Louisiana Policyholders: Notice to policyholders in Louisiana recently affected by severe weather. 

Oregon Policyholders: Notice to policyholders in Oregon recently affected by wildfires. 

keeping patient credit cards on file

Should I Keep My Patients' Credit Cards on File?

Having a credit card on file is a service many patients have come to expect from their healthcare providers. It can be convenient for copays, deductibles, services not covered by insurance or cash patients.

As a doctor, you may find that having patient credit cards on file also benefits you. Some credit card processing systems are integrated with EHRs to make billing more convenient and minimize staff time. It can eliminate the lag in cash flow as you no longer have to wait for patients to pay their bills.

However, there are also significant risks to keeping your patients’ credit cards on file.

Security is a major concern, and you must establish proper procedures to  protect your patients’ information. Some chiropractic practices don’t put in place the level of safeguards needed when handling credit card information.

“If you decide to maintain patient credit cards on file, you shouldn’t keep this information on paper or in your computer system,” said Jean Gerritsen, vice president of card services at NCMIC. She recommends working with your credit card processor to ensure an outside vendor is properly protecting your patients’ credit card accounts.

It’s also important to communicate with patients about how and when their credit cards will be charged. Keep in mind that you cannot require patients to pay through a credit card for chiropractic care or keep charging a credit card without a patient’s authorization.

“Due to the added convenience to the merchant for this service, there are certain safeguards you must put in place, both for HIPAA and for PCI (Payment Card Industry) considerations,” said Gerritsen. For these reasons, you should ensure your credit card processor is working with vendors that securely store your patients’ information and are PCI-validated to do so.

Most important, make sure that no one on your staff stores patients’ card information through non-PCI-validated practices, such as by writing card numbers in a notepad or keeping a spreadsheet of patient card information. The penalties can be costly—both in monetary penalties and negative publicity.

This website uses first party and third party cookies to improve your experience and anonymously track site visits. By visiting this website, you opt-in to the use of cookies. OK