At HotDoc we care about security and privacy. This article explains how we manage payment security and has further information and links below regarding the third party financial organisations and providers we use. Please view the resources below, and use this information if a patient has payment security enquires.
|
In this article |
HotDoc Payment Security
We use financial organisations Stripe, Pin Payments and Spreedly that we embed into our HotDoc platform to process payments on behalf of your practice. These organisations are all Payment Card Industry - Data Security Standards (PCI-DSS) Level 1 certified, which is the highest compliance level. As a result, the patient's card details, expiry, CVV codes and data are secure and will never be visible or stored with HotDoc or your practice.
When a patient adds a payment method to HotDoc, Stripe helps protect against disputes and fraud by verifying the patient's card information with the card network. Their bank may also require them to complete an extra verification step to confirm their identity and authenticate future transactions. This is a security measure known as 3D Secure (3DS), which helps protect against fraud by asking the patient to verify their card details through a password or a one time code sent to their mobile device by their bank.
The patient's card details are then stored securely with Spreedly, and we receive an anonymised 'token' from Spreedly which is then used to process the patient's payment. If the patient chooses to delete the card from their HotDoc account, this causes the token to be 'redacted' in Spreedly, which renders the token unusable for future charges.
Resources
For more information about how we and the financial providers process payments once a patient adds their card details, please view our patient articles below.
To see how our financial providers handle security and privacy, please view the links below:
- Stripe Security / Stripe Privacy
- Pin Payments Security / Pin Payments Privacy
- Spreedly Security / Spreedly Privacy
For more information on PCI-DSS compliance, please view the page below:
- https://stripe.com/au/guides/pci-compliance
- https://pinpayments.com/support/developers/pci-compliance
You can also read more about how HotDoc handles personal information in our privacy policy:
|
HotDoc is committed to maintaining best practices for ensuring security, availability and confidentiality. For more information and to view our FAQ's please visit our website. For any additional security or privacy questions, please contact us via the Submit request link at the top of the page. |