When I pulled my Autopayment report, I noticed that all the credit card numbers were hidden, except for the last 4 numbers. We also have patients that are processing autopayments using a draft. The report shows the ACH payments with all the account numbers and routing numbers as well. Looking into the patients accounts, I also noticed that credit cards on the patient portal are hidden, and I can access all the bank information. This is a huge security issue. Can you please change the report and the patient portal to hide all but 4 of the account numbers, and hide the routing numbers?
I reached out to the escalations team on this. If you run any credit card report, the credit card numbers will be hidden except for the last 4 digits. That is a PCI requirement of the software in case your data is ever compromised so that the entire credit card number can’t be seen. As for the ACH side, there are no PCI rules. I do have someone reaching out to you as well to discuss this, as some of this will change in a future release.