Accept Credit Cards In Your Practice? Excellent Resource To Help Ensure You Meet Payment Card Industry (PCI) Compliance

By Christopher Fisher, PhD on June 27, 2009 in Resources

I think it is safe to assume that most psychologists and physicians accept credit cards for payment of services within their practices. As most clinicians are probably aware, credit card and identity theft remains a major concern in today’s business environment. The Texas Psychological Association (TPA) recently published a great review of Payment Card Industry (PCI) Compliance regulations to help psychologists meet these PCI standards. Of course, this information applies equally well to physicians and other healthcare providers. What is Payment Card Industry Compliance? Credit card companies, such as American Express, Visa, and MasterCard, set up the PCI Security Standards Council to establish standards and guidelines designed to ensure safe credit card transactions. Check the end of this report for links to these resources.

The TPA blog points about that psychologists are obligated to maintain the confidentiality and security of their patients’ credit card information, and suggests that most psychologists will fall under a Level 4 PCI compliance (i.e., less than 20,000 transactions per year). Surprisingly, Level 4 companies, not the Ebays and Amazons, are at a greater risk to reveal private credit card data because these business are not aware of or savvy with computer and credit card security concepts.

The TPA blog provides a nice summary of security measures that all psychologists should implement. Some of these recommendations are very basic like maintaining a firewall and anti-malware security on your computer and storing printed credit card receipts in a locked, secure file cabinet. Advanced security measures include establishing secure connections (SSL) with strong data encryption techniques with your credit card processor. On a final important note, TPA also warns psychologists to avoid credit card processors who charge an extra fee for PCI compliance, adding that businesses should never be charged additional fees to comply with PCI guidelines.

Visit the TPA blog article here.
Visit the PCI Security Standards Council here.

CFisher

About Christopher Fisher, PhD

Dr. Christopher Fisher, Managing Editor for The Behavioral Medicine Report, received his PhD in Clinical Health Psychology & Behavioral Medicine from University of North Texas. His clinical training emphasized biopsychosocial approaches to health and wellness, including Cognitive Behavioral Therapy (CBT), neurofeedback, biofeedback, cranial electrical stimulation (CES), and QEEG. He is Board Certified in Neurofeedback (BCN) by BCIA. Dr. Fisher also received a master’s degree in Clinical Psychology from Texas A&M - Corpus Christi. Dr. Fisher maintains a private practice in Corpus Christi, Texas, and offers individual therapy, group therapy, peripheral biofeedback, and neurofeedback. You can learn more at http://www.christopherfisherphd.com. He also maintains an informational website for panic attacks (panic disorder) here: http://www.panicintervention.com Dr. Fisher enjoys spending time with family, watching sports and movies, and outdoor activities.

View all posts by Christopher Fisher, PhD →