Healthcare organizations are required to be HIPAA-compliant to protect patient information. While credit card processors in itself are generally exempted, those that provide additional features, such as invoicing and booking management, will be subject to HIPAA compliance in order for healthcare providers to legally use the payment service.
With this in mind, I evaluated top payment processors that offer the best solutions for healthcare providers.
The best healthcare payment processors are:
- Square: Best fully HIPAA-compliant free merchant account
- Chase Payment Solutions: Best for electronic health record (EHR) software integration
- Stax: Cheapest credit card processing for established healthcare providers U.S. businesses only
- PaymentCloud: Best for telemedicine practice
- Ivy Pay: Best for therapists with a small practice
- Dharma Merchant Services: Best for low-cost transaction fees for healthcare providers processing more than $10,000 per month
Top Healthcare Payment Processors Compared
Monthly Fee | Card Present Fee | Card-not-present Fee | HIPAA Compliance | EHR System Integration* | |
---|---|---|---|---|---|
$0–$60 | 2.6% + 10 cents | 2.9% + 30 cents | ✓ | Remedly DrChrono | |
$0–$15 | 2.6% + 10 cents | 2.9% + 25 cents | ✓ | InstaMed | |
$99–$199 | Interchange + 8 cents | Interchange + 18 cents | ✕ PCI Security Level 1 | Aesthetics Record EMR via Zapier | |
2%–3.5% | 2.8%–4.3% | ✓ | Not specified | ||
$0 | 2.75% | 2.75% | ✓ | Built-in | |
$25 | Interchange plus 0.15% + 8 cents | Interchange plus 0.15% + 8 cents | ✓ | Not specified | |
*Electronic health records (EHR) systems are fully HIPAA-compliant platforms for storing personal health information. |
HIPAA Compliance for Payment Processing
The Health Insurance Portability and Accountability Act (HIPAA) was enacted into law in 1996 to protect patients’ privacy by setting standards for how their information is shared and stored. This encompasses any healthcare system that holds patient health information (PHI) such as:
- The individual’s past, present, or future physical or mental health
- The provision of health care to the individual
- The past, present, or future payment for health care
Any software used by healthcare organizations needs to be HIPAA-compliant if it has access to personal health-related information. So, by default, simple credit card processing is not a HIPAA-covered activity. However, if a payment processor comes with tools for storing customer information, then HIPAA compliance will be required before it can be used by a healthcare organization for tasks such as appointment bookings, invoicing, as well as storing health records.
Credit card processors that carry these features, need to be ready to sign a business associate agreement (BAA) with healthcare providers. This is a written agreement that clearly states each party’s responsibilities when accessing and storing PHI.
On the other hand, merchant account and payment services providers that simply process credit card transactions on behalf of a healthcare provider are not required to be HIPAA-compliant but are expected to integrate with HIPAA-compliant EHR and have PCI Level 1 accreditation.
Merchant processors that are PCI Level 1-compliant undergo annual third-party security audits and quarterly network scanning and maintain an in-house internal compliance team. Learn more about PCI compliance.
Square: Best Fully HIPAA-compliant Free Merchant Account
Pros
- Multiple EHR integrations
- Free invoicing and website builder
- Waived chargeback fees
Cons
- Extended business hours support only
- Same day funding w/fee
- Account stability issues
Square Pricing
- Monthly fee: $0–$60
- In-person transaction fee: 2.6% + 10 cents
- Invoicing: 3.3% + 30 cents
- Online transaction fee: 2.9% + 30 cents
- Recurring billing and card-on-file: 3.5% + 15 cents
- Keyed-in/ virtual terminal payments: 3.5% + 15 cents
- ACH/ bank transfers: 1% ($1 min)
- Chargeback fee: Waived up to $250 per month
Why I Chose Square
Square is an all-in-one point of sale (POS) system that comes with a built-in payment processing service. Unlike popular alternatives PayPal or Stripe, Square is fully HIPAA-compliant—ready to sign a BAA with healthcare providers. Find out how Square stacks up against Stripe and PayPal.
Square can also be automatically set up to accept Health Savings Account (HSA) and Flexible Spending Account (FSA) debit cards upon signing up for a merchant account. There is no approval process involved, nor does it charge a monthly fee for using Square’s payment processing feature.
Healthcare Features
- Full HIPAA compliance
- Integrates with Remedly and DrChrono EHR platforms
- Accepts HSA and FSA debit card payments
- Free merchant account
- Free basic appointment POS software and website builder
- Free invoicing and recurring billing
- Includes ACH payment processing
- Free next-day funding, same-day funding with fee
Square is an excellent choice for small and startup healthcare organizations. It even offers volume discounts for merchants that process more than $250,000 per year. However, Square’s customer support is also limited to extended business hours. There are also merchant services providers that can offer better interchange rates for fast-growing healthcare organizations.
Related reading:
- Find better rates from the cheapest credit card processors.
- Square tops our list of best free merchant accounts.
Chase Payment Solutions: Best for EHR Software Integration
Pros
- Free same-day funding for Chase Business Checking account holders
- Native integration with InstaMed
- 24/7 customer support
Cons
- Outright hardware purchase
- Non-refundable chargeback fees
- Possible monthly fee for InstaMed integration
Chase Payment Solutions Pricing
- Monthly fee: $0–$15*
- In-person transaction fee: 2.6% plus 10 cents
- Online transaction fee: 2.9% plus 25 cents
- Keyed-in transaction fee: 3.5% + 10 cents
- ACH processing fee: $25/month for 25 transactions, $0.15 for additional
- Chargeback fee: $25 to $100
*Merchants with a Chase Business Checking account are required to maintain a minimum balance of $2,000 or a monthly service fee of $15 will be imposed.
Why I Chose Chase Payment Solutions
I chose Chase primarily for its native healthcare service management platform. Chase owns the highly popular InstaMed, used by over 50% of healthcare providers for its seamless integration with almost any EHR and healthcare IT system. With InstaMed, merchants get to use Chase payment processing in a fully HIPAA-compliant and PCI level 1 secure platform.
Chase Payment Solutions is also among the few direct processors that work directly with small businesses and offers free same-day funding with a Chase Business Checking account. There are no monthly fees for using the service (though InstaMed may charge a separate fee for monthly account maintenance), nor does it tie you into long-term contracts.
Healthcare Features
- Fully HIPAA-compliant integration with InstaMed
- Accepts HSA and FSA debit card payments
- Accepts ACH payments
- Automated payment processing and reconciliation
- Free merchant account
- Free same-day funding
- Can reprogram compatible existing hardware
- 24/7 customer support
Chase Payment Solutions by itself is not HIPAA compliant but it offers seamless integration with InstaMed so merchants do not have to worry about prolonged system set up. This somewhat limits Chase’s ability to serve merchants that prefer a different healthcare service management platform. If you want Chase for its free same-day funding feature, you will need to open a Chase Business Checking account and maintain a minimum balance of $2,000/ month.
Stax: Cheapest Credit Card Processing for Established Healthcare Providers
Pros
- Wholesale interchange plus pricing
- Offers free credit card processing
- 24/7 customer support
Cons
- Requires Zapier to integrate with EHRs
- High monthly account fee
- Lacks same-day funding option
Stax Pricing
- Monthly fee: $99–$199
- Card-present transaction fee: Interchange plus 8 cents
- Card-not-present transaction fee: Interchange plus 18 cents
- Chargeback fee: $25
Why I Chose Stax
Stax is our favorite credit card processor for fast-growing and established businesses with its wholesale interchange rates that provides merchants with access to all in-person and remote payment methods. While it has all the bells and whistles to help merchants manage customer information, Stax is not, by itself, a fully HIPAA-compliant merchant account services provider. Instead, it integrates with EHRs via Zapier and has safeguards in place to ensure that no patient information is saved in its system with PCI level 1 security compliance.
Healthcare providers interested in using Stax will shoulder a monthly fee based on their annual processing volume. In general, I recommend it to businesses that regularly process card payments over $20,000 per month to maximize potential savings.
Healthcare Features
- PCI Level 1 Security Compliance
- Integrates with Aesthetics EMR via Zapier
- Integrates with other EHRs via API
- Accepts HSA and FSA debit cards
- Wholesale interchange plus pricing
- All-in-one monthly fee for all payment types
- Next-day funding option
- 24/7 customer support
Stax comes with a wide range of payment processing options including a PCI level 1 compliance that ensures the security of patient data. However, it lacks a ready integration with EHRs, which may cause delays in setting up your payment processing service. That said, high-volume and healthcare establishments with multiple locations with the resources to invest can significantly benefit from Stax’s management features.
PaymentCloud: Best for Telemedicine Practice
Pros
- High approval rating for high-risk merchant accounts
- Seamless payment gateway integrations
- Waived early termination fees
Cons
- Additional monthly fee for virtual terminal
- Longer application and approval process
- No publicly disclosed pricing
PaymentCloud Pricing
- Monthly fee: $10–$45*
- Payment gateway fee: $15/month (average)
- Virtual terminal: $15–$45/month
- Transaction fees:
- Low-risk: 2%–3.1%
- Medium-risk: 2.3%–3.4%
- High risk: 2.7%–4.3%
- Chargeback fee: $25
- Early termination fee: Waived
*Rates vary among industries and clients. Pricing is based on average mid- and high-risk merchant services.
Why I Chose PaymentCloud
If you run a telemedicine healthcare practice, I recommend PaymentCloud for your high-risk merchant account services. PaymentCloud works with a number of banks and boasts a 98% merchant account approval rate. It is both a payment gateway agnostic and a fully HIPAA-compliant merchant processor, so PaymentCloud can seamlessly integrate with most online payment processing software without disrupting your business during migration.
PaymentCloud also stands out for its advanced fraud prevention tools to protect you from chargebacks and thousands of direct software integrations including EHRs. Most of all, merchants rave about PaymentCloud’s excellent customer service, providing you with a dedicated account manager from the time you start your application.
Healthcare Features
- Fully HIPAA compliant
- Thousands of direct integrations including EHRs
- Low monthly fees for high-risk merchant accounts
- Flexible transaction fee pricing
- Accepts HSA and FSA debit card payments
- Accepts echeck payments
- Advanced fraud prevention tools
- Can reprogram compatible existing hardware
- 24/7 customer support
PaymentCloud also works with low-risk merchants, although you need to verify with their account manager to make sure that the HIPAA compliance extends beyond their telemedicine merchant account. Additionally, telemedicine will require you to set up an online payment service that involves a virtual terminal, for which PaymentCloud charges an additional monthly fee.
Ivy Pay: Best for Therapists With a Small Practice
Pros
- EHR with built-in payment processing
- Mobile app for iOS and Android
- Free merchant account
Cons
- Limited use for licensed therapists
- Limited to text messaging notification
- Not compatible with other EHRs
Ivy Pay Pricing
- Monthly fee: $0
- Transaction fee: 2.75%
- Cancellation fee: $0
Why I Chose Ivy Pay
Ivy Pay is a fully HIPAA-compliant payment processor exclusively designed for therapists using the Talk to Ivy referral service platform to connect with patients. Ivy Pay is mobile-based, compatible with both iOS and Android smartphones—download the app to connect with clients and link a valid bank account to start accepting payments. You can charge a patient’s saved credit/debit cards from your app. Funds are deposited to you the next day.
There are no monthly fees and a simple flat rate is charged for each transaction (significantly lower compared to Square’s online rate of 2.9% + 30 cents). I recommend Ivy Pay for therapists with small or solo practices that do not need complicated billing and invoicing features.
Healthcare Features
- Fully HIPAA-compliant
- Built-in payment processor for Talk to Ivy referral services platform
- Mobile based, remote payment processing
- Accepts HSA and FSA payments
- No long-term contracts
- No credit card reader required
For therapists who are starting out, Ivy Pay is a great option to start your practice without significant upfront cost. However, some merchants will find it easy to outgrow Ivy Pay’s features and will need to upgrade to a service that offers invoicing and recurring billing tools, and more notification functionality options.
Dharma Merchant Services: Low-cost Credit Card Processing for Midsize Healthcare Providers
Pros
- Special discounted interchange-plus rates for healthcare services
- Free next-day funding for card-present transactions
- 24/7 customer support
Cons
- Surcharge fee for Amex transactions
- Add-on monthly fees for ACH and invoicing
- Charges for PCI non-compliance
Dharma Merchant Services Pricing
- Monthly account fee: $25
- Transaction fee: Interchange plus 0.15% + $0.08/
- Amex transaction fee: Interchange plus 0.25% + $0.08
- High-volume transaction fee: Interchange plus 0.10% + $0.08*
- ACH monthly fee: $25, plus 40 cents/transaction
- Invoicing and recurring billing monthly fee: $10
- Chargeback fee: $25
- Account closure fee: $49
*For sales volume above $100,000/month
Why I Chose Dharma Merchant Services
Dharma Merchant Services provides a dedicated merchant account service for healthcare providers. I love that it offers low interchange plus transaction rates. There are no long-term contracts but there are monthly account fees involved that are to be expected for traditional merchant account service providers that offer interchange plus pricing. And because Dharma is a fully HIPAA-compliant merchant service provider, it can integrate with most EHR systems.
Compared to Stax, Dharma offers significantly lower monthly account fees, although be aware of the additional monthly cost for using other payment services like invoicing, recurring billing, and accepting ACH payments. I recommend Dharma for mid-sized healthcare providers that can handle these additional costs.
Healthcare Features
- Fully HIPAA-compliant merchant account
- Likely integrates with most EHR systems
- Accepts FSA and HSA debit cards
- Free virtual terminal
- Free mobile POS app
- Compatible with Clover hardware
- Guaranteed 48-hour funding
- Next-day funding for card-present transactions
Dharma Merchant Services does not provide any specific EHR system that it integrates so you need to consult with a Dharma representative to verify that it will work with your current healthcare service management system. Even with a fully HIPAA-compliant merchant account service, Dharma’s ranking in our evaluation was significantly affected by the potential add-on fees including incidentals such as PCI non-compliance and account closure.
How to Choose a Healthcare Payment Solution
When choosing among healthcare payment processing companies, compliance should be the main priority. You should also look for providers that offer the most value for money in terms of payment features and fees.
- HIPAA compliance: Without a doubt a prerequisite and a deal-breaker for any merchant processor that aims to provide a healthcare merchant account with additional management features.
- Security: Avoid merchant processors that do not have PCI level 1 security. Additionally, choose a healthcare payment solution that offers advanced fraud protection and detection tools to effectively prevent chargebacks.
- Integrations: Ideally you will want to have a merchant processor that’s compatible with most popular EHR systems, including what you currently use. Apart from EHR systems, you should also consider integration capabilities with other business software such as ecommerce, accounting, and appointment management.
- Credit card processing fees. In general, you will want to choose a merchant processor that offers transparent pricing. As much as possible, opt for solutions that offer interchange-plus rates and low (or free) monthly fees. Look out for incidental costs such as chargebacks and surcharges for using additional payment functionalities like invoicing, virtual terminals, and payment gateways.
How I Evaluated Healthcare Payment Processors
I compared a dozen healthcare payment processors and evaluated them based on pricing, payment types, ease of use, and expert score. Compliance and transparency is the priority in evaluating each criterion. I also invited our retail experts to weigh in with their knowledge of each merchant processor in our list.
Square emerged as the best healthcare payment solution in our evaluation, with a score of 4.55 out of 5 for its fully HIPAA-compliant payment processing and value for money for small healthcare providers. Other healthcare payment processors also made our list for their standout functionalities.
Click through the tabs below for a more detailed breakdown of our evaluation criteria:
25% of Overall Score
I took into consideration the monthly fees and hardware fees, as well as contract terms and costs for early cancellations. Square earned the highest score of 4.25 out of 5 followed by IvyPay with 4 out of 5.
30% of Overall Score
25% of Overall Score
In this category, I included approval, setup, migration, customer service hours, deposit speed, and available integrations for evaluation. I gave premium points for healthcare payment solutions that offer the best EHR integrations. This time, Chase led with a score of 4.75 out of 5 followed by Square and Dharma with 4.25 out of 5.
20% of Overall Score
Our expert score category evaluated each provider in terms of transparency and value for money. I also took scalability into consideration, as well as popularity among healthcare providers. Most of our providers did well here, but Square earned a perfect score.
Healthcare Payment Processors Frequently Asked Questions (FAQs)
A healthcare merchant account provides merchant services that are unique to healthcare service providers such as hospitals and private practices. Most of the time, merchant processors that offer these services also come with HIPAA compliance, particularly if they provide additional functions such as scheduling, invoicing, and ecommerce.
Medical clinics can use non-HIPAA-compliant payment processors for simple credit card payment processing. However, this means that there is no integration with your practice management system and EHRs, which can cost you extra time and resources to keep track of your finances.
No. PayPal, Stripe, and peer-to-peer payment processors like Zelle and Venmo are not HIPAA-compliant. These payment processors do not go into business associate agreements (BAAs) and also use client information for marketing purposes.
Bottom Line
Payment processing services for healthcare providers require strict PCI security and HIPAA compliance to protect patient information. Focus on value for money, as while cheap fees and free services can be tempting, the consequences of non-compliance can cost your business even more.
Square goes above and beyond HIPAA compliance when it comes to its payment processing and management software tools. It offers appointment POS and free ecommerce tools and integrates with well-known EHR platforms.