This is a guest post from the team at VisitPay.

See how Sphere and VisitPay enable health systems to meet consumer expectations through Text to Pay. 

In this Q&A, Vincent Martino, Chief Product Officer & Co-Founder of  VisitPay, talks about the impact of the partnership on the patient financial experience.

Why is it important to offer financial support to patients via their mobile devices?

Vincent Martino: Offering mobile-enabled tools to manage and self-service healthcare billing obligations has become a baseline capability for any financial engagement strategy. Demand for a text to pay solution is clear through our continual extensive consumer research. In fact, about 50% of our VisitPay platform logins today are from a mobile device with some of our clients seeing that number approach 60%.

Many variables determine how patients manage bills and the best way to engage with these patients. Because patient preferences vary so broadly, health systems need to consistently provide patient-tailored and accurate financial information across multiple channels of communication. A one-size-fits-all billing strategy lacks the flexibility and personalization required to meet people where they are in their lives.

Now that many people – and not just younger generations – manage their lives through their mobile devices, more consumers expect to be able to manage their healthcare needs anywhere, anytime, and on their own terms. Most industries, including healthcare, are investing considerable resources to reach and engage with consumers through mobile devices.

Why is Sphere the right partner for VisitPay and how can this partnership benefit health systems and their patients?

Martino: We view Sphere as a market leader in payments technology, security and compliance. We’ve been working with Sphere for over six years to process payments securely on behalf of our health system clients. Together, we have launched a mobile payments solution called Text to Pay, which allows health systems to securely accept patient payments through text messages while integrating seamlessly with existing EMR platforms, like Epic. This solution gives patients an additional, convenient way to pay their healthcare bills.

What kind of health system can VisitPay and Sphere best serve?

Martino: Both VisitPay and Sphere are adept at serving large, multi-facility health systems. At VisitPay, we serve some of the largest health systems in the nation including Intermountain Healthcare, Texas Health Resources, Henry Ford, and Inova. These healthcare organizations typically already have a patient payment approach in place and are looking to open up new channels to collect payment easily and in a way that’s convenient for the patient. Another important aspect for our clients is that our platform is tightly integrated into their existing EMR providing ease for staff and a unified experience for patients.

How does it work and what are the key capabilities of Text to Pay?

Martino: The patient begins by opting into Text to Pay and storing a secure payment method. VisitPay monitors all billing activity and sends an automated notification via SMS when there is a new balance to pay. The system provides a great deal of flexibility in that patients can actually pay one or more balances at a time. For example, they can pay full or partial balances, create payments over time and set a payment threshold.

The system also has intelligence built in and uses automated text bot responses based on what the patient is trying to do. This gives the patient on-demand information should questions emerge while making payments. These text bots also share important information that a patient might require during the process, reducing the need to contact the health system call center.

All messaging to the patient, as well as text frequency, is customizable by the health system and configurable by the user.

How does Text to Pay help health system operations?

Martino: When patients are given self service tools, inbound calls to the health system drop significantly. Calls to make payments over the phone  become  less frequent, and fewer questions arise about how much patients owe since patient’s have insight and clarity around their bills.

An additional way Text to Pay supports health system operations is by having all payments automatically post back to the core billing system. This alleviates any need for manual intervention typically required for payment posting by revenue cycle staff. We also have created advanced proprietary logic to ensure no credit balances are created like many manual and automated payment methods do today.

What are the financial benefits for the health system offering Text to Pay? 

Martino: One of the biggest advantages of Text to Pay for a health system is getting paid faster. Text to Pay is based on automated alerts to patients, who naturally pay faster because notifications come directly to their phone, the device through which they manage their everyday lives. They schedule appointments, plan their social lives, order products and services, and manage their money through their phones. We know that patients are very responsive to texts and through the Text to Pay solution they will be alerted once their balance becomes known. With patients paying faster we anticipate days AR to go down.

How hard is it for a health system to implement Text to Pay?

Martino: We’ve designed this to be very easy to implement. It’s meant to be fully complementary to existing tools so it can be plugged into any existing payment portal, including MyChart. It doesn’t disturb or disrupt any payment solution already in place today. Additionally, deployments are easy. Some basic data is needed from the health system before automated notifications to patients can begin, and in turn we send data back to the health system for posting and reconciliation purposes . This can all be done in real time if the health system has those capabilities.

How can Text to Pay positively affect the patient’s financial experience?

Martino: There are patients who want a fast, flexible experience and are comfortable paying from their phones.  Text to Pay meets these patients where they are and in how they want to pay. We know that when patients are given options on how to pay, net promoter scores increase which in turn generates loyalty between patient and health system.

How does Text to Pay fit into and complement the broader VisitPay solution?

Martino: Text to Pay is one component of a much larger patient financial experience platform that incorporates machine learning, advanced analytics and the ability to capture data across ambulatory and acute-care billing systems. Through all our products, health systems can surface granular insights into patient preferences and expectations. This gives them the ability to present the right offer at the right time to each unique patient, while adhering to the health system’s policies. This ultimately drives higher patient satisfaction along with higher payments.

See Text to Pay in Action

To learn more about Text to Pay, click here to set up some time with a Solutions Consultant. If you are going to be at HIMSS, stop by booth #2488 to see it in action.

 

This is a guest post from our non-profit partner Qgiv

Hospitals and other healthcare organizations work day and night to ensure they offer the best service and medical experience for everyone involved. Because health organizations are often busy with a never-ending flow of patients and high-intensity tasks, they often don’t have time to really think about their own needs.

That is why healthcare fundraising is crucial for health organizations. Running a medical-based organization takes an incredible amount of resources. You need a great fundraising program in order to support your foundation’s philanthropic goals, serving your community and staff.  

Sphere is proud to partner with Qgiv and is working toward making fundraising accessible and meaningful for health organizations. With Qgiv’s comprehensive fundraising platform, healthcare fundraisers can oversee the entire donation process, engage with past patients and active supporters, and boost their overall fundraising revenue.

Ensure your health organization has all the resources it needs! Here are some ways you can use Qgiv to supplement your healthcare team’s fundraising efforts; you can:

  • Securely process online donations.
  • Engage donors with peer-to-peer fundraising.
  • Invite top supporters to a hospital fundraising gala.
  • Motivate giving with text fundraising.
  • Easily oversee capital campaigns.

Read on to learn about how you can take advantage of Qgiv’s software and increase fundraising for your health organization. Let’s get started!

Securely process online donations.

These days, offering online donations is more of a necessity than a nice bonus. According to PewResearch, 90% of Americans are active Internet users—your potential donors are active on the Internet! Additionally, the last thing on your patrons’ minds is making a stop at the donation office to drop off a check while they’re in your hospital. An online donation might be the only way they’d make a gift.

With fundraising software like Qgiv, processing online donations and gifts have never been easier. You can customize the online donation form to a specific campaign and even brand it to your health organization with your unique colors and your logo.

With these other features, your online donation form will encourage donors to complete that donation:

  • Easy-to-use form builder. You don’t have to be a coder to create the perfect donation form for your healthcare organization. The form builder makes it easy to customize your donation form so you always get critical donor information without wasting your donor’s time with unnecessary fields.
  • Recurring gift options. Donors often want to thank your health organization in a generous way, but can’t afford to do so all at once. Include a recurring gifts option so donors can space out their contributions in a way that’s convenient for them. Recurring donations have the added benefit of providing is consistent, predictable support for your health organization.
  • Suggested giving amounts. This is a great way to inspire your donors to give a little more than they might have originally. Sometimes, a potential donor won’t know exactly how much to donate, get overwhelmed trying to make a choice, and end up closing the window without making a gift. Offer a few suggested giving amounts with associated impact statements to help them decide how much to give and show them what their money can achieve.
  • GiftAssist. When someone makes an online donation, the nonprofit has to pay a processing fee. With Qgiv’s GiftAssist, donors can choose to offset that fee by adding a couple of dollars to their gift. This is a popular option! Right now, around 55% of donors make this additional gift if their favorite nonprofit gives them the opportunity.
  • Secure payment processing. You can use Qgiv and Sphere payment solutions together for safe, secure payments. Qgiv was the first online fundraising software to become Level 1 PCI Compliant, so you know your donors’ financial information is in safe hands.  Qgiv’s top-notch security is reinforced by their streamlined forms that can be branded to match your individual nonprofit.

Qgiv not only gives you the tools to create the online donation form that suits your efforts best, it also empowers your donors with multiple fundraising options and facilitates them in a safe and secure way.

Engage donors with peer-to-peer fundraising.

A great way for hospitals and other healthcare organizations to raise support is to run a peer-to-peer fundraising (P2P) campaign. A P2P campaign is especially great for healthcare organizations that engage volunteers; each volunteer likely has their own personal story about how they’re connected to your institution. Let your supporters express this to their own network of friends and family and fundraise on your health organization’s behalf!

Though you can technically conduct P2P campaigns without any outside tools, most nonprofit organizations will invest in a platform specifically for these efforts. With a fundraising solution like Qgiv, you also have access to their top peer-to-peer features. When you use their peer-to-peer platform, you can:

  • Give each P2P volunteer their own branded online donation page. Customize these pages to fit your overall campaign, then let each volunteer add their own photos, testimonials, and stories about why your health organization and fundraiser is important to them. This way, their own friends and family instantly feel more connected to your cause because they share a personal link to your work.
  • Encourage more fundraising with gamification elements. Qgiv gives you the tools to motivate your volunteer fundraisers, including a leaderboard showing top fundraisers, fundraising thermometers, fundraising badges, and more. When P2P volunteers see how close they are to being first in the leaderboard or see how much money is left until your end goal, they’re encouraged to stay active in the fundraising process.
  • Each P2P volunteer can easily share their individual fundraising page on social media and can even schedule posts in advance. You can make sharing on social media even easier for your participants; Qgiv provides the option to built pre-written social post templates that can be tweaked and published by individual users.
  • Monitor all fundraising activities from one central platform. Qgiv’s control panel allows you to oversee your fundraising participants, their teams, and your progress in real-time.

Empower your supporters by letting them fundraise for you. Just ask VISTE! VISTE, Volunteers in Service to the Elderly, is an organization that helps the elderly travel to doctor appointments, provides in-home meals and food, and more. With Qgiv’s tools, they were able to raise around $30,000 during their last peer-to-peer campaign.

Invite top supporters to a hospital fundraising gala.

Hospitals and other health organizations often host live fundraising galas in order to raise awareness for a cause, collect money for a project, announce an exciting change, or recognize their top donors.

But managing registration, planning the gala festivities, and ensuring each guest is properly engaged, can make event preparation a long and difficult process.

Take the stress out of planning and managing your hospital fundraising gala with Qgiv’s event management software. Consider how these top features can elevate your fundraising gala:

  • A variety of registration options to meet the needs of all your supporters. Let people register in groups (like for a family) or as individuals! You can also create certain packages for guests registering as a table and even offer discounts and promo codes to top supporters.
  • Social sharing options on your event form. Make it easy for potential guests to share your event with their friends and family.
  • Easily-incorporated auction features with Qgiv’s auction tool. By including a silent auction element in your gala, you can auction off interesting items and let your guests bid in real-time (from their phones). Qgiv’s mobile app makes it easy to streamline the registration, check-in, and post-auction checkout process.

A live fundraising event is a great way to bring together your supporters and donors and remind them of the good your healthcare organization has accomplished! Make sure you have all the necessary tools to plan this quickly and efficiently.

Motivate giving with text fundraising.

One of the best ways to increase fundraising for any nonprofit organization is to provide multiple giving channels for different groups of donors. A popular channel includes mobile solutions for giving. Another PewResearch study found that 96% of Americans own mobile phones. A vast majority of people have near-constant access to mobile phones and are highly likely to use a tool like mobile giving.

Qgiv has dedicated software to make text fundraising and mobile giving as easy as possible for nonprofit fundraisers and donors alike. Your healthcare organization can take advantage of different types of text fundraising that Qgiv supports:

  1. Text-to-Donate: This simple donation method involves donors initiating a gift via texting a campaign keyword to a designated shortcode. Donors enter the amount they want to give and are presented with a link to a mobile form to officially complete the gift.
  2. Outbound Text Messages: Outbound text messaging is a powerful way to make urgent requests, share information about upcoming events, remind donors to finish their mobile gift, or provide updates on a fundraising campaign. Qgiv’s outbound text messaging tool makes it easy to build and manage lists so you can reach the right donors at the right time.
  3. Bill-to-Carrier Text Donations. This traditional text giving style involves a donor sending a keyword to a text shortcode. Instead of finishing their transaction on a mobile donation form, the predetermined donation amount is billed to the donor’s cell phone bill. Later, their carrier transfers the donation to the charitable organization.

Text-based mobile fundraising is not only simple to set up but also gives your donors a chance to give wherever and whenever they want to.

Easily facilitate capital campaigns.

Hospitals and other health organizations often need to raise money for larger projects like building renovations or new medical tech. Those large campaigns usually require large-scale fundraising efforts that involve more than just a simple online donation page. This is where capital campaigns come in.

A capital campaign is a focused effort to raise a sizable amount of money within a certain timeframe. This type of campaign usually funds high-cost changes that will help your organization run more efficiently and continue to offer the highest quality services. It often takes years to reach a capital campaign’s fundraising goal.

Capital campaigns typically include multiple fundraising efforts, including events, online and offline fundraising, and text-fundraising channels. That is why a comprehensive solution like Qgiv might be the best choice for this kind of large-scale campaign. Your healthcare organization can integrate the software with your CRM and:

  • Capture the necessary donor information. Using your online donation forms, event registration pages, and other giving methods, you can accurately record each donation with the appropriate details alongside it. You’ll gradually build a list of people who supported this capital campaign, which will leave you plenty of opportunities for future engagement. For instance, prioritize engagements with those who gave substantial gifts to see if they could be cultivated into becoming major gifts donors.
  • Keep up communication with donors. As the campaign progresses, use the donor data in your CRM to continue donor engagements, including thank-you messaging, progress updates, and more. You can even send them matching gift information if you think their gift can be doubled by their employer.
  • Vary your fundraising efforts. Get creative with your capital campaign! You can conduct peer-to-peer campaigns, start a mobile fundraiser, and even host an auction! No matter what you choose to do, all that data will be safely centralized in your CRM to review it whenever you want.
  • Review campaign progress in real-time. Use Qgiv to create custom reports and track specific statistics so you can see how you’re doing as the campaign progresses. You can also use Qgiv’s FundHub tool to aggregate data from individual campaign events, donation forms, text keywords, and more. Getting a birds-eye view of all your fundraising activity will help you identify areas to improve and track which methods are performing best.

With Qgiv on your side, you’ll be able to successfully manage your entire capital campaign from one place and easily pinpoint areas for improvement or of success. Reach your fundraising goal and help your capital campaign objective come to fruition with this comprehensive solution.

By Dr. Heather Mark, CCEP

The data economy has become so pervasive in today’s business that it sometimes is necessary to pause and think about where we’d be without the explosion of data that businesses have at their disposal.  Cloud software firm, Domo, releases an annual report each year on the astronomical growth of data.  Their report, Data Never Sleeps, provides a fascinating example of just how people are using the internet, leaving digital trails to be followed.  According to Data Never Sleeps 7.0, more than 511,200 tweets, 18, 100,00 texts, and 188,000,000 emails are sent PER MINUTE. And that doesn’t include our unintentional data creation – the Internet of Things, or our browsing history, or geolocation data. Our world runs on data, which means that as consumers, we need to be able to trust that our data won’t be misused by the companies with which we do business.

A PwC survey conducted in 2017, tells us that consumers are becoming more cynical about how companies handle data.  Just 25% of survey respondents believe that companies handle data responsibly and less than 15% believe that the data will be used to improve lives. Further, 87% of those respondents have said that they will take their business elsewhere if they don’t trust the data handling practices of a company.

In Francis Fukuyama’s book, Trust: The Social Virtues and the Creation of Prosperity, he proposed the idea that trust and ethics was central to economic well-being.  “If people who have to work together in an enterprise trust one another because they are all operating according to a common set of ethical norms, doing business costs less…”  It costs less because we know that our colleagues and our partners will behave in ways that we expect, and that serve the good of the organization.  Similarly, as consumers, we are more likely to do business with organizations that we trust.

An essential element of trust is transparency. Again, referencing the PwC survey, 71% of consumers find the privacy policies posted by companies to be difficult to understand.  If a consumer believes that an organization is intentionally obfuscating its practices, trust erodes.  When trust erodes, consumers say they will take their business elsewhere.

The moral of the story here is that as we move more fully into the data economy, we must also move more fully into being trustworthy stewards of personal data.  We do that, by adhering to the letter and the spirit of the data protection laws and establishing strong information practices.  Some of those practices include:

  • Data Flow and Categorization – It sounds cliché, but you can’t protect what you don’t know you have. So, the first step that is typically suggested is doing a data flow or data mapping.  This helps you to determine where the date is coming from, how it’s being used, and who you might be sharing it with.  You may find that you’re collecting more data than you need, or that you’re sharing it with vendors that don’t need it.
  • Limit Collection of Data – Another old axiom in the data security and privacy business is “don’t collect what you don’t need.” To put it simply, it’s difficult to disclose or inappropriately use data that you don’t have.  Once you’ve done a data mapping exercise, you can review this with your team to determine which data is strictly needed as opposed to “nice to have.”  Moreover, many of the fair information practices are built on the notion of only collecting the data that you need to complete transaction with the individual.
  • Disclosures – Transparency with your constituency about what data you’re collecting and when, and how it’s being used is one of the simplest, but most important, steps that can be taken with respect to privacy. Visitors to your site, and consumers of your product or services, can’t make informed decisions about sharing their data if they don’t understand how that data might be used. Providing clear and concise information about your information practices helps to engender trust and stands you in good stead with legislative privacy regimes.
  • Awareness and Training – In today’s economy, most of our businesses and non-profits run on data. Whether we intend to or not, we become dependent on data transmission, data analysis, data storage, and data collection.  That means that everyone in our organization is going to encounter personal data at some point.  Given that fact, it’s important that your team knows what data is considered sensitive, and how that data is to be treated. An important part of training, that can be easy to overlook, is how to report a potential incident.  For example, what should be done if someone has emailed a payment account number?

The dilemma facing businesses today is encapsulated nicely in the January 2019 issue of the Frontier Technology Quarterly:

On one hand, the data economy is radically transforming many economic activities and creating new levels of prosperity. On the other, it presents the possibility of a perilous dystopia … A market economy cannot function without trust, and the data economy is no exception. Trust deficits can unravel the data market and undermine social cohesion, stability and peace.

 

The Sphere teams will be out and about at a variety of payments and industry events. Stop by and see us! Learn more about our end-to-end integrated payment solutions, security software, payments gateway and merchant acquiring products and services.

HFMA Symposium Region 10

January 12-15, 2020 | Las Vegas

 

 

WRUG Winter Conference

February 20-21, 2020 | San Diego

HIMSS20

March 9-13, 2020 | Orlando

Visit us at Booth #2488

Parking Industry Exhibition

March 22-25, 2020 | San Diego

OCHIN Learning Forum

April 27-29, 2020 | Portland

This is a guest post from our partner, Qgiv.

As a nonprofit, much of your focus falls on fundraising and securing what you need to further your mission. But sometimes you’ll run into challenges like issues with payment processing or limited fundraising resources.

As proud partners, Sphere and Qgiv are working to change that. With Qgiv’s fundraising software, you can streamline each and every aspect of your fundraising process and boost your donation revenue. From there, you’ll be on your way to achieving your nonprofit’s goals!

There are many ways nonprofits can use Qgiv. From events to online campaigns, here are the top ways you can benefit:

  1. Online Donations
  2. Event Registrations
  3. Peer-to-Peer Fundraising
  4. Mobile Donations
  5. Silent Auctions

Leveraging a robust fundraising platform is the key to raising more. Let’s take a closer look!

  1. Online Donations

Many nonprofits are moving to online donation forms, but the ways in which they create their forms will vary. Some are turning to third-party payment processors, though there are other solutions that may be more appropriate and built with nonprofits’ specific needs in mind.

Fundraising software like Qgiv that allows you to create and customize an online donation form can drive more donations by encouraging completion. This is because you can:

  • Brand the page to match the rest of your website. Maintaining consistent branding between site pages instills a level of trust with your donors. This will reassure donors that their gift is going directly to you and that their information is safe.
  • Set up recurring donations. Recurring donations give your supporters the opportunity to give on a regular basis (monthly, annually, etc.) so they can continuously support your organization without much effort on their end.
  • Suggest giving amounts. Suggested giving amounts help guide your donors who are unsure of how much they want to give. Having a point of reference is helpful and can often encourage donors to give larger gifts.
  • Offset processing fees. Donors that use GiftAssist through Qgiv can offset the processing costs associated with their donation, which means you get to keep more of the donor’s gift.

Qgiv offers each of these elements while remaining PCI-compliant, which means your donors’ payment information and other personal data will always be safe and secure. Leverage online donation forms that can be customized to your organization (and offer security!) and you’ll be on your way to bringing in more donation revenue.

  1. Event Registration

When attendees register for your event, that’s your nonprofit’s first chance to make a great impression. Registering for events should be easy and efficient for supporters, and with the right platform, your nonprofit can make sure that signing up is a breeze.

With Qgiv’s registration software, you can create a smooth user experience when supporters come to register for your events. For example, you’ll be able to:

  • Provide a variety of registration options, such as packages for groups, discounts, and private VIP packages.
  • Boost event attendance by enabling social sharing options so guests can invite their friends.
  • Automate your process by cloning annual events and accessing real-time registration data so you can focus more on planning an amazing event.
  • Easily reach out to your attendees to remind them about your event.

By incorporating event registration software into your strategy, you’ll be able to boost event attendance, accommodate different registration needs, and ensure your focus remains on running the best event possible.

  1. Peer-to-Peer Fundraising

Peer-to-peer fundraising is a powerful, socially driven fundraising method that can help you tap into new donor networks that you wouldn’t have otherwise reached. During a peer-to-peer campaign, nonprofits recruit their supporters to fundraise on their behalf.

Here’s how it works:

  1. Your nonprofit sets a campaign goal and posts its main campaign page.
  2. After some coaching and training, your peer-to-peer participants set up their own individual campaign pages.
  3. Your participants share their campaign pages with their greater networks.
  4. People in those networks are encouraged to donate to participants or create their own fundraising page.

But just running this type of campaign isn’t enough. It’s important to leverage a peer-to-peer fundraising platform that handles multiple participant campaign pages and allows you to track the progress.

According to Qgiv’s guide on peer-to-peer fundraising, you can increase your fundraising results using software elements like gamification. Gamification incorporates “game-like” elements to spark friendly competition and further motivate your supporters. These include:

  • Leaderboards, which display the participants who raise the most funds.
  • Fundraising thermometers, which show your progress towards your goal.
  • Badges, which reward participants once they’ve reached a certain milestone or achievement.

Using the right peer-to-peer fundraising platform can maximize your results and keep you on track to reach your ultimate goal. When you leverage software that offers gamification elements, provides robust reporting, and collects donations through personalized campaign pages, you’ll be on your way to hosting a successful fundraiser.

  1. Mobile Donations

As most of us are constantly on our smartphones these days, nonprofits can and should offer convenient ways to give straight from a phone. With Qgiv’s text fundraising features, you can offer an easy, straightforward giving channel to your donors.

There are two types of solutions you can take advantage of:

  • Text-to-donate. This is a mobile fundraising method wherein donors initiate a gift via text before visiting a mobile form to complete their donation.
  • Text-to-give. This is a mobile fundraising method wherein donors are billed the donation amount on their phone bill.

Both of these solutions make it easy to give on the go and can significantly widen your donor network, as more and more donors prefer to give on their phones. Find more donors by implementing this type of software into your fundraising strategy and provide a positive user experience as individuals give.

  1. Silent Auctions

When it comes to hosting large events, using a software solution that can streamline each aspect of your planning process is essential. We’ve already discussed event registration software, but what about creating donation opportunities at the event itself?

If you’re planning to host a large event that includes a silent auction, you can use Qgiv’s silent auction software to streamline the bidding process, payments, and more. Once you learn how to run a silent auction, you can raise a lot with the right tools.

These include:

  • Real-time bidding. Rather than using web-based forms or paper auction sheets, use a silent auction software app that allows bidders to build a watch list and set maximum bids, and streamlines the overall bidding process.
  • Registration and check in. Make it easy for supporters to register for your event and check in upon arrival.
  • Event purchases. Let guests purchase raffle tickets or merchandise via the silent auction app and add them to a running tab.
  • Checkout. Streamline the checkout process by allowing guests to pay for auction items they won, as well as other purchases and donations, through the app.
  • Reporting. Robust reporting features let you view event registration, bids, and other transactions. You can then export all of this data to your integrated CRM.

Simplify every aspect of your silent auction using Qgiv’s auction software. When your guests have a good experience at your event, they’re more likely to give again and take part in future events. When there’s less frustration surrounding the planning and execution process of your auction, this will benefit everyone involved.

Part of planning a successful auction also means procuring the right items. Check out a list of great auction item ideas here.

Your payment processing shouldn’t cause a headache. With solutions brought to you through Sphere and Qgiv’s partnership, you can raise a lot more through additional channels you might not have otherwise been able to access.

Keep your donations and payments organized and your campaigns running smoothly with easy-to-use software features that will keep your donors coming back. After all, they make up the foundation of your nonprofit. Reach new heights with the right solution for you!

Maybe it’s too early to think about warm cozy fires, holiday cheer, and family gatherings, but it’s never too early to think about the booming holiday season for retailers and consumers. November and December pack a large punch for retail sales, projected to exceed $1.1 trillion1 this holiday season alone.

For most businesses the holiday season can represent as much as 30% of total annual sales2. Before you panic and begin to plan, we put together a holiday season checklist to make sure you are prepared:

1. Make sure you aren’t overpaying to accept payments

Businesses have so many moving parts it can be natural to choose a payment provider and stick with that provider for the long haul. It’s important to make sure you are checking in regularly to make sure you have the best rates possible! It’s highly probable that there is a lower cost option available for your specific business needs.

Before you dive into the holiday season, make sure you have the right plan and the right provider with a no-cost no-obligation rate check. If your rates are fair, then you know you’re with the right provider, and if Sphere can beat your rates, you’ve found a better option and start to save money.

2. Don’t stick with faulty malfunctioning equipment

Having modern, easy-to-use equipment to accept payments is no longer an option – it’s what customers demand! Why make it more difficult on yourself and your staff this holiday season to accept all payment types. Make sure your equipment is working for your business not against it and you are adequately prepared to handle the holiday rush.

Getting new equipment doesn’t have to cost and arm and a leg. If you need new equipment but are worried about the up-front cost, consider leasing the equipment for a low monthly fee.

 3. Adopt a system that works in every payment environment

Most businesses operate in multiple payment environments. Make sure you are giving customers the option to pay the way they want – don’t miss out on sales due to lack of payment technology. Your payment provider should support all payment environments: in-person, via mobile, online, and over the phone/key-entered.

 4. Update your technology recovery plan to prepare for down-time

During the holidays you should expect the unexpected. Make sure your payment provider is reachable no matter what time you need support. Sphere’s support line is open 24/7/365 by phone. We want to make sure any issues you encounter are solved efficiently and that you speak to a real person any time you call in. You don’t have to settle for second rate email-only customer service, especially in the most important time of year for your business.

Click here for more information on choosing Sphere as your merchant processor.

 

1 https://www.inc.com/anna-meyer/retail-holiday-sales-season-growth-2019-christmas.html

2 https://nrf.com/insights/holiday-and-seasonal-trends/winter-holidays/winter-holiday-faqs

Ever wonder who’s after your data? What about what they’ll do if they get it? The danger isn’t always obvious, so what do we need to look out for?

Join us Wednesday, December 4, 2019 at 10:00 a.m. PST to learn how to responsibly handle client data to reduce the impact of a possible security breach. Dr. Heather Mark, Director of Compliance and Security, will share tips on how to keep your data safe from potential security breaches, including:

  • What to do with data you don’t need
  • The importance of establishing information security policies and awareness
  • Selecting providers that are focused on protecting your data
  • And more!

Space is limited, so make sure you register while spots are available.

Register Today!

About the Speaker

Dr. Heather Mark, PhD, CCEP, Director of Compliance and Security, oversees compliance and security.  In this role, she’s responsible for promoting and ensuring that Sphere is in compliance with relevant law, regulation, and industry standards, and that its products promote and enable compliance for clients and partners. Previously, she served in various senior leadership roles, most recently at a wholly-owned subsidiary of a global payment processor, card issuer, and merchant acquirer.

The Cost of Non-Compliance

By Dr. Heather Mark

In recent years, the payments space has seen an explosion of new players.  This dramatic growth is good for the industry.  It drives competition and innovation.  The pace of change brings with it challenges, too.  One of those challenges can be the adaptation of traditional software companies to the unique risk and compliance requirements in the payments ecosystem.  These compliance obligations are often viewed as costly requirements that add friction to the process, but in reality they not only protect the company’s clients and end-users, it also protects the company’s revenue.  A common question among those new to the payments world is, “how much does compliance cost?”  That question, though, is a little myopic.  A more cogent question might be “how much will it cost our company to be non-compliant?”

In the payments industry, the consequence of non-compliance that comes to mind is the assessment associated with non-compliance with the Payment Card Industry Data Security Standards.   Each of the card brands assesses penalties separately, so a non-compliance finding or a breach carried with it the possibility of assessments from each of the four card brands.  For example, Visa’s published non-compliance assessment schedule (available in its Core Rules ) begins at up to $50,000 per non-compliance finding for the first violation. Mastercard’s assessment schedule can be found in their Rules, as well.  The assessments increase sharply for subsequent findings.  It should be noted that these assessments are merely for not being compliant with the security requirements promulgated by the brands.  This is not an assessment as a result of a breach.

In addition to the card brand consequences of non-compliance, in the event of a breach that exposes cardholder data, the bad news piles up quickly. All fifty states now have data breach notification requirements, meaning that an entity that suffers a breach in which personal data is compromised and there is a high risk of identity theft or financial fraud must notify affected consumers.  While the cost of notification and managing the public relations fall-out is high, so too is the likelihood of a class action suit.  While these suits are often dismissed on the grounds that the plaintiffs don’t have standing (fertile ground for another blog post) the fact is that companies legal spend skyrockets in responding to these cases and working to get them dismissed.

In egregious cases, companies may attract the notice of the federal regulators.  The Federal Trade Commission (FTC) is tasked with protecting consumers from unfair and deceptive trade practices.  The FTC has used this power, provided by §5A of the Federal Trade Commission Act, to take action in the event of a data breach in which consumer data is exposed.  A list of FTC enforcement actions regarding Privacy and Security related events can be found on the FTC website.  In egregious cases, entities may face fines and penalties, pay remuneration to affected consumers, and may be required to submit their compliance or security programs to FTC oversight for up to 20 years.

Fortunately, there are means to reduce interaction with regulated or protected data.  Some of these methods include:

  • Hosted Payment Pages – merchants can accept payments through the use of a hosted payment page. The Payment Page is hosted by a PCI DSS validated, registered service provider.  The payment information posts directly from the consumer to the service provider, bypassing the environment of the healthcare provider.
  • Tokenization – in this solution, the payment information is replaced with a randomly generated value that used to represent the payment mechanism. The healthcare provider can still use that token to process subsequent payments, as may be useful for patients on payment plans, reporting purposes, patient payment analysis, and chargeback or dispute purposes.  The benefit here is the reduced payment data footprint within the organization.
  • PCI Validated Point to Point Encryption (P2PE) – a P2PE solution is one in which the cardholder data is encrypted from the point of interaction (swipe, dip, entry) all the way through the processor. The payment is processed, but when the authorization response is sent to the healthcare organization, the payment data is replaced with a token.

While the regulatory environment is constantly changing, and threats to data will continue to evolve, the payments industry continues to adapt technologies to mitigate the risk to data.  Understanding how these technologies can be deployed to mitigate your data risk can help improve the customer experience and protect your bottom line.

If you’re thinking of adding payment functionality to your software solution, you’ll definitely want to get familiar with these six phrases. Why? Because with Sphere they could be a part of your daily payment experience.

Independent Software Vendors (ISVs) can embed Sphere credit card processing capabilities within their applications, allowing clients to take customer payments in one seamless process. If you’ve ever considered payments, you’ll quickly realize there’s a whole new language to learn and set of acronyms. To get the most out of your partner search, let’s take a look at these six phrases you’ll want to associate with your payment functionality.

Payment Gateway

Think of the payment gateway as a piece of a more complex and robust payment solution. A payment gateway doesn’t just let you accept electronic payment types such as credit cards, debit cards, and ACH/electronic check payments—it’s much more than that. Sphere’s payment gateway gives your company a compliant and brandable experience customized by you. They’re your customers after all, so they should experience your brand from beginning to end, not a cookie-cutter checkout experience.

Merchant Services

No matter the size of businesses you serve, chances are you’re still looking for the essentials: competitive rates on credit card processing, compatibility with a multitude of payment devices, and white glove, friendly service. That is automatic with Sphere. We aim to be a single source for all your current payment needs with room to grow in the future.

PCI Compliance

Security and trust are important aspects of a business relationship. That’s why Payment Card Industry Standard (PCI) compliance is essential, especially when data breaches are reaching the news on almost a daily basis. Know that your customer’s information is handled safely and securely with Sphere. Our solutions are PCI compliant (and then some) and help reduce your scope.

Validated Point to Point Encryption (VP2PE)

Remember the “and then some” we mentioned before? This is it. Sphere is the leading provider of secure electronic payment acceptance and risk management solutions which is why we offer validated point to point encryption (P2PE), Powered by TrustCommerce. That means your customer’s sensitive data stays safe, even in its encrypted state. With P2PE, your customer’s confidential information will be indecipherable to third parties.

EMV

Affectionately called “the card with the chip thingie” by customers, Europay, Mastercard and Visa (EMV) is the new standard for smart cards. EMV adds an extra layer of protection for customers and is quickly becoming the preferred method of payment for many, becoming synonymous with “fraud protection.”

Hosted Payment Page

Having a hosted payment page means that you don’t have to take on additional liability customer’s data passing through your systems. Sphere will do that for you, and with our security features and complete branding continuity, you can be assured that your customers are using a secure e-commerce payment capture solution. This simple, yet sophisticated solution allows for text-to-pay, email, within app and online payment acceptance.

Wrap Up

Does your current payment integration offer the same functionality as Sphere? If not, it might be time to upgrade to a company with a record for being secure, innovative and customizable. See these six phrases in action with Sphere.

When it comes to choosing an integrated payment partner for your solution, there’s a lot to consider: do you go with a familiar company? Or, a fresh option? Ideally, you want something that’s perfect for your business, but often solutions are either more than you need (at an exorbitant price), or not enough.

More often than not, money tends to drive these decisions. But there are other things you should ask yourself before picking the right payment processing engine for your solution. Perhaps the most important question should be:

“What can your payment processing partner do for you?”

Your business deserves more than “adequate” service, and that’s where we come in. With decades of experience advancing technology and putting clients first, Sphere is the natural choice for credit card processing. With Sphere, you instantly connect your customers with the most comprehensive, secure, end-to-end payment processing solutions. Let’s take a look at the top three benefits of integrating payments with Sphere.

  1. Sphere Helps Drive Your Business Revenue

Shouldn’t your payment processing partner do more than just meet your immediate needs? Sphere does. We help drive your business, providing you with more than just a point-of-sale system—in step with you as you grow.

Our products and services have all the payment features you need today and tomorrow, including:

  • Virtual Terminal
  • Transaction Security
  • Open API
  • Data Storage
  • E-Commerce Payment Pages
  • Reporting and Reconciliation
  • Mobile Payment App
  • Automated Recurring Billing Acceptance

Our applications support all major payment types including:

  • Credit Cards
  • Debit Cards
  • PIN-less Debit
  • ACH/Electronic Check Payments
  • Purchase Card (Level II and Level III) Processing
  • And More

Our systems integrate seamlessly with your current software requirements and adapt as you grow. The same thing doesn’t work for everyone; that’s why we offer custom options that work for you.

The right partner can make a world of difference. And in this competitive market, you should only trust the very best. We are an expert in our field, and we can help your business generate more revenue through technology and credit card processing.

  1. Strong Technology That Adapts

Technology is evolving quickly, and your payment processing system needs to be ready to change. Remember before credit cards had chips and certain outdated POS systems required awkward workarounds to make transactions work? Experience is everything, and your business needs a payment processing engine that’s future-proof.

Whether your software accepts payments through a single channel or many — Sphere can adapt to your business. With multiple integration options, and APIs in a variety of languages, it’s easy to get started.

There’s a growing need for a platform that can support more than just “basic” payment support. At Sphere, we understand the importance of flexibility. Businesses need integration that’s quick and efficient to support the way you do business today, as well as in the future. With our frictionless merchant application for credit card processing, we make it easy for your customers to sign up. To us, you’re a priority. We provide payment support that won’t slow you down.

  1. Manage Your Risk

Risk is never fun to talk about (and it’s even less fun to experience). Trust is an integral part of business, and a reputation of being secure and reliable is a necessity. Sphere helps you manage your risk by securing your data. We offer multiple methods to protect payments, including: validated point to point encryption, tokenization and hosted payment pages.

Get comprehensive risk management and security that allows you to defer much of the cost, risk and threat involved with handling cardholder information.

Wrap Up

Payments shouldn’t be a hassle, nor should getting the support you need to resolve any issues that may arise. That’s why integrated software vendors who are specialists in these and other industries partner with us:

  • Healthcare applications
  • E-commerce & Shopping Cart Developers
  • Membership management software
  • Bar and restaurant applications
  • Software Vendors

It’s time to take the complexity out of integrating payments. Accept payments your way with Sphere. Our payment processing solutions are designed for ease of integration with third-party software. Speak with the Partner team today.

By Heather Mark, Ph.D., CCEP, Director, Compliance & Security

Independent Software Vendors (ISVs) can leverage payments as a way to provide a more comprehensive suite of services to their customers and doing so also provides revenue opportunities.  But with that comes some responsibilities that are unique to payments, such as compliance with the Card Brand regulations.  Understanding those responsibilities, and the role that ISVs can play in maintaining the security and soundness of the payments ecosystem, can help ensure a strong, long-lasting, and mutually beneficial payments partnership.

So are ISVs expected to become payments experts?   Not at all. Choose your partner wisely and they can help you navigate payments, leaving you to the stuff you do best.  That said, there are a few things ISVs can do to demonstrate that they take seriously the compliance and liability aspect of the payments space.  Why would you want to do that? Because it’s the right thing to do for your customers, partners, and your business.

First, know your customers.  Payments partners, whether a payment facilitator or an acquiring bank, will want to understand the full business opportunity.  That means the risk as well as the reward.  What does your average customer look like?  Do you have a specific vertical to which you cater?  In that vertical, what are the risk trends (e.g., if you provide a platform to sell luxury goods on a peer to peer basis, what is the percentage of counterfeit goods that are sold, or attempted to be sold, on your platform?).  Any controls that are in place to monitor and potentially mitigate these known risks should be well-documented. Is your customer base subject to seasonality? Knowing that can help in monitoring for anomalous, suspicious behaviors. This type of information allows payment partners to garner a more complete understanding of the potential risk profile of the merchants being onboarded to their system.

Secondly, document your practices and policies.  You may not need to have robust anti-money laundering policies, but you will need to have an information security policy.  You may also need to address behaviors or practices that are prohibited or restricted on your platform, and how you monitor for those activities.  These documents don’t need to be huge volumes that address every contingency, but they should be commensurate with the size and complexity of your organization.  It should also account for whether or not your platform handles toxic data (data that would damage your company or your customers if its leaks, like personally identifiable information).  One side note: there are multiple places online that allow companies to download policy templates.  These are good tools and allow companies that may be new to policy development to have a jumping off point, but that’s all they are – a jumping off point.  Make sure to customize these templates so that they make sense for your organization.

Finally, know the regulations that impact your vertical.  If you provide billing software for healthcare, you should be familiar with HIPAA/HITECH and the impact that those regulations have on your business.  While your payment partner may be very familiar with those regulations, you should be the expert on how those regulations impact your business.  Perhaps there are nuances that you can share with your payment partner that can improve your experience with them and they can better support your compliance initiatives.

One of the things that most new entrants into the payments world lose sight of is that compliance doesn’t simply mean compliance with regulation.  It also means compliance with the Card Brand Rules, sometimes referred to as the OpRegs.  The Card Brands have complex standards that they expect all members of the payment ecosystem to uphold.  This includes things like preventing people from misusing the payments systems through fraudulent or illegal transactions, laundering funds, counterfeiting goods or services, or processing transactions in a way that is non-compliant (for example, charging a convenience fee on a face to face, or card present, transaction.)  Merchants and service providers alike are expected to comply with these rules and to prevent their systems, platforms, or channels from being used to circumvent those rules.

And, don’t forget about PCI DSS…Speaking of compliance, you will need to understand the Payment Card Industry Data Security Standard (PCI DSS).  This standard is required of all entities that store, process, or transmit cardholder data.  The PCI DSS sets a minimum standard of security controls around payment card data. All merchants must comply with the standard and validate compliance, irrespective of their interaction with cardholder data.  The way in which they validate will vary according to how they accept payments and the volume of payments that they accept.  Service Providers, the category into which most ISVs will fall, may have to validate compliance, depending upon how they interact with the cardholder data. It is important to know that the acquiring bank is the ultimate arbiter of who must comply and how.  If an ISV is determined to be a service provider, it must validate with either an onsite assessment by a Qualified Security Assessor (QSA) or by completing the Self-Assessment Questionnaire D-Service Provider. (Note: this paragraph is an exceptionally brief discussion of the PCI DSS and by no means covers all of its nuance.  For more information, visit www.pcisecuritystandards.org).  The short story here is that, compliance with the PCI DSS helps elevate security in the industry at large, and mitigates the risk to you and your customers.

Adding payments to your software application doesn’t have to be intimidating or overwhelming from a compliance perspective. Choose your payment vendor carefully and they can do the heavy lifting. Make sure you understand the role that ISVs can play in maintaining the security of the payments ecosystem and your compliance footprint.

Interested in partnering? Contact Us

By Dr. Heather Mark

The healthcare industry is, as most know, a heavily regulated industry. Government regulations detail how data is to be collected, shared, and protected.  It details how patients can access their data.  The way that research is conducted, how it is reported and a multitude of other factors.  Layering in the protection of payment card data can seem overwhelming.  Particularly given the size and complexity of health care networks – physicians’ offices, laboratories, hospitals, and clinics.  Fold in a sprinkling of online bill pay, as well, and one can see how the prospect of complying with the PCI DSS, as well as other regulatory mandates, can be overwhelming.  But PCI DSS compliance can be made more manageable by employing scope reduction strategies.

First things first, though.  What is scope reduction?  To understand this, one must understand what is defined as the Cardholder Data Environment, or CDE.  The CDE is defined by the Payment Card Industry Security Standards Council (PCI SSC) as the “people, processes, and technologies that store, process, or transmit cardholder data or sensitive authentication data.  ‘System Components’ include network devices, servers, computing devices, and applications… [and] any other component or device located within or connected to the CDE.”  So, the scope of the CDE is any device or person that has access to cardholder data and any device connected to that component.  For many organizations, in healthcare and beyond, that scope can seem fairly daunting.  The objective of scope reduction is to minimize the number of components that come into contact with the cardholder data.  By reducing the number of components that contact cardholder data, an organization can reduce its scope. This serves the purpose of reducing the complexity of the CDE, the cost and complexity of the PCI DSS assessment, and the work factor involved in maintaining compliance.

So, how can an organization reduce their scope?  The first step is to know where and how payments are accepted.  Questions that can help in that process include:

  1. Where does your health system physically accept electronic payments?
  • Registration
  • Front Desk
  • Call Center
  • Pharmacy
  • Parking
  • Radiology
  • Emergency Room
  • Gift Shop
  1. How do you accept payments in these locations?
  • In Person
  • Online
  • Kiosk
  • Mobile
  • IVR
  • EHR Software
  • Other
  1. Does your EHR system offer a secure payment integration?
  • Yes
  • No
  1. Does your payment integration support?
  • Tokenization
  • Validated Point to Point Encryption
  • Hosted Payment Page for secure online transactions
  • Secure recurring billing and installment payments

It is also important to determine whether or not you have appropriately segmented your CDE to prevent bringing your entire organization into scope.  In other words, if your payment environment is connected to your corporate environment, without firewalls, routers or other appropriate measures in place to act as a DMZ, you could end up having to manage PCI compliance for every part of your network. Per the PCI DSS, “Without adequate network segmentation (sometimes called a “flat network”) the entire network is in scope of the PCI DSS assessment. Network segmentation can be achieved through a number of physical or logical means, such as properly configured internal network firewalls, routers with strong access control lists, or other technologies that restrict access to a particular segment of a network. To be considered out of scope for PCI DSS, a system component must be properly isolated (segmented) from the CDE, such that even if the out-of-scope system component was compromised it could not impact the security of the CDE.”

Another strategy that can be employed to reduce the scope of the CDE is to reduce the number of cardholder data touchpoints in the environment.  The more the input of cardholder data can be reduced, the greater the level of scope reduction.  Any number of solutions can be employed, but here is a brief description of the most effective means* of reducing interaction with cardholder data:

  • Hosted Payment Pages – merchants can accept payments through the use of a hosted payment page. The Payment Page is hosted by a PCI DSS validated, registered service provider.  The payment information posts directly from the consumer to the service provider, bypassing the environment of the healthcare provider.
  • Tokenization – in this solution, the payment information is replaced with a randomly generated value that used to represent the payment mechanism. The healthcare provider can still use that token to process subsequent payments, as may be useful for patients on payment plans, reporting purposes, patient payment analysis, and chargeback or dispute purposes.  The benefit here is the reduced payment data footprint within the organization.
  • PCI Validated Point to Point Encryption (P2PE) – a P2PE solution is one in which the cardholder data is encrypted from the point of interaction (swipe, dip, entry) all the way through the processor. The payment is processed, but when the authorization response is sent to the healthcare organization, the payment data is replaced with a token.

As technology continues to evolve and healthcare organizations find new ways to connect with and serve their patients and communities, it is important to remain mindful of the potential risks that those new technologies may present.  By implementing the above solutions, healthcare providers may find a strong balance between patient service and data security.

*The amount of scope reduction benefit for each of these solutions can vary depending upon the specific environment and the way in which they are implemented.  It is highly suggested that all organizations consult with their Qualified Security Assessor (QSA) and/or their Acquiring Bank to determine the exact nature of the benefit afforded by these solutions.