Are they on your radar?

Friday, October 31, 2008

Jay Williams feels like he’s on a one-man mission to educate the HME industry about two changes in the credit card industry that will affect some providers and manufacturers next year.

“It’s one of those issues that has blown by us, because the industry has been so focused on national competitive bidding and accreditation,” said Williams, national sales manager, QS/1 Data Systems.

The first change, known as the Payment Card Industry Data Security Standard or PCI DSS, means providers and manufacturers that store patient credit card information must have it on separate computers without Internet access. They must also lock the computers in a locked room. In all, the PCI DSS outlines 12 requirements.

The second change, known as the Inventory Information Approval System or IIAS, means manufacturers must submit product information to the Special Interest Group for Inventory Information Approval System Standards (SIGIS), which has been compiling a list of products that can be paid for using health savings account and flex spending account credit cards. Providers must get the OK by the agency to accept those credit cards for payment. They must also use a point-of-sale (POS) system from a SIGIS-certified software vendor.

“What will happen is, when a UPC bar code is scanned, the software goes out there and polls this list of approved items,” Williams said. “If the product is on the list, the charge goes through; if it’s not, it gets rejected. They’re trying to prevent people from bringing a $1,500 plasma TV to the pharmacy at Kmart and paying for it with an HSA or flex account.”

Both changes go into effect Jan. 1, 2009. IIAS went into effect for big-box pharmacies like Wal-Mart and Target Jan. 1, 2008.

For PCI DSS, the change will have the biggest impact on providers and pharmacies that provide diabetic, ostomy, urological, wound care and enteral supplies-things that “you buy and consume, buy and consume” on a regular basis, Williams said.
QS/1 planned to release version 19.1.0 of its POS application at Medtrade in October. It’s PCI DSS and IIAS certified.