banking

Webinar: How to fight off fraud

Webinar: Protect yourself or your loved ones from elder fraud

Webinar: Digitizing receivables to transform B2B rent payments

Checklist: What you’ll need for your first retail pop-up shop

Increase working capital with Commercial Card Optimization

Fraud prevention checklist

How mobile point of sale (mPOS) can benefit your side gig

P2P payments make it easier to split the tab

When your spouse has passed away: A three-month financial checklist

How to save money in college: easy ways to spend less

4 ways to outsmart your smart device

What you need to know about financial fraud

How you can prevent identity theft

Myth vs. truth: What affects your credit score?

ABCs of APIs: Drive treasury efficiency with real-time connectivity

Hospitals face cybersecurity risks in surprising new ways

How jumbo loans can help home buyers and your builder business

How real-time inventory visibility can boost retail margins

Escheatment resources: Reporting deadlines for all 50 states

5 steps you should take after a major data breach

Why KYC — for organizations

Post-pandemic fraud prevention lessons for local governments

How electronic billing platforms improve government payments

Rethinking common time management tips

How to apply for a business credit card

How a small business is moving forward during COVID-19

How to accept credit cards online

BEC: Recognize a scam

Fight the battle against payments fraud

The latest on cybersecurity: Vulnerability testing and third-party software

The password: Enhancing security and usability

3 timeless tips to reduce corporate payments fraud

Digital trends poised to reshape hotel payments

Three healthcare payment trends that will continue to matter in 2022

The surprising truth about corporate cards

Safeguarding the payment experience through contactless

Understanding and preparing for the new payment experience

White Castle optimizes payment transactions

ABCs of ARP: Answers to American Rescue Plan questions for counties

4 tips for protecting your business against Coronavirus-related scams

The latest on cybersecurity: Mobile fraud and privacy concerns

How to improve your business network security

Government agency credit card programs and PCI compliance

3 benefits of integrated payments in healthcare

Webinar: AP automation for commercial real estate

Webinar: A closer look at U.S. Bank AP Optimizer

COVID-19 safety recommendations: Are you ready to reopen?

How to improve digital payments security for your health system

Top 3 ways digital payments can transform the patient experience

Webinar: Fraud prevention and mitigation for government agencies

Webinar: CRE Digital Transformation – Balancing Digitization with cybersecurity risk

Webinar: CRE technology trends

Webinar: Robotic process automation

Webinar: CRE treasury leader roundtable

Start of disclosure content

Loan approval is subject to credit approval and program guidelines. Not all loan programs are available in all states for all loan amounts. Interest rate and program terms are subject to change without notice. Mortgage, home equity and credit products are offered by U.S. Bank National Association. Deposit products are offered by U.S. Bank National Association. Member FDIC.