Everyone makes them. We're only human. But learning from our mistakes, and the mistakes of others, is what makes us successful. It is the same with accepting and processing card payments. Learning to avoid common mistakes can add up to big savings. Here are a few of the most common medical payment processing mistakes healthcare practices and other businesses make, and how to avoid them:
Not asking your processor to help you find the best interchange rates.
Running a medical office takes a lot of time and energy. The last thing you want to do is keep up with all the requirements from the card brands on interchange qualifications. If you are consistently seeing mid-qualified or non-qualified transactions, your processor can help you discover why your transactions are not qualifying for the best rates. Sometimes simple changes can make a big difference, such as ensuring transactions are batched out within established timeframes, making sure POS devices and software are properly encoding transactions, or taking advantage of special programs.
If you don't know, ask. Your payment processor should be able to evaluate your situation and offer money-saving suggestions.
Tossing monthly statements into a drawer without opening and reviewing.
Yes, reviewing a monthly statement can be time consuming, but it also can be time well spent. Familiarizing yourself with cash flow, charges and rate changes gives you a snapshot of your financial health. It also can uncover hidden costs — like batches that are not transmitting within time constraints — which you can work with your processor to rectify. If you don't understand an item or term on your statement, call your provider for an explanation.
Also consider switching to online reporting. Checking your account via a secure website provides an immediate snapshot of transactions, and eliminates the need for paper statements, offering an environmental benefit.
Ignoring Payment Card Industry Data Security Standard (PCI DSS) compliance.
It can be time consuming establish PCI DSS compliance, but it is necessary. PCI DSS is a set of security requirements established to protect cardholders' account data from fraud. The PCI DSS were developed by the PCI Security Standards Council, which includes American Express®, Discover® Financial, JCB International, MasterCard® and Visa® For medical offices and other business owners, the standard requires that all hardware and software coming into contact with cardholders' data must be compliant. The risk of noncompliance includes massive fines, a loss of reputation and bankruptcy.
Not reading the fine print on your payment processing agreement.
Some processors will do just about anything to win your business. They'll offer flashy rates, fancy equipment and fabulous deals. Before entering an agreement, make sure to read the fine print and ask questions.
For example, some processors will offer a "New Low Rate." Many times, this is an introductory rate that expires after a number of months. There may also be a penalty for ending a contract before its expiration date. Other payment processors will offer a low rate, but add extra fees to every transaction. Some processors require you to purchase equipment from them. Others require businesses to lease equipment for a set period, and charge a penalty for opting out before the agreement ends. (Renting equipment month-to-month, with no penalty for changing equipment, is often the best option.)
Remember, all processors pay the same rates to the credit card associations to move transactions. (Both Visa® and MasterCard® post interchange rates on their websites.) The differences lie in the extras (e.g., 24/7 customer service, a dedicated representative, flexible equipment rental, industry involvement, years of experience, sponsoring bank association) a processor offers.