Securing Patients’ Debit and Credit Cards
Many people pay for their dental treatments with their debit and credit cards (Drayer and Lee 2016). Stuart J, Oberman, Esq., who “handles a wide range of legal issues for the dental profession, including cyber security breaches,” states, “In fact, many hackers specifically target small dental offices because they believe small businesses don’t have the resources for sophisticated security devices and do not enforce employee security policies” (2015). Additionally, according to Ruston Miles, “founder and chief innovation officer of Bluefin,” “With troves of valuable patient personal and payment data stored on networks, health-care breaches happened at the rate of one per day in 2016, with over 27 million records affected.(2)” (2017). Due to this risk of theft, clinics should implement security measures, assuring patients that their payment information is safe.
A variety of security measures can protect the patients’ debit and credit card information. Keith Drayer, “vice president of Henry Schein Financial Services (HSFS),” states, “The payment processor should be fully compliant with all industry security standards, and offer additional security features such as Verified by Visa, MasterCard SecureCode, and address verification and check routing number validation, to name a few” (2012). Dental clinics could also get chip and pin terminals because people are using debit and credit cards with EMV chips, which “are computer chips… that replace the old magnetic strip technology and offer a more secure payment service. Use of the EMV chip shifts liability away from merchants in cases of fraud” (Alexander 2016). Alternatively, dental clinics could utilize virtual merchants, which would “[encrypt] the previously vulnerable magnetic strip” on the card (Alexander 2016). Virtual merchants utilize a process called “‘tokenization,’ which will supplement vulnerable information upon processing transactions. Instead of assigning a vulnerable credit card to your patients, they will be assigned secure client IDs that can be accessed for payments within your individual merchant system” (Alexander 2016). Clinics should use chip and pin terminals and virtual merchants in order to show their patients that they will ensure the safety of the information on their debit and credit cards (Drayer and Lee 2016). Clinics should also make sure their websites, which may contain the patients’ credit card information, is protected from criminals by utilizing “an SSL (Secure Sockets Layer) or TLS (Transport Layer Security) system, which set up an encrypted connection between a browser and a web server” (Marks 2018). Like the security measures for debit and credit cards, security on a website assures patients that the practice can effectively protect their financial information (Marks 2018).
Clinics should take care to protect their patients’ payment information. By doing so, their patients would not have to worry about any theft when they pay for their treatments.