Digital transformation has helped make healthcare payment and member data transfer more efficient, but fraud and cyberattacks still pose threats to every organization. Health plan leaders can reduce their security risks by understanding where threats exist, what they can cost and how to modernize their payments infrastructure with a consolidated platform.
Where are the greatest threats today?
Fraud and security threats are more widespread than many health plan leaders realize. The 2023 Payments Fraud and Control Report from the Association for Financial Professionals and J.P. Morgan notes that 65% of organizations experienced a form of attempted or actual payments fraud in 2022.
Automated Clearing House (ACH) products and paper checks are among the most targeted types of payments. Check fraud has increased significantly since the start of the COVID-19 pandemic. In 2021, financial institutions filed over 350,000 Suspicious Activity Reports on potential check fraud, marking a 23% increase over 2020. In 2022, the number of SARs related to check fraud reached over 680,000, nearly double the previous year’s filings.
Intercepted payments occur when a claim payment falls into the wrong hands, e.g. checks taken from the mail or one-time credit card terminal payments misdirected. There can be additional risk with ACH payments because the actions can be repeated if the provider is unaware that their payment has been diverted.
Other threats include check washing — a method of altering a check with chemical solvents — and various forms of mail fraud. These are all potential entry points for bad actors.
AI is also being leveraged in new and more dangerous ways. Most organizations are still at an early stage in understanding how bad actors can use AI, so it’s important to be proactive in protecting payment data from emerging and future threats.
The cost of data breaches and fraud
Cyberattacks and fraud have a significant financial impact every year—billions in costs that cannot be ignored. Healthcare data breaches reached an all-time high in 2021, exposing a record number of patients’ protected health information. More than 45 million individuals were affected by healthcare attacks that year, up from 34 million in 2020.
The average cost of breaches has also soared. Healthcare has the highest average cost of data breaches of all industries, a staggering $10.9 million in 2023. The average cost of healthcare breaches has grown 53.3% in the last three years, up from $7.1 million in 2020.
While data breaches among providers have declined, and health plans have not seen an increase in attacks, third-party partners have become targets—putting all those associated at risk. As plans add more vendors, it becomes harder to monitor cybersecurity. “Managing third-party risk is one of the biggest challenges for healthcare organizations [in 2023],” according to the HIPAA Healthcare Data Breach Report. It is important to deeply evaluate the security measures and plans of third-party vendors.
A modernized and consolidated electronic payments and communications platform is one of the most powerful tools health plans can implement to reduce exposure to fraud and theft. Reducing the number of platforms provides fewer entry points and data locations for attackers to attempt to access. It also reduces the number of logins and user accounts for payers and providers, which improves their user experience and simplifies the process for network administrators. Additionally, paper checks are eliminated, and member identity is more tightly secured by digitizing enrollment, ID cards, explanations of benefits and other claims communications.
Benefits of moving to a single platform
Consolidating to a single payment platform provides many other benefits, including:
- Leading-edge security – reduce exposure to cyberattacks and fraud caused by outdated and disconnected processes
- Streamlined workflows – eliminate duplicate work caused by maintaining and managing payments and communications separately
- Reduced operational costs – deliver faster payments and better communications to plans and providers
- Improved payment accuracy – use modern techniques to validate the identity and ownership of banking information
- Improved sustainability – reduce the number of paper checks and mailings
- Increased provider and member satisfaction – create better outcomes for providers and members by improving communications.
Zelis fraud protection
The Zelis Advanced Payments Platform (ZAPP) offers dedicated fraud prevention and detection teams using advanced tools and expansive industry knowledge to vigorously defend against fraud risk and ensure payment security. ZAPP is the only platform to consolidate all healthcare payments modalities and communications into a single solution.
Health plan leaders that are ready to embrace new security technologies should seek a partner that can fully manage payments and communications in one portal and who has a proven track record of payment security.