Advertiser Disclosure

💳 Save money on credit card processing with one of our top 5 picks for 2022

The 7 Best HIPAA-Complaint Credit Card Processing Companies For Healthcare Practices

These healthcare credit card processors meet our standards regarding HIPAA compliance, cost transparency, customer service, reputation, and integrations.

    Frank Kehl
  • Last updated onUpdated

  • Jason Vissers
  • REVIEWED BY

    Jason Vissers

    Senior Staff Writer

Advertiser Disclosure: Our unbiased reviews and content are supported in part by affiliate partnerships, and we adhere to strict guidelines to preserve editorial integrity.
HIPAA-compliant payment processing

Healthcare payment processing is essential for modern practices, and it requires a HIPAA-compliant payment processing solution in addition to the usual hardware and software needed to accept credit/debit card payments. The right merchant services provider can set you up with the best credit card processing, solid payment security, industrious software integrations, and brand-friendly customer-facing communications.

Know that you do not have to piecemeal solutions together.

In this article, we’ll explain the most important factors to evaluate in choosing a good credit card processor for your business, and we’ll profile our top choices for healthcare payment processors.

Learn More About Our Top Picks

CompanySummaryNext StepsSummary

Read More

  • Pricing information not disclosed (usually tiered or interchange-plus)
  • Offers HIPAA-compliant high-risk merchant accounts for telemedicine providers
  • Pricing information not disclosed (usually tiered or interchange-plus)
  • Offers HIPAA-compliant high-risk merchant accounts for telemedicine providers

Visit Site

Read More

Read More

  • Interchange-plus pricing offered exclusively
  • Offers HIPAA-compliant payment processing & website hosting
  • Interchange-plus pricing offered exclusively
  • Offers HIPAA-compliant payment processing & website hosting

Visit Site

Read More

Read More

  • Offers interchange-plus pricing with no monthly account fee
  • One of the most cost-effective options for a full-service merchant account
  • Offers interchange-plus pricing with no monthly account fee
  • One of the most cost-effective options for a full-service merchant account

Visit Site

Read More

Read More

  • Offers flat-rate pricing
  • Integrates with third-party healthcare apps (IntakeQ, etc.)
  • Offers flat-rate pricing
  • Integrates with third-party healthcare apps (IntakeQ, etc.)

Visit Site

Read More

Read More

  • Offers interchange-plus pricing exclusively
  • Offers HIPAA-compliant payment processing with MX Merchant integrated payments platform
  • Offers interchange-plus pricing exclusively
  • Offers HIPAA-compliant payment processing with MX Merchant integrated payments platform

Visit Site

Read More

Show More Options

Read More

  • Offers flat-rate or interchange-plus pricing plans
  • Offers specialized medical office management software + InstaMed integration
  • Offers flat-rate or interchange-plus pricing plans
  • Offers specialized medical office management software + InstaMed integration

Visit Site

Read More

Read More

  • Offers interchange-plus and membership pricing options
  • Accepts healthcare providers in the US and Canada
  • Offers interchange-plus and membership pricing options
  • Accepts healthcare providers in the US and Canada

Visit Site

Read More

Show Fewer Options

Read more below to learn why we chose these options.

Table of Contents

Why Do You Need HIPAA-Compliant Credit Card Processing?

Medical payment processing services are very important for all healthcare providers.

Although most patients rely primarily on health insurance to cover the cost of their medical care, there are still plenty of times when they need to pay out-of-pocket for one reason or another. Co-pays, services not covered by insurance, policy limits, and patients with no insurance coverage are just some of the reasons why a patient might have to pay a medical provider directly.

Healthcare providers need to be able to accept payments not only in person but also through the mail or through an online billing system.

Offering as many ways as possible for your patients to pay you encourages timely payment and helps to improve your cash flow. While direct payments to healthcare providers were traditionally made using paper checks, that’s no longer the case today. As in most other businesses, credit and debit cards have flourished, while checks and cash payments have declined dramatically in popularity. In the pandemic era, interest in contactless payment methods (e.g., digital wallets, QR codes, etc.) has also risen and is particularly important to any healthcare provider.

The bottom line is that your medical office needs to offer as many ways for your patients to pay you as possible, and you will need to sign up with a reputable merchant services provider to do that.

How To Navigate HIPAA-Compliant Credit Card Processing In Healthcare

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) mandates that healthcare providers secure patients’ personal health information (PHI). This includes patients’ medical, financial, and personal information, and not just digital data but also written and oral information.

Finding a HIPAA-compliant payment processor is critical. To be fully HIPAA compliant, a processor must not only protect patients’ sensitive data but must also have a business associate agreement, or BAA, in place to protect against any potential data breach. By itself, payment processing is not a HIPAA-covered activity. However, additional features such as billing management and reporting services are likely to require a provider to be fully HIPAA-compliant.

That’s why a BAA can make the difference between a HIPAA-compliant processor and a non-compliant one. It’s why Square makes our list of the best HIPAA-compliant credit card processing companies while PayPal does not.

7 Best Healthcare Payment Processing Companies

Our favorite healthcare credit card processing providers offer full HIPAA compliance, fair pricing, transparent sales practices, and excellent customer service. The best HIPAA-compliant payment processing providers are PaymentCloud, Host Merchant Services, Helcim, Square, Dharma Merchant Services, Chase Payment Services, and Clearly Payments.

1. PaymentCloud: Best For High-Risk Healthcare Providers

PaymentCloud


Visit Site


Exclusive Promo: PaymentCloud will give you $200 if they can't beat your current rate. Get Your Quote

Pros

  • No application or account setup fees
  • Month-to-month billing (low-risk practices)
  • Offers free credit card terminal
  • Virtual terminal available

Cons

  • No publicly disclosed pricing (high-risk practices)

Why We Chose PaymentCloud For Healthcare Payments

PaymentCloud is a high-risk specialist that also offers low-risk accounts to qualifying businesses. While most healthcare providers fall into the low-risk category, the emerging field of telemedicine is still considered a high-risk industry by most credit card processors. PaymentCloud’s service package includes an online payment gateway for telemedicine portals, invoicing options, and solutions for echeck and ACH payments.

While the company doesn’t disclose pricing information or contract terms, it has a very positive reputation among users for fair pricing and reasonable terms. It’s worth looking at what PaymentCloud can offer you, as the company doesn’t charge any application or account setup fees.

Like most high-risk providers, PaymentCloud typically requires a long-term contract (possibly with an early termination fee) for high-risk accounts. Terms will vary, depending on your backend processor. Low-risk merchants, however, might be able to get a month-to-month contract with no early termination penalty if they buy their processing equipment outright and pass on the company’s “free” terminal offer.

PaymentCloud Pricing

  • No account setup fee
  • No monthly minimum (low-risk accounts)
  • Interchange + 0.05%-0.30% + $0.08-$0.10 per transaction (low-risk accounts)
  • Processing rates vary by the acquiring bank/back-end processor (high-risk accounts)
  • $15/month account fee (low-risk accounts)
  • Account fees vary by the acquiring bank/back-end processor (high-risk accounts)

PaymentCloud Features

  • “Free” credit card terminal available with each account
  • Mobile processing solution available
  • Virtual terminal included
  • Authorize.Net or USAePay payment gateways are available
  • ACH and echeck processing are available
  • Paysley QR-code payment service available

Get Started With PaymentCloud

Read our in-depth review

Jump back to comparison chart

2. Host Merchant Services: Best For Included Website Hosting

Host Merchant Services


Visit Site


Pros

  • Transparent interchange-plus pricing
  • No setup or application fees
  • Month-to-month billing & no long-term contracts
  • No monthly minimums

Cons

  • Can be expensive for low-volume merchants
  • US-based providers only

Why We Chose Host Merchant Services For Healthcare Payments

Host Merchant Services is an excellent choice for low-risk and many high-risk businesses, including those in the healthcare and medical fields.

All accounts come with interchange-plus pricing, and free basic website hosting services. A variety of mobile card readers, terminals, and POS systems are also available for accepting in-person payments. All processing rates and account fees are fully disclosed on the company’s website, making it easy to estimate your processing costs in advance. This transparency also simplifies the account setup process, as you won’t have to haggle with a sales agent over contract terms, rates, or fees.

Host Merchant Services offers true month-to-month billing with no long-term commitment to all low-risk businesses. High-risk industries (including telemedicine providers) are underwritten by a separate backend processor and may require both a long-term contract and an early termination fee if the account is closed prematurely.

Host enjoys a very positive reputation among users and particularly excels at providing high-quality customer support. It’s an excellent choice for your medical practice.

Host Merchant Services Pricing

  • No application or setup fees
  • $14.99/month account fee
  • Interchange + 0.25% + $0.10/retail transaction
  • Interchange + 0.35 + $0.10/eCommerce transaction
  • $5.00/month gateway fee (optional)
  • $15 chargeback fee
  • No PCI compliance fee
  • No early termination fee

Host Merchant Services Features

  • Full-service merchant accounts
  • Accepts most high-risk industries
  • Full line of countertop and mobile credit card terminals
  • Free terminal available to merchants processing over $20,000/month
  • Vital and SwipeSimple mobile processing solutions
  • Proprietary Bonsai POS system available
  • Clover and Vital POS systems are available
  • Authorize.Net payment gateway
  • Proprietary HMSExpress payment gateway
  • Virtual terminal included
  • Web hosting included with an account
  • Cash discounting program available

Get Started With Host Merchant Services

Read our in-depth review

Jump back to comparison chart

3. Helcim: Best For Low-Cost Payment Processing

Helcim


Visit Site


Pros

  • No long-term contracts or early termination fees
  • Uses interchange-plus pricing
  • No monthly account fee
  • Excellent customer support

Cons

  • Not available to high-risk merchants

Why We Chose Helcim For Healthcare Payments

Unlike our other top choices for healthcare credit card processing, Helcim does not offer business associate agreements (BAAs) to protect PHI and is only HIPAA compliant in the sense that its credit card processing services fall outside the scope of HIPAA laws. The company even states on its website that “Helcim’s merchant services should not be used by healthcare professionals to store health records, such as entering medical procedure information, in invoice line items, or in the comment sections of transactions.”

So why would you want to use Helcim? The answer is that the company offers full-service merchant accounts with no long-term contracts, no monthly fees, and transparent interchange-plus pricing. For a practice that only takes the occasional credit or debit card payment but wants to avoid the account stability issues that plague Square and other payment service providers (PSPs), it’s one of the most affordable options available anywhere. As long as you’re willing to wall off your patient records from your credit card processing, Helcim can save you a significant amount of money on your overall credit card processing costs.

Helcim’s proprietary Helcim Card Reader can function as a traditional countertop terminal, but you can also use it with the company’s POS software or mobile app. Helcim offers extensive pricing disclosures on its website and has a great reputation for providing outstanding customer support. It’s a good choice for a small practice that doesn’t need a lot of fancy bells and whistles.

All of Helcim’s merchant accounts come with true month-to-month billing. There are no long-term contracts or early termination fees. Be aware, however, that the company does not accept high-risk businesses.

Helcim Pricing

  • Interchange + 0.40% + $0.08/card-present transaction (volume discounts available)
  • Interchange + 0.50% + $0.25/card-not-present transaction (volume discounts available)
  • Helcim Card Reader – $109/unit
  • Helcim Smart Terminal – $349/unit
  • No monthly or annual account fees
  • No PCI compliance fees
  • No monthly minimum

Helcim Features

  • Full-service merchant accounts
  • Proprietary Helcim Card Reader for in-person payments
  • Proprietary Helcim Smart Terminal for expanded functionality
  • Helcim Payments app for mobile processing
  • Virtual terminal included with each account
  • Helcim POS software (requires tablet, laptop, desktop computer, or Helcim Smart Terminal)
  • Access to Helcim API for customized credit card payments

Get Started With Helcim

Read our in-depth review

Jump back to comparison chart

4. Square: Best For Low-Cost Credit Card Processing Without A Full-Service Merchant Account

Square


Visit Site


Get a free card swiper from Square at no cost when you create a free account. Claim your card reader.

Pros

  • Predictable flat-rate pricing
  • Month-to-month billing & no early termination fee
  • No monthly fees
  • Healthcare integrations available

Cons

  • May be expensive for high-volume practices
  • Account stability issues

Why We Chose Square For Healthcare Payments

Square is one of our favorite payment processors, and the answer to the question, “Is Square HIPAA compliant?” is a resounding yes. It offers a wide range of features with no monthly fee and transparent payment processing. The Square POS includes great security, reporting, invoicing, patient profiles, and more, all for free. Plus, with healthcare-focused data integration options such as IntakeQ, you can add more functionality by going paperless and automating both the intake and payment process.

While Square can be a great choice for credit card processing for medical practices, it’s not for everyone. Square is a third-party payment processor — instead of opening up a dedicated merchant account for each user, Square aggregates all of its users under one account. This setup makes payment processing accessible to almost anybody, but it comes with some account stability issues.

The healthcare industry faces relatively low chargeback risks, but to understand how to avoid the “red flags,” we recommend reading our post on protecting your account from fund holds or termination.

Square uses month-to-month billing exclusively, and you can close your account at any time without penalty. Be aware, however, that all of Square’s hardware and software features are proprietary and will not work with any other credit card processor.

Square Pricing

  • No setup or application fees
  • $0/month for Square Free account ($29+/month for Square Plus accounts)
  • 2.6% + $0.10/card-present transaction
  • 2.9% + $0.30/online transaction
  • 3.5% + $0.15/manually keyed-in transaction
  • 2.9% + $0.30/invoice paid via credit or debit card
  • 3.5% + $0.15/invoice paid via card on file
  • 1%/ACH transaction (minimum $1 charge)
  • No ACH reject or chargeback fees
  • Square Contactless & Chip Reader — $59 each
  • Square Stand With Contactless & Chip Reader — $169
  • Square Terminal — $299
  • Square Register — $799 (or $39/month for 24 months)

Square Features

  • Aggregated account for credit and debit card processing
  • Mobile card reader (magstripe-only) included with an account
  • EMV and NFC-capable card readers are available
  • Square Register POS system available
  • ACH processing included with every account
  • Square Online Store for eCommerce businesses
  • Basic Square Invoices feature included at no extra cost
  • Analytics and reporting available through Square Dashboard

Get Started With Square

Read our in-depth review

Jump back to comparison chart

5. Dharma Merchant Services: Best For Nonprofits

Dharma Merchant Services


Visit Site


Pros

  • Transparent interchange-plus pricing
  • Trustworthy business practices
  • Discounted pricing for nonprofits
  • Multiple software options

Cons

  • Not recommended if processing less than $10,000/month

Why We Chose Dharma Merchant Services For Healthcare Payments

Dharma is a fantastic credit card processing option for healthcare or wellness offices. With no annual fees or monthly minimums and transparent interchange-plus pricing, Dharma delivers consistently excellent service. Plus, you’ll have access to a full range of Clover hardware, and the multiple payment channels on offer make processing in-person and over the phone quick and secure for your office.

While you will face monthly fees and an additional monthly charge to send invoices, Dharma’s pricing is very transparent, so you won’t get any surprises when your bill comes. You also won’t have to worry about binding contracts, early termination fees, or leasing agreements. Dharma offers full-service, HIPAA-compliant merchant accounts and a simple processing rate of interchange + 0.15% + $0.08 per transaction for healthcare providers. You can also use the company’s MX Merchant integrated payments platform to keep payment information from in-person and online transactions in one convenient place.

Dharma offers true month-to-month billing with all accounts, so there’s no long-term commitment or an early termination fee to worry about. There is, however, a reasonable $49 account closure fee if you do close your account for any reason.

Dharma Merchant Services Pricing

  • $25/month account fee ($20/month for nonprofits)
  • Interchange + 0.15% + $0.08/card-present transaction (volume discounts available)
  • Interchange + 0.10% + $0.08/card-present transaction (qualified nonprofits)
  • Interchange + 0.20% + $0.11/card-not-present transaction (volume discounts available)
  • Interchange + 0.10% + $0.11/card-not-present transaction (qualified nonprofits)
  • No gateway fees with MX Merchant
  • $10/month for recurring billing (MX Merchant)
  • $20/month for B2B processing (MX Merchant)
  • No annual fee
  • No PCI compliance fees
  • No monthly minimum
  • $49 account closure fee

Dharma Merchant Services Features

  • Full-service merchant accounts through Fiserv or TSYS
  • MX Merchant integrated payment platform
  • Choice of Authorize.Net or MX Merchant payment gateways
  • QuickPay virtual terminal
  • Full line of credit card terminals, including Verifone Engage V200c, Fiserv FD-150, Ingenico Desk/5000, and Dejavoo Z11 models
  • MX B2B app for B2B processing
  • Full line of Clover POS systems
  • Credit card surcharging (no-fee, zero-cost credit card processing) program available

Get Started With Dharma Merchant Services

Read our in-depth review

Jump back to comparison chart

6. Chase Payment Solutions (Formerly Chase Merchant Services): Best For InstaMed Integration

Chase Payment Solutions℠


Visit Site


Pros

  • Reputable direct processor
  • Offers flat-rate or interchange-plus options
  • Next-business-day funding for QuickAccept customers
  • Special features available for medical practices

Cons

  • Limited pricing info disclosed on the website
  • “Free” terminal requires a long-term contract

Why We Chose Chase Payment Solutions For Healthcare Payments

Unlike our other top picks, Chase Payment Solutions is a direct processor. The company offers a choice of either flat-rate or interchange-plus pricing plans, as well as credit card terminals, a proprietary payment gateway, a virtual terminal, and many other services. Chase offers HIPAA-compliant processing and a services package that includes patient billing management and scheduling features for healthcare providers. It also integrates with InstaMed for online patient payments.

We chose Chase Payment Solutions primarily based on its healthcare industry-specific features and integrations. It’s also one of the very few direct processors in the payments industry that offers pricing and contract terms that are compatible with the needs (and budgets) of small businesses. One word of caution: It’s generally best to buy your processing hardware outright rather than taking advantage of the company’s “free” terminal offer. This offer usually requires you to forego month-to-month billing and accept a long-term contract with an expensive early termination fee.

Chase generally offers month-to-month contracts with no long-term commitment and no early termination fees (ETFs). However, you’ll usually have to accept a three-year contract (with an ETF) if you accept a free credit card terminal as part of your merchant account. We recommend buying your processing equipment outright to take advantage of the flexibility that a month-to-month contract provides.

Chase Payment Solutions Pricing

  • No application or setup fees
  • $0 monthly account fee
  • 2.6% + $0.10/card-present transaction
  • 2.9% + $0.15/card-not-present transaction
  • 3.5% + $0.10/keyed-in transaction
  • Interchange-plus pricing also available
  • $10/chargeback
  • No gateway fees
  • No PCI compliance fees
  • No early termination fee

Chase Payment Solutions Features

  • Full-service merchant accounts
  • Chase Smart Terminal – $399/unit ($299 with coupon)
  • Mobile card reader – $49.95/unit (required free Chase Mobile app)
  • InstaMed integration available for online payment acceptance

Get Started With Chase Payment Solutions℠

Read our in-depth review

Jump back to comparison chart

7. Clearly Payments: Best For Canadian Healthcare Providers

Clearly Payments


Visit Site


Pros

  • Month-to-month billing with no early termination fees
  • Offers interchange-plus & membership pricing
  • Next-day funding included with each account

Cons

  • Clover software subscription fees not disclosed
  • Very little merchant feedback is available at this time

Why We Chose Clearly Payments For Healthcare Payments

Clearly Payments is a new Canadian merchant services provider that has recently expanded into the United States. The company offers merchants a choice between either interchange-plus or membership pricing (Canadian businesses only), with all rates and fees fully disclosed on its website. Like most good providers these days, Clearly uses month-to-month billing exclusively, with no long-term contracts or early termination fees.

Clearly also offers a variety of processing hardware options which can either be purchased outright or rented on a month-to-month basis. Users can choose between Clover hardware or a variety of universal models from Ingenico, Poynt, and others.

Because Canada and the US have different medical privacy laws, Clearly doesn’t offer specific information about HIPAA compatibility at this time. Healthcare providers should reach out to the company’s sales team for more information before opening an account.

Clearly Payments Pricing

  • No account setup fees
  • No annual fees
  • $21/month account fee (interchange-plus pricing option)
  • INT + 0.28% + $0.08/in-person transaction (volume discounts available)
  • INT + 0.48% + $0.23/online or keyed-in transaction (volume discounts available)
  • $99+/month or $189+/month account fee (membership pricing option)
  • INT + $0.08/transaction (Basic Membership plan)
  • INT + $0.06/transaction (Pro Membership plan)
  • No PCI compliance fees (membership pricing option)
  • No payment gateway fees (membership pricing option)

Clearly Payments Features

  • Offers full-service merchant accounts
  • Next-day funding with all accounts
  • Numerous mobile card readers, terminals, and POS systems available for rent or purchase
  • Clearly Payment Gateway
  • Free virtual terminal
  • Online invoicing service

Get Started With Clearly Payments

Read our in-depth review

Jump back to comparison chart

Our Methodology For Choosing The Best HIPAA-Compliant Credit Card Processors

As with any business, choosing the best credit card processor for a healthcare practice comes down to three fundamental factors: cost, contract terms, and customer support. Because of the unique requirement that a processor be fully HIPAA-compliant, we also weighed this factor very highly in choosing the best providers for healthcare businesses. On the other hand, most healthcare businesses don’t need many of the bells and whistles that providers offer to traditional retail businesses. Consequently, we didn’t place much emphasis on common ancillary features such as inventory management or data analytics in choosing the top credit card processors for a small healthcare or wellness practice.

6 Features To Look For In A Good Healthcare Payment Processor

Although healthcare providers often choose a payment processor primarily based on anticipated overall costs, many other factors are just as important. In evaluating the strengths and weaknesses of different competing providers, we strongly encourage you to consider the following features before making a final decision:

Payment Security

The safety and security of your patients’ payment information are supremely important — both to comply with HIPAA requirements and prevent a costly data breach. Malware, phishing, and data breaches can compromise the personal information of thousands of people, and medical offices have much more sensitive data to secure than other businesses.

The Payment Card Industry Data Security Standard (PCI-DSS) created a set of guidelines that requires all organizations that collect payments to become PCI compliant. When you’re looking for a merchant account, you can reduce your office’s PCI scope by finding a processor that includes the latest payment security features. Keeping cardholder data storage and transmission off of your own database and shifting it to the servers of a PCI-compliant payment processing company is a cost-effective way to keep your patient’s payment data safe. For a modern medical office, features such as end-to-end encryption, credit card tokenization, and hosted payment pages can provide state-of-the-art protection for your patients’ information.

Multiple Payment Channels

Offering your patients a wide range of payment methods is more important than ever. Besides accepting credit and debit cards, you’ll also want to add alternative payment methods that make it easy and convenient for your patients to pay you. Here are some options to consider when building out your office’s payments ecosystem:

  • Hardware & POS: Whether you want something sturdy for your countertop or a sleek tablet-based mobile processing option, consider what will best equip your front and back office.
  • Virtual Terminal: Every medical or wellness office should be ready to take a payment over the phone. A virtual terminal securely stores and processes your patient’s payment data. You can also combine virtual terminal software with a card reader to enable in-person payments.
  • Online Payments: Medical offices can accept online payments just as easily as eCommerce businesses with a payment gateway and a website. Specialized software suites for medical practices usually include this feature but may not offer the best pricing and often tie you to a preselected processor. Our top providers profiled above can usually offer the same capabilities at a lower overall cost.
  • ACH & eCheck Payments: ACH payments are a cheap and easy way to collect payments directly from your patients’ bank accounts. While you can get an ACH-only account, it’s usually better to include it as an additional feature of your merchant account.
  • Invoicing & Recurring Billing: Moving to electronic invoicing could save your office money and time and give your patients more options in paying you. Recurring invoices can help automate billing for repeat services or agreements that are common in wellness centers.

Software Integrations

Integration is a critical consideration if your office relies on existing software programs. Finding a processing company that works with medical software can make things like implementing HIPAA-compliant payment methods much easier.

Good Customer Support

Finding the help you need, whether it be technical expertise or a question about funds, is also important to consider. Check out our full reviews of each credit card processor to learn what customers say about the company in question. Not all processors offer 24/7 support, but it is important to find quality support when you need it during normal business hours.

Month-To-Month Agreements

One of the biggest points of contention in the healthcare payment processing industry is the contract. We strongly encourage every healthcare office to learn how to read your merchant account agreement. While every company on our list gets a clean bill of health regarding long-term contracts, even some of the largest payment brands have unforgiving agreements that get very expensive (and very frustrating) for their users. We recommend signing up with companies that offer more flexible terms, such as month-to-month agreements with no early termination penalties.

Upfront Pricing

When looking for a payment processor for your medical or wellness office, upfront pricing information may be more elusive than you might think. We see a lot of “teaser rates” that mask hidden fees and similar bait-and-switch tactics. Again, reading your contract is crucial to understanding what you’ll actually be paying. Most of the picks on our list have transparent pricing, and we’ve uncovered the pricing structure of those whose pricing transparency leaves something to be desired. Regardless of the nature of your business, understanding how to look at your bill and determine what you’re paying for credit card processing in total can be critical.

Which HIPAA-Compliant Credit Card Processor Is Right For Your Business?

Finding a reputable credit card processing company for your medical practice (or your dental office) is a bit more challenging than a typical retail or eCommerce business due to the need for HIPAA compliance and the even higher importance of payment security features.

Fortunately, many excellent healthcare payments companies are vying for your business, and the top picks we’ve discussed above all provide top-notch service at a fair price.

At the same time, it’s easy to overpay for services you don’t really need, and it’s also easy to get stuck with something that doesn’t serve your growing needs. Looking beyond the sticker price tag and considering what each credit card processor offers in total value is critical to finding the service that will help you grow your practice while accommodating your patients.

Particularly for healthcare businesses, the availability of industry-specific features and ancillary services (such as business loans and financing options for medical practices) offer additional value beyond what standard small business credit card processors provide and may be worth paying a little extra for.

FAQs: HIPAA-Compliant Credit Card Processing

What payment method is HIPAA compliant?

Credit and debit card processing is HIPAA compliant as long as the processor takes adequate steps to protect the patient’s protected health information (PHI), does not sell or disseminate patient payment data, and enters into a valid business associate agreement (BAA) with the healthcare provider. Note that popular peer-to-peer payment methods such as Venmo and Zelle do not have BAAs and should not be used to accept payments from patients.

Do payment processors need to be HIPAA compliant?

Payment processing by itself is considered to be outside the scope of HIPAA requirements. However, providers offering ancillary services such as invoicing, data analytics, or practice management software do fall under the scope of HIPAA and need to have a business associate agreement (BAA) with the healthcare provider. We do not recommend that medical providers use any payment processor that does not offer a fully HIPAA-compliant payment solution.

Are credit card processing companies HIPAA compliant?

It depends on the provider. While all merchant services providers offer a variety of security features, not all of them have taken the necessary steps to fully protect patient-protected health information (PHI) and offer business associate agreements (BAAs) to customers in the healthcare field. We recommend only using a provider that offers a fully HIPAA-compliant payment solution.

Is Venmo For Business HIPAA compliant?

No. Venmo offers a secure — and often free — method of sending and receiving payments. However, it does not enter into business associate agreements (BAAs) with medical offices, which is a requirement for HIPAA compliance. Also, Venmo shares user data with its parent company, PayPal.

Is Zelle HIPAA compliant?

No. While Zelle offers a secure payment method that meets HIPAA security requirements, it does not enter into business associate agreements (BAAs) with healthcare providers. Therefore, it is not HIPAA compliant and should not be used to accept patient payments.

Is Stripe compliant with HIPAA laws?

No. Stripe does not offer business associate agreements (BAAs) to users in the healthcare field, as required by HIPAA laws. Stripe also collects user data and uses it for advertising purposes, which is not permitted under HIPAA.

Is Chase Payment Solutions HIPAA compliant?

Yes. Chase Payment Solutions specializes in serving the healthcare community and offers a HIPAA-compliant payment processing solution. This solution includes specialized features, such as patient scheduling and billing management, as well as integration with InstaMed for online patient bill payments.

Is Square Invoicing HIPAA compliant?

Yes. Square offers a HIPAA-compliant payment processing solution and Business Associate Agreements (BAAs) to users in the healthcare field. For Square Invoicing, you will need to use an encrypted payment form to protect patients’ PHI.

Is a credit card considered PHI?

While credit card processing itself is considered to be outside the scope of HIPAA, patient cardholder data (including name, billing address, etc.) are classified as protected health information (PHI) and must be secured according to HIPAA requirements. To ensure HIPAA compliance, you will also need to enter into a Business Associate Agreement (BAA) with your chosen credit card processor.

In Summary: 7 Best Healthcare Payment Processing Companies

  1. PaymentCloud:
    • Pricing information not disclosed (usually tiered or interchange-plus)
    • Offers HIPAA-compliant high-risk merchant accounts for telemedicine providers
  2. Host Merchant Services:
    • Interchange-plus pricing offered exclusively
    • Offers HIPAA-compliant payment processing & website hosting
  3. Helcim:
    • Offers interchange-plus pricing with no monthly account fee
    • One of the most cost-effective options for a full-service merchant account
  4. Square:
    • Offers flat-rate pricing
    • Integrates with third-party healthcare apps (IntakeQ, etc.)
  5. Dharma Merchant Services:
    • Offers interchange-plus pricing exclusively
    • Offers HIPAA-compliant payment processing with MX Merchant integrated payments platform
  6. Chase Payment Solutions℠:
    • Offers flat-rate or interchange-plus pricing plans
    • Offers specialized medical office management software + InstaMed integration
  7. Clearly Payments:
    • Offers interchange-plus and membership pricing options
    • Accepts healthcare providers in the US and Canada
Frank Kehl

Frank Kehl

Senior Staff Writer at Merchant Maverick
Frank has been writing about payment processing and business services since 2015. He is a retired Air Force officer and a former practicing attorney. He has a Bachelor of Science degree in Psychology from The Pennsylvania State University and a Juris Doctorate degree from the Ventura College of Law, and currently resides in Paso Robles, California.
Frank Kehl
View Frank Kehl's professional experience on LinkedIn.
Frank Kehl

Latest posts by Frank Kehl (see all)

Sources