Hospital data is as confusing as it is sensitive. An automated system for collecting payments can simplify the process while also making it more secure.
An additional benefit of automating payments is it improves collection efforts by allowing patients to settle their bills even when the health care provider’s call center is closed.
Emory Healthcare of Atlanta has used technology from RevSpring the past three years to collect payment card data while also keeping it out of scope from the Payment Card Industry Data Security Standard.
“Our patients have ways to make payments long before or after our hours of operation, which has been a huge contributor to our collection efforts,” Marcus Powell, a revenue cycle manager who monitors payments and self-serve offerings at Emory Healthcare, said in an emailed statement. Emory operates 11 hospitals and 250 medical provider offices.
“Our staff no longer has to activate an application to capture the payment nor key the credit information now that assisted payment options are available, which keeps them free of downtime for application issues and more readily available for the next patient,” Powell said.
RevSpring’s deviceless payments platform has a new SafeMode feature that removes card credentials from the health care providers’ phone and server systems.
SafeMode keeps all payment information, including the dual-tone multifrequency sounds of patients entering card numbers through a dialpad, off the company networks and moves it into RevSpring’s network. The process provides more security for the customer service representatives taking these types of calls, including those working from home.
“The majority of the SafeMode application is going to reside within a call center setting, as we want to get to the level of completely eliminating PCI scope from their network,” said Casey Williams, senior vice president of engagement and payment applications at Livonia, Michigan-based RevSpring.
Even when a patient is navigating the integrated voice response choices on the phone, SafeMode operates “like a firewall” in moving the payment data into the RevSpring network and its PCI compliance, Williams said. SafeMode also covers the IVR options in which a patient is encouraged via text to pay through Apple Pay, Google Pay or other secure options or through an email process.
A high percentage of patients, when given the option to do so, will choose to make a payment through self-service, Williams noted.
Visa and Mastercard have long been pushing for consumers to save their credit card information to a profile and, in turn, provide the merchant with a token for future or recurring payments. That way there is no need for the consumer to reenter numbers.
“With certain verticals, getting that first transaction to tokenize has been logistically very difficult,” said Cliff Gray, senior analyst with the Strawhecker Group. “In health care, older patients especially are only comfortable with reading their card number over the phone, and that is the last thing that Visa and the banks want.”
The types of calls that come into customer support centers have always been the most difficult to remove from PCI scope because the card number has to be clear of the network, Gray said.
“That’s why hosted payment pages have been so successful,” he said. “Those get the consumer to input a number into a machine that is not part of the merchant network.”