Healthcare Data Breaches on the Rise

It is no secret that cyber thieves love to target the healthcare industry. Described as the year of the healthcare data breach, 2018 saw 363 healthcare data breaches compromising almost 10 million records. The leading attack vector remains hacking – specifically, ransomware and malware – to locate sensitive personal and financial data which can be resold on the black market.

Why do hackers breach healthcare systems? To find valuable data that can be resold on the black market – especially payment data. As in the multi-million-dollar Anthem and Target data breaches, malware was the culprit and is responsible for a large percentage of point-of-sale (POS) breaches – to the tune of 5 malware attacks every second or 170 million each year.

Bluefin specializes in PCI-validated point-to-point encryption (P2PE) for the healthcare industry. Our solution encrypts credit card data at the Point of Interaction (POI) in a PCI-approved P2PE device and decryption is done off-site in an approved Bluefin Hardware Security Module (HSM). Our solution prevents clear-text cardholder data from being present in a healthcare organizations’ system or network where it could be accessible in the event of a data breach. Learn more about P2PE on our FAQs page.

PCI P2PE for Dental Payments
PCI P2PE for Healthcare

Case Study featuring The Dentist Group, Bluefin and Curve Dental

Learn More

PCI P2PE for Healthcare
PCI P2PE for Healthcare

Case Study featuring Children’s Healthcare of Atlanta (CHOA)

Learn More

Contact Jessica Belton

Director of Security Solutions for Healthcare, | (404) 450-9115

Secure All of Your Payment Channels with P2PE

Healthcare POS Payment Solution

Point of Sale

Call Center POS Payment Solution

Call Center

Healthcare Kiosk Payment Solution


Healthcare Mobile Payment Solution


Bluefin Provides PCI P2PE through our PayConex Gateway or through the Gateways of our Valued Healthcare Partners

We Make PCI Compliance Simple with our P2PE Manager

Bluefin’s patented P2PE Manager is a 100% online system that offers merchants an easy-to-use tool to administer their P2PE activities and ensure compliance that will allow your business to get the full benefits of PCI-validated P2PE scope reduction.

The P2PE Manager enables Bluefin clients to monitor the complete lifecycle of a payment device. This includes key injection, device shipping and tracking for chain-of-custody, device state and attestation management, and a record of every decryption performed by every device.

P2PE Manager Device Details

“Due to the complexity of our hospital network, we wanted to implement a solution that would provide our customers with the most secure method of processing a payment card transaction at our 45 locations. We implemented a PCI-listed P2PE Solution to reduce the number of PCI DSS requirements that apply to our cardholder data environment (CDE), to secure our patients payment data and to mitigate the risk of a payment data breach.”
Selwyn Carter, Treasury Manager, Children’s Healthcare of Atlanta