The Importance of Healthcare Payment Software Security

In September 2013, one of Canada’s largest data breaches occurred when a laptop was stolen from an IT consultant working for the Medicentre in Edmonton. Since then, data breaches in Canada have only gotten worse. According to a report by security firm VMware, 86% of leaders stated their organization suffered a breach in 2020 – and 88% of those breaches were considered “material.”

When it comes to healthcare, hospitals are overwhelmed by the ruthlessness of cybercriminals.
And because of ongoing risks, healthcare practitioners must stay updated on security technologies, including those in the payments sector.

Fighting Credit Card Fraud and Data Theft

Globally, the world is hard at work devising new technologies to curb credit card fraud and data theft. But solutions exist, such as:

  • EMV
  • Point-to-point encryption (P2PE)
  • Tokenization

Let’s take a look at these authentication methods.


This global technology standard uses a microchip embedded within a credit or debit card that verifies the card’s authenticity at the point of sale.

Card companies such as Visa and Mastercard have driven the adoption of EMV and other solutions. Without EMV tech and the hardware to accept EMV cards, card companies leave their customer data vulnerable. At clinics, hospitals, and urgent care facilities, this is compounded. It’s not just financial data at risk – it’s medical history, too.

Square for Health and Wellness

Manage your practice and your payments in one place.

Point-to-Point Encryption (P2PE)

Canada comes in third for the highest costs related to data breachesCAD 5.63 million.

But P2PE can help prevent costly data breaches. P2PE protects a card’s data through the entire payment process. In many industries, not just healthcare, P2PE is standard. It’s a proven method to help you protect sensitive patient information and your healthcare practice.


And perhaps the strongest security measure of all, tokenization completes a multilayered approach to security. It not only helps you protect credit card information but also healthcare data. Rather than storing patient credit card information locally, it replaces the card’s information with a token during a transaction. Even if a would-be thief breached your system, all they can retrieve is encrypted tokens – which are worthless. They store no identifying information at all.

Integrating Security Methods

Employing all three of these security measures helps you limit the environment for risk and maintain PCI compliance, which minimizes the time and money needed for audits.

This is especially helpful for healthcare practitioners. Using all the above forms of protection keeps your patients’ sensitive information out of your records–and the hands of bad players.

In this safe environment, sensitive card information and patient health data never contact any of your hardware or software. It keeps your systems and applications separate from payments, which lets you change how you accept payment, what you accept as payment, and any other back-of-the-office systems and processes without affecting the security of your payments. Payment technologies will continue evolving – meaning staying ahead of the game now makes you more agile as the industry changes.

The Solution is Jane

Just like the payments industry, the healthcare industry evolves all the time, too. As an answer to this, Square and Jane are now partners to help health clinics accept contact-free payments with the Square Terminal.

What is Jane?

In 2012, co-founders Alison Taylor and Trevor Johnston grappled with software programs to run Alison’s North Vancouver clinic, Canopy. Rather than keep trying solutions that weren’t working, Alison and Taylor instead built what would become the Jane clinic app – just a simple solution that’s now a management tool for clinics worldwide. Healthcare providers can book appointments, review charts, schedule, and send invoices. Best of all, the app is web-based and works for any clinic.

How Does the Jane Integration with Square Work?

Till now, clinics that use Jane were using outdated payment processing devices that weren’t connected to Jane. In other words, the clinic would originate the payment process within the Jane app, enter the payment amount on their device, provide the patient with the device to complete the payment, and then mark the transaction as paid within Jane.

This wasn’t what Alison and Trevor’s mission was all about – they wanted to make things easier on providers, not add extra administrative steps. And that’s how the Jane/Square integration was born. To remove this barrier to an easier day for healthcare providers, Jane now integrates with Square so clinics can accept payments seamlessly without the headaches using a Square Terminal payment machine.

Are you interested in learning more about how Square can help you keep your practice and its patients’ data secure? Work with Square today.