How the Threat of Data Breaches Can Help Make Billing Services More Secure the compliance officer for a large organization in the healthcare and financial sectors, I am distressed to hear recent reports of large-scale data breaches across all industries. In light of these data breaches, it is important to think about how they affect the enormous amounts of sensitive healthcare payments data that are processed every day. Combine that with the fact that these payments are processed by multiple payors, and there is the potential for a data breach on a large scale. Still, there are ways billing services can ensure the data they process is truly secure. Consider the Increased Risks – and Regulations – for Healthcare Payments The risk of a data breach during healthcare payment processing is high, especially at the point of interaction with a patient payment card. additionally, the financial and reputational costs of a breach are significant. To prevent this, organizations must incorporate safeguards to protect data during the processing of healthcare payments (defined as payments involving bank account or payment card numbers). These include appropriate policies and procedures, and encrypted and monitored technology and devices. The safeguards are used throughout the entire billing process, beginning with claim submission to receiving, posting, and reconciling payments. Quick tip: Visit www.HHS.gov regularly for up-to-date information on the HIPAA Privacy Rule and potential penalties for violations. Leverage Payment Technology for Efficiency and Security With new mandates in place from healthcare reform and the rise of consumerism in healthcare, billing services are increasingly leveraging payment technology to streamline their workflow, 30 HBma BIllINg • maY. juNe.2014 reduce costs, and increase collections for their clients. To do this securely, billing services may look to an integrated network to process healthcare and payment transactions. This will ensure a secure payment process by integrating disparate processes on a single, secure platform. Select a Secure, Certified Platform When selecting a platform for healthcare payments processing, billing services should evaluate their potential vendors carefully. For example, they should determine if a vendor is certified for the highest standards in handling protected health information (PHI) and is maintaining security of financial data exchange. This applies to all aspects of physical, administrative, and technical security that is required by Visa, masterCard, and other bank-card associations. It is also required by HIPaa and other internal audits. Quick tip: Trusting vendors that self-attest to being compliant can be dangerous. Instead, ask to see the vendor’s security credentials, which must be independently validated by reputable security firms or industry organizations. Maintain Security for Financial and Healthcare Data Billing services can ensure that data is safe and that they meet industry standards by working with vendors that have achieved full accreditations from the electronic Healthcare Network accreditation Commission (eHNaC), including the Healthcare Network accreditation Program (HNaP) and the Financial services accreditation Program (FsaP). The eHNaC HNaP accreditation recognizes excellence in healthdata processing and transactions and indicates that accredited organizations exceed industry-established standards and comply with HIPaa regulations. The eHNaC FsaP accreditation demonstrates that an organization meets a high standard of quality in handling PHI and follows industry-established criteria for processing payments. By Mark Krapels As
Billing_MJ14
To see the actual publication please follow the link above