BOSTON--(BUSINESS WIRE)--Semafone®, the leading provider of data security and compliance solutions for call and contact centers, today released its 2021 State of Healthcare Payment Experience and Security Survey, which aimed to identify the underlying consumer sentiment on payment experiences with their healthcare providers.
Over the last 20+ months, the healthcare system has endured significant challenges and turbulence as a result of the COVID-19 pandemic. Providers of all sizes have been pushed to their limits from every direction, including fast-tracking significant digital transformation initiatives to securely adapt workflows and deliver patient care safely. In fact, 81% of healthcare executives say the pace of digital transformation in their organization is accelerating, and 93% report they are innovating with a sense of urgency to compress decade-long transformation initiatives into two- to three-year plans, according to Accenture. Semafone’s survey reinforces the need for healthcare organizations to integrate digital technology and solutions into all areas of the business ecosystem, including secure payment technology to provide peace of mind and ensure patients enjoy a secure and seamless payment experience.
Significant findings from the report include:
Large Hospital Networks Need to Regain Trust
Today’s patient experience does not end when the doctor leaves the room—it encompasses every aspect of care, including the payment and billing process. Between large hospital networks, private practices, specialists, and urgent care, the survey found that less than half of respondents (44%) felt that private practices handled payment and personally identifiable information most securely, and large hospital networks were rated by even fewer at 33%. With a 25% increase in healthcare data breaches year over year and reports of hospitals accounting for 30% of all large data breaches, patients have a heightened sense of awareness and interest in the processes their providers take to protect their information. Due to the extensive networks they serve, large hospital entities, especially, need to pay more attention to the digital transformation measures taken to keep information secure.
“Regardless of size, the entire healthcare industry must do better at navigating and preventing data breaches,” explained Gary E. Barnett, CEO of Semafone. “The sheer number of breaches in and out of healthcare is problematic. Fortunately, there are solutions that provide security and help meet compliance standards, but many of today’s companies still rely on outdated processes for operations. It is no longer acceptable to claim they aren’t aware that highly efficient, effective, and automated solutions exist to save time, money, and risk. Healthcare organizations must seek the right technologies and processes to protect the patient experience.”
Patients’ Expectations are High
With so much choice and information available, consumers' expectations have risen. The perceptions they hold of their healthcare providers will impact the future of healthcare for generations to come. Many fail to remember that contact centers are often the first point of interaction for patients and should therefore be a critical area of focus when it comes to healthcare security—or they risk losing patients. Semafone’s survey found that two-thirds of consumers (66%) report they would leave a healthcare provider if their payment or personal information was compromised in a data breach due to the provider’s lack of security measures. Further, nearly 90% of consumers believe healthcare providers should face financial penalties for not having proper safeguards in place to protect their personal or sensitive information in case of a data breach.
"No organization will ever be able to predict or prevent every potential breach, but it is crucial to take steps to reduce risk and protect PII," Barnett said. "By breaching a single system in the contact center, cybercriminals can move from one network infrastructure to the next, jeopardizing the entire healthcare organization and putting sensitive patient data out in the open. We must take steps to curb these threats and answer the increasing demands of consumers to keep data secure with technology that is readily available. If we don’t, the potential of exposing data could be reason enough for patients to leave healthcare organizations altogether."
Adopting technology solutions that strike a balance, delivering both data security and patient care is critical for providers. When discussing patient protection, payment security must be viewed as an equally important element alongside HIPPA and HITRUST to meet and exceed patients' expectations.
The Approach, Preference, and View of Payments Has Changed
Driven by the ongoing pandemic, consumers have changed the way they pay medical expenses and bills, transitioning away from in-person (28% decrease) and mail payments (17% decrease) to alternatives like online systems via provider or website (15% increase), mobile apps (23% increase), and phone (8% increase). As billing becomes increasingly digital, having solutions in place that support payment compliance regulations, like the Payment Card Industry Data Security Standard (PCI DSS), in accordance with privacy measures put in place to protect other sensitive data, is imperative to implementing secure frameworks.
Amid the changes in preferences, healthcare providers should be transparent about the secure methods and technology leveraged across channels. Although consumers feel confident that healthcare providers do a good job disclosing how they keep payment information secure (79%), the survey found that over half (56%) do not know where the data is stored. As a patient, understanding where and how personal and payment information is stored is important to protect against potential fraud and breaches, in addition to building trust that providers comply with HIPPA and other compliance regulations. Given the large number unaware of where their data is stored, providers have an opportunity to increase education and communication with patients to, in turn, improve the experience and overall sentiment toward the providers for the future.
Even with all the challenges endured and processes adopted over the last year and a half, the healthcare industry is still facing an uphill battle to secure data and personal information. The risk of fraud and data breaches has not halted amid the pandemic. As the industry heads into a new year, it’s time to take charge of the data and ensure the patient experience is the best it can be.
Methodology
Dynata, the world’s largest first-party data platform for insights, activation, and measurement, conducted this survey of 1,000 U.S. consumers (ages 18-65+) on behalf of Semafone.
About Semafone
Semafone provides secure cloud, hybrid and on-premises solutions to contact centers and all businesses accepting payments. In a digital world that has transitioned to remote work environments, its award-winning payment solutions enable organizations to collect personal data securely across all channels – including the telephone, webchat, social media, email, SMS and QR codes. Through Semafone’s patented data capture methods, sensitive information such as payment card or bank details and personally identifiable information (PII), including social security numbers, are collected directly from the customer for processing. This data capture method prevents PII from entering the business and IT infrastructure, protecting against the risk of fraud and the associated reputational damage, ensuring compliance with industry regulations such as PCI DSS. Semafone’s suite of solutions creates a seamless, omnichannel experience that increases sales conversion rates and boosts customer loyalty, while simplifying compliance.
Founded in 2009, the company now supports customers in 26 countries on five continents. Semafone is vertically agnostic and its extensive customer base includes companies such as Amica Mutual Insurance, British Sky Broadcasting, BT Group, and Sutter Health.
Livingbridge is a major investor in Semafone.
As a recognized global leader in secure voice transactions, Semafone’s technology is integrated with over 40 Payment Service Providers. Semafone has achieved the leading security and payment certifications: ISO 27001:2013, UK Cyber Essentials certification, PA-DSS certification for its Cardprotect payment solution, PCI DSS Level 1 Service Provider, registered Visa Level 1 Merchant Agent and Mastercard Site Data Protection (SDP) Compliant Registered Service Provider. To learn more, visit www.semafone.com and follow us on LinkedIn, Twitter and Facebook.