Healthcare Data Breaches on the Rise

It is no secret that cyber thieves love to target the healthcare industry. Recent reports show that healthcare is now the most heavily attacked field, even above the highly reported large retailer breaches as well as breaches within the financial services sector. Described as the year of the healthcare data breach, 2016 saw 376 healthcare data breaches, with 1 in 3 Americans affected – that is approximately 16 million records stolen with a price tag of $5.6 billion in damages.

With so many pieces of data to choose from, cyber thieves can sell off bits of compromised records for multiple fraudulent acts including credit card fraud, insurance fraud and identity theft. The Ponemon Institute reports that in 2016, the average cost per breached consumer record was $141. That number skyrocketed to $380 per record for healthcare organizations.

Why do hackers breach healthcare systems? To find valuable data that can be resold on the black market – especially payment data. As in the multi-million-dollar Anthem and Target data breaches, malware was the culprit and is responsible for a large percentage of point-of-sale (POS) breaches – to the tune of 5 malware attacks every second or 170 million each year.

PCI P2PE for Dental Payments
PCI P2PE for Healthcare

Case Study featuring The Dentist Group, Bluefin and Curve Dental

Learn More

PCI P2PE for Healthcare
PCI P2PE for Healthcare

Case Study featuring Children’s Healthcare of Atlanta (CHOA)

Learn More

PCI-Validated P2PE for Healthcare Payment Processing

Bluefin Payment Systems specializes in PCI-validated point-to-point encryption (P2PE) for the healthcare industry. Our solution encrypts credit card data at the Point of Interaction (POI) in a PCI-approved P2PE device and decryption is done off-site in an approved Bluefin Hardware Security Module (HSM). Our solution prevents clear-text cardholder data from being present in a healthcare organizations’ system or network where it could be accessible in the event of a data breach.

Secure All of Your Payment Channels with P2PE

Healthcare POS Payment Solution

Point of Sale

Call Center POS Payment Solution

Call Center

Healthcare Kiosk Payment Solution

Kiosk/Unattended

Healthcare Mobile Payment Solution

Mobile

Bluefin Provides PCI P2PE through our PayConex Gateway or through the Gateways of our Valued Healthcare Partners

We Make PCI Compliance Simple with our P2PE Manager

Bluefin’s patented P2PE Manager is a 100% online system that offers merchants an easy-to-use tool to administer their P2PE activities and ensure compliance that will allow your business to get the full benefits of PCI-validated P2PE scope reduction.

The P2PE Manager enables Bluefin clients to monitor the complete lifecycle of a payment device. This includes key injection, device shipping and tracking for chain-of-custody, device state and attestation management, and a record of every decryption performed by every device.

P2PE Manager Device Details

“Due to the complexity of our hospital network, we wanted to implement a solution that would provide our customers with the most secure method of processing a payment card transaction at our 45 locations. We implemented a PCI-listed P2PE Solution to reduce the number of PCI DSS requirements that apply to our cardholder data environment (CDE), to secure our patients payment data and to mitigate the risk of a payment data breach.”
Selwyn Carter, Treasury Manager, Children’s Healthcare of Atlanta