What HIPAA-Compliant Medical Billing Software to Choose?

It is important for therapists to ensure they use HIPAA-compliant medical billing software. As a mental health specialist, you have to pay attention to the security of the platform you use for consulting and choose software that ensures the safety of protected health information (PHI).

Most importantly, your billing system must adhere to the HIPAA Privacy Rule. This means that therapists still can accept out-of-pocket payments physically, but when it comes to accepting payments online, therapists should use only HIPAA-compliant platforms. Let’s dive into the problem and learn how it can be solved.

Why HIPAA-compliant billing is important

According to APA, electronically submitted billing claims fall under the definition of protected health information transmission, thus triggering the HIPAA Act. HIPAA rules impact every aspect of billing, for example:

• how records and payment details are stored and accessed if your platform provides you and your clients with historical payment data
• how codes are used in billing claims and how patients’ personal information is used by third parties

In other words, the payment system you use to bill clients collects and transmits protected health information, and it should, therefore, be compliant with HIPAA standards. Those who neglect this requirement are breaking the Privacy Rule.

What are the requirements for HIPAA-compliant medical billing software?

Billing software usually has access to the patient’s PHI, namely data concerning:

• the patient’s medical conditions
• payments made by patients directly
• payments received from an insurance company for treatment
• the patient’s physical location

The HIPAA Security Rule applies to all of this data, so in order to be HIPAA compliant, the medical billing company has to ensure they meet the confidentiality, availability, and integrity requirements for PHI. Moreover, apart from choosing software that is compliant with HIPAA standards, therapists must also implement additional safety measures.

There are three types of safeguards therapists need to implement to meet HIPAA standards. Let’s learn more about them.

Physical safeguards

Physical safeguards are the safety measures you need to implement and explain to your patients to secure physical access to sensitive data. To prevent third parties from accessing protected health records, you need to pay attention to the security of your office and your hardware, especially the servers that store protected health information.

Technical safeguards

You cannot overlook the importance of technical safeguards. Therapy specialists often rely on HIPAA-compliant software to ensure they use the best encryption, backup, and access authorization practices. The HIPAA-compliant medical billing software used to charge patients should also include technical safeguards.

Administrative safeguards

To better understand the responsibilities of working with protected health information, take the time to learn about the HIPAA Privacy Rule. It will help you assess the risks you face and introduce the necessary legal practices you must follow to correctly and safely deal with PHI. You will also be informed and able to choose the right teletherapy and therapy billing software that satisfies current regulations.

What payment methods are not HIPAA-compliant?

The majority of the popular payment systems that allow patients to pay with a credit card are not HIPAA-compliant, unless they have a BAA agreement and extra safeguards to protect patient information.

According to the HIPAA Omnibus Rule, a signed Business Associate Agreement states that the software service provider should comply with the HIPAA Privacy Rule and the HIPAA Security Rule and respect PHI regulations.

Thus, you should not use billing software that doesn’t provide you with a BAA agreement. The popularity of the platform has nothing to do with the specific safety measures that they are willing to implement.

The list above is not limited to the mentioned providers. Payment platforms are most likely unsuitable to use when accepting payments for therapy services if they haven’t stated their medical billing HIPAA compliance and don’t provide you with an option to sign a BAA with them.

The HIPAA-compliant payment system should reiterate their compliance in their Privacy Policy.

Top 7 HIPAA-compliant billing software

Online payment platforms are the preferred payment method for 92% of people, so it is important to find a HIPAA-compliant option.

There are two options therapists can choose from to provide their patients with the best billing experience:

• HIPAA-compliant billing applications
• HIPAA-compliant teletherapy applications with electronic billing functionality

Both options are valid and will let your clients pay for your services online.

Billing-only HIPAA-compliant apps

If you need a quick solution and don’t want any extra functionality to connect billing with the booking experience, try one of the following HIPAA-compliant applications.

Stripe

Is Stripe HIPAA-compliant? No. But if it isn’t, then why is it listed here? The short answer is that Stripe platform is PCI compliant. However, you cannot store patient credit card information or patients’ names within it. It can’t be used by itself as a standalone HIPAA-compliant payment processing solution. However, if it is integrated into another HIPAA-compliant teletherapy solution, the teletherapy platform itself can control what information to pass to Stripe when the client pays. Make sure to disable the Stripe-based receipt autogeneration since the app sends an autogenerated receipt to the user’s email by default as this feature and this is not secure.

Price: pay per transaction.

Cost of the transaction: 2.9% of the transaction plus a set fee.

Square

This credit processing platform meets the HIPAA Security Rule requirements and comes with a standard Business Associate Agreement.

Price: pay per transaction.

Cost of the transaction: 2.9-3.5% of the sum plus an additional set fee.

IvyPay

IvyPay is an application that offers an instant payment feature. This HIPAA-compliant solution also provides you with a BAA agreement.

Price: pay per transaction.

Cost of the transaction: 2.75% of the transaction sum.

What is the best software for medical billing and teletherapy?

The second option for therapists is to accept payments within the teletherapy platform they use for scheduling, booking, and online video conferencing. The benefits of integrated billing are undeniable: within a HIPAA-compliant all-in-one solution, you will be able to build an automated process that will reduce the unnecessary actions needed to connect billing with booking, scheduling, and service provision. Within integrated platforms, you will often find:

• billing automation settings
• invoice templates
• billing reminders
• payment status confirmation
• booking confirmation after accepted payments
• payment history

The automated billing process can be performed in multiple ways. In the picture below, you can see two models: one when the payment is accepted before the booking and one when it is accepted after the therapy session.

Let’s check out what teletherapy applications come with a HIPAA-compliant billing feature.

ExpertBox

ExpertBox is a teletherapy solution that offers multiple features, from customer relationship management and scheduling to a secure video platform, messaging, document sharing, and billing. Within ExpertBox, you can easily set up custom prices for your services and accept online payments.

ExpertBox billing features include:

• pricing, documentation, booking, scheduling, and billing as one workflow
• payment reminders
• Stripe integration
• patients’ payment history
• invoice and receipt generation
• refunds with automated credit notes

Price: 14-day free trial.

SimplePractice

SimplePractice is a multi-feature HIPAA-compliant solution that comes with a video platform, has a client management portal, and provides clients with an option to pay for your services online.

SimplePractice billing features include:

• autopay
• superbills generation
• previews of appointment billing details

Price: $39 / month.

TheraBill

TheraBill provides therapists with extended scheduling and billing functionality aimed at routine process automation.

TheraBill billing features include:

• claims, scheduling, and documentation combined in one workflow
• electronic claims to insurance companies
• no per-claim costs

Price: $149 / month.

Therapy Partner

Therapy Partner is a solution that is aimed at providing integrated tools, including scheduling, a client portal, documentation, and payment processing, for easier therapy practice management.

Therapy Partner billing features include:

• integrated credit card processing
• insurance submission forms generation
• superbills automation

Price: $34 / month.

TheraNest

TheraNest is therapy practice management software that specializes in scheduling, notifications, and reminders and provides therapists with HIPAA-compliant online payment functionality.

TherapyNest billing features include:

• claims management
• integrated credit card processing
• batch payments
• automated claim filing
• superbills generation

Price: $39 / month.

Wrapping up

As a therapist, you have to ensure you don’t disclose protected health information that falls under the HIPAA Security Rule’s guidelines, this medical billing HIPAA compliance should be your priority. Though payment acceptance is not subjected to HIPAA rules, the processing is. Ensure you use a HIPAA-compliant medical billing solution and accept only secure online payments.