Do you want to pay a healthcare bill online? Make a payment now

PHILADELPHIA, PA and NEWPORT BEACH, CA (October 12, 2016) – InstaMed, healthcare’s most trusted payments network, announced today that it has been validated by the Payment Card Industry (PCI) Security Standards Council (SSC), as having met the rigorous controls defined in the PCI SSC Point-to-Point Encryption (P2PE) Standard version 2.0 for the protection of payment card data. InstaMed is the first in healthcare to achieve P2PE v2.0 Validation and is the only single platform in healthcare that delivers an end-to-end payment solution that is PCI Level 1 Service Provider, EMV and HITRUST certified.

InstaMed was audited against the strictest PCI standards for encryption, and the PCI Council approved InstaMed’s Healthcare Payments P2PE as P2PE v2.0 Validated. This validation allows InstaMed customers to meet the highest levels of security and compliance when collecting card payments. InstaMed customers also simplify their PCI compliance programs to a reduced Self-Assessment Questionnaire (SAQ) while decreasing operating and remediation costs by eliminating scanning and penetration testing.

“While healthcare organizations adopt more innovative solutions for patient payments, they can create more risk to patient credit card data,” said Tony Hansen, Senior Security Consultant at Providence Health and Services. “It is crucial for us to secure the end-to-end payment data flow, or we risk exposing ourselves to a serious breach. Our responsibility as a healthcare organization is to protect sensitive patient data, which includes their payment information. P2PE is key in protecting that information. InstaMed’s continued commitment to innovative and secure solutions allows us to meet our obligations of keeping our patients’ data protected and reduces our cost of being compliant.”

InstaMed was validated by Coalfire Systems Inc., an independent PCI P2PE Qualified Security Assessor (QSA).

“Maximum PCI scope reduction can only be achieved by using P2PE v2.0 solutions that appear on the PCI list of P2PE Solutions. Merchants that use P2PE Validated Solutions as their exclusive card-present retail payment method immediately reduce the scope of their audits,” said Kennet Westby, President of Coalfire. “With InstaMed’s P2PE v2.0 Validation, InstaMed continues to have the most effective data security controls available in healthcare today.”

In support of InstaMed’s P2PE v2.0 Validation, InstaMed has released a new white paper titled “Security and Encryption in Healthcare Payments.” As part of the white paper, Coalfire offers its assessment and validation of InstaMed’s security. InstaMed and Coalfire will be holding a webinar on October 27, 2016. The webinar will cover how P2PE works and how healthcare organizations can benefit from leveraging a P2PE v2.0 Validated solution.

Download the white paper and register for the webinar at www.instamed.com/P2PE.

“InstaMed has a mission critical focus on security and compliance. This ‘first in healthcare’ milestone demonstrates our unwavering commitment to meeting the highest level of security and compliance for both healthcare and payments,” said Bill Marvin, President and CEO of InstaMed. “InstaMed users trust us to deliver the most secure and compliant healthcare payments platform, and we will continue to deliver that 24/7, 365 days a year.”

About Coalfire
Coalfire is a leading, independent information technology Governance, Risk and Compliance (IT GRC) firm that provides IT audit, risk assessment and compliance management solutions. Founded in 2001, Coalfire has offices in Dallas, Denver, Los Angeles, New York, San Francisco, Seattle and Washington, D.C., and completes thousands of projects annually in retail, financial services, healthcare, government and utilities. Coalfire has developed a new generation of cloud-based IT GRC tools under the Navis brand that Coalfire clients use to efficiently manage IT controls and keep pace with rapidly changing regulations and best practices. Coalfire’s solutions are adapted to requirements under emerging data privacy legislation, the PCI DSS, GLBA, FFIEC, HIPAA/HITECH, NERC CIP, Sarbanes-Oxley and FISMA. For more information, visit www.coalfire.com.