Resources

Client Alerts, News Articles, Blog Posts, & Multimedia

Everything you need to know about BMD and the industry.

Will Your Business be Keying More Credit Card Transactions as a Result of COVID-19?

Blog Post

In this hectic time and uncertainty, owners are making hard decisions regarding their businesses. Some are shutting down, while others are adapting to the daily life changes of COVID-19. Many medical practices are seeing patients on an emergency basis and others are starting to implement a telehealth approach.

For practices that are considering implementing telehealth to connect with their patients, we'd like to share some guidance. Most practices that have a merchant account in place, may want to consider how best to accept payments over the phone. It is important to arrange payment for the copayment before advising your patient. This can be done over the phone. Basic knowledge and advice are as follows:

Face to face merchant accounts are less risky to the bank and therefore have lower pricing. What many owners do not know, is once a transaction is keyed, the cost of doing so could be one to two percent higher than expected. You should be aware of this additional cost, as it will impact your business’ bottom line. Think of it this way, for every ten thousand dollars keyed, the cost could be an additional two hundred dollars.

You can learn from other businesses who experienced a model change. When your local pizzeria decided to start delivery as part of their business, many never considered that their business model changed from roughly ten percent keyed transactions, to over forty percent. This change in business caused their processing rates to skyrocket, and in some cases, the processor closed their merchant account, because of the additional risk involved. Please avoid this disruption in business and contact your current processor before implementing your new keyed environment for accepting credit card payments.

5 things to consider when adopting a credit card-not-present environment:

  1. Contact your current processor and notify them that your business model is changing. Ask them what impact keying transactions will have on your transaction costs. If you feel you might be keying more than thirty percent of the transactions, having a second merchant account for keyed transactions is an option to help reduce costs. If the processor knows you are keying transactions in their underwriting profile, the business is rewarded with lower pricing.
  2. Make sure you are capturing the proper credit card data for address verification. This includes the number of the street address and zip code for the credit card billing location. Additionally, you will need the three-digit CVV code on the back of the patient’s credit card.
  3. Never save this data on the patient’s file. Doing so will increase your scope of PCI Compliance. You are never allowed to store the three-digit CVV number. 3. The Address verification system is a tool that is better known as AVS. When you contact your processor, please make sure they have this tool active in their software. This tool is used for keyed transactions and helps validate the card information is linked to the address of the card user.
  4. Having the proper information helps eliminate fraudulent transactions and lowers the transaction cost. Review your annual PCI compliance. Accepting payments over the phone requires additional PCI compliance steps to help safeguard your patient’s credit card data. Traditionally, merchants that process face to face transactions using a credit card terminal need to perform an annual self-assessment questionnaire (SAQ) B or B-IP.
  5. Card-not-present merchants must complete an SAQ A or C-VT. Knowing this compliance change will help safeguard you against a possible PCI breach.

Make sure your hardware or software is set up properly to accept keyed transactions. We recommend using a virtual terminal that encrypts and tokenizes the credit card data. This technology is called vaulting and eliminates the need to write down the patient’s credit card data on paper or storing it in spreadsheets. Using this type of technology reduces the scope of your PCI compliance audit. Additionally, the vault can be used to store patient card data for future payments. Lastly, please do not have your patient send their card data through an email or text. These communication methods are not secure. Safeguarding your patient’s payment data should be your number one concern.

Many owners are asking if they can charge the patient to help cover the additional cost of accepting credit cards. The answer is yes, but there are regulations that you must follow to be compliant. The process of charging your patient for credit card acceptance is called surcharging.

Here are the core regulations to consider if you want to surcharge your patients:

  1. As of January 27, 2013, surcharging was made legal. Merchants are required to notify Visa, and their acquirer, 30 days before surcharging.
  2. Surcharging is available in 46 states, as of this writing. You are not permitted to surcharge in CO, CT, MA, and KS.
  3. Surcharging is only allowed for credit card transactions. Debit and prepaid cards cannot be surcharged. This includes HSA and FSA cards.
  4. The surcharge must not be more than your cost of credit card acceptance and is capped at 4%.
  5. Patients must be properly notified that you are adding a surcharge. Visa has specific guidelines for this.
  6. Itemization of the final surcharge amount must be identified separately on the transaction receipt.

The CardChoice team is available for any of your questions or concerns, regarding credit card acceptance, as all of us are working through the COVID-19 pandemic. As a reminder, the World Health Organization has reiterated, you should wash your hands, including after handling money, especially if handling food. It is also recommended, when accepting credit cards in person, use contactless equipment to process the transaction. You may reach CardChoice International at 866-350-3200, Ext. 2248, support@cardchoice.com. 


BMD Client Spotlight: IncludeHealth

BMD is happy to share an inspiring business backgrounder on IncludeHealth, Inc. - a Digital musculoskeletal (MSK) care & training platform for providers - and introduce its CEO and Founder, Ryan Eder. Client: IncludeHealth CEO: Ryan Eder Business: Digital musculoskeletal (MSK) care & training platform for providers. Relationship Attorney: Kate Hickner Legal Services: BMD and Kate serve as healthcare counsel for IncludeHealth, providing regulatory guidance as well as HIPAA and other data privacy and security guidance, in an evolving health care delivery, reimbursement and regulatory landscape.

BMD's Chief People Officer Mary Miles Wins Crain's Cleveland Excellence in HR Award

BMD's Chief People Officer Mary Miles Wins Crain's Cleveland Excellence in HR Award

Webinar Recording: Telemedicine Legal and Practical Considerations for Physicians Practices

This webinar discusses the latest developments in telemedicine for physician practices, including Medicare, Medicaid and commercial payor reimbursement requirements, state licensure considerations and HIPAA requirements. Speakers: -Kyle Sharp, MHA, FACHE, Interim Associate VP & Executive Director, OSU Physicians, Inc. -Ronnen Isakov, CPA, Managing Director, Healthcare Advisory Services, Medic Management Group LLC -Kate Hickner, Healthcare & Hospital Law Partner, BMD -Kevin Cripe, Healthcare & Hospital Law Attorney, BMD The speakers will share their personal experiences working with health care providers to implement and grow their telemedicine practices during recent months. The webinar will provide listeners with practical guidance and take-aways that will be useful in their own organizations.

Crain's Cleveland Recognizes Duriya Dhinojwala as a 2020 Woman of Note

Duriya (DD) Dhinojwala's heart, drive and dedication are just a few of the commendable qualities that make her a Woman of Note. Learn more about DD's background and path to success here.

Webinar Recording -- Paycheck Protection Program Loans: Forgiveness Applications

Paycheck Protection Program Loans: Forgiveness Applications