I think you're referring to this: https://www.wired.com/2015/03/how-technology-led-a-hospital-to-give-a-patient-38-times-his-dosage/ It's a fascinating example of the swiss cheese effect, and should be required…
Readers Write: National Patient Identifier: Why Patient-Matching Technology May be a Better Solution
National Patient Identifier: Why Patient-Matching Technology May be a Better Solution
By Vicki Wheatley
Advances in technology, combined with The Patient Protection and Affordable Care Act, have begun to revive calls in the media for a national patient identifier—similar to the national provider identifier (NPI) assigned to physicians. The HIPAA legislation of 1996 included provisions for such an identifier, but they’ve never been enacted out of concerns for privacy and security.
Despite current law prohibiting the use of national patient identifiers, many proponents say creating such an identifier would make it easier to track patients across the continuum of care, leading to more effective treatments and better outcomes for patients. Others believe existing credentials such as Social Security numbers make a national patient identifier unnecessary. Lost in all the debate, however, are patient identification issues that will always exist—whether a national patient ID does or not.
Although adding a national patient identifier would provide one more data element to help confirm a patient’s identity, it still wouldn’t resolve some key record-matching challenges, nor would it fully enable organizations to use data for analytics, population health management or accountable care.
For a national identifier to work, even in theory, every single potential patient in the country would need to be assigned one—and only one—number and use it consistently. This holds true whether we generate a new identification number or use an existing one, such as a Social Security number.
For the sake of argument, let’s say Social Security numbers were to be used as national patient identifiers. Truth be told, many individuals living in or visiting the US don’t have Social Security numbers, like newborns or foreign visitors. Others may be fraudulently using someone else’s number for employment or other purposes. Additionally, using Social Security numbers as patient identifiers likely would raise security and privacy concerns due to the amount of financial and personal information already tied to them.
Just as the NPI has not been the fix-all for helping healthcare organizations exchange provider information, implementing a national patient identifier or using Social Security numbers will not resolve patient identification issues either. The reason: it won’t address concerns regarding existing information discrepancies or duplicate patient records. Additionally, like any identifier, it can be mis-keyed, transposed, or even stolen. Adding yet another identifier does not solve the patient matching conundrum.
Rather than advocating for a panacea that won’t solve the problem, healthcare organizations should instead focus on strengthening their existing enterprise patient-matching strategies, which can be easily implemented within individual organizations.
In order to provide optimal care, clinicians need to have an accurate view of the individuals they treat. Likewise, organizations as a whole must know who their patients are, what coverage they have, and which payer’s rules they must adhere to in order to receive payment. All of this information is particularly valuable when patient data is being used for analytics, accountable care, or population health management.
Thus, resolving patient identification problems is essential not only for enabling quality care, but also for supporting the financial viability of the healthcare organization. The challenges are further compounded by the fact that patient data resides across disparate systems encompassing the patient’s entire continuum of care. As a result, available patient data must be accurately linked together from within and across multiple organizations.
Unfortunately, however, errors occur. Registration staff may inadvertently transpose numbers, record nicknames instead of legal names, or fail to validate and update key data elements. Patients change addresses, phone numbers, insurance coverage, and names all the time. Data provided and collected is not always complete or accurate. Some patients forget information; others even want to hide it. To err is human, but mistakes introduced into patient records lead to discrepancies and duplicate patient records that complicate the patient identification process.
Patient-matching technology within an enterprise master patient index (EMPI) allows hospitals and health systems to bring together disparate information from various IT systems within or across organizations. This is essential for effectively managing the patient population and preparing for payment reforms. For example, an EMPI that compares patient data using probabilistic matching tools and algorithms can generate a unique enterprise identifier for each patient, eliminating the need to change information in source IT systems and enabling exchange of clinical and financial data. With an EMPI, multiple key data elements such as name, birth date, gender, address, other identifiers, and even biometrics can be used to accurately identify patients, ensuring the data in front of providers matches the patients they’re treating.
It’s a fact: as long as people are involved in providing and entering information, some level of human error remains inevitable. Yet by employing a strong strategy to address underlying identification issues, hospitals and health systems can compensate for some of the human elements that will always complicate patient identification—with or without a national patient identifier in place.
Vicki Wheatley is executive vice president of enterprise master person index solutions of QuadraMed of Reston,VA.
Interesting, but this is a problem that has gone on for over fifty years. I ran into it when I first came into healthcare in 1971.
It’s more a political issue than a technical one. In some cases a patient really does not want to be accurately identified. Think criminals. Yet the technology using biologics from Iris scans, palm prints, and even DNA could easily handle the most difficult cases, however they will never see the light of day. In the USA we have a right to be anonymous, while in virtually all foreign countries that is not a choice. So we’ll just have to use Rube Goldberg tricks to guess at a right ID when multiple IDs are in a file.
This problem is ripe for a multiple facet solution. People who are willing to have their biologics ID’d will be ‘guaranteed’ continuity of care, while those who opt-out will not. Let each person chose.
Here’s a survey Mr. H may want to consider. Would you be willing to have an Iris scan or other biologic ID placed in your med rec?
Vicki presents a compelling argument on resolving the significant patient-matching problem plaguing the healthcare industry—as does Barry Hieb in “Readers Write: Why a Unique Patient Identifier is Critical to Improve Patient Matching” and several of the commenters on each article.
There is accuracy in each viewpoint. Stronger algorithms within EMPIs, a voluntary National Patient Identifier and biometric authentication all play a role in the solution. But none stand alone.
Patient matching, as the ONC has aptly stated, is a complex problem for which there is no silver bullet. Solving it requires a holistic approach that addresses the multiple root causes of dirty patient data—criminal activity, misunderstanding, mistakes, name changes, lack of standardized and complete data capture of patient demographic data elements to name a few. These issues are not going away. In fact, they are growing more prevalent in today’s electronic world where identity theft, fraud and duplicates are commonplace.
The final solution will combine people (training and follow up), process (including policy) and technology with the flexibility and scalability necessary to keep pace with the advancements and evolution of all three.
Working in this field daily (and for the past ten years) and examining the facts, I agree that a National Patient Identifier will NOT be a panacea for this issue. There are too many complexities and the existance of that new number will not provide the antedote to matching issues, duplicates, and many other normally occurring identity errors not to mention fraudulent activity. Also, as an American with my own personal fears of “big data meets big government” I’m not sure I want another government-issued identifier (which begs the side question…could a truly unique National Patient Identifier be issued by other agencies such as insurance companies etc…?)
But, on the other hand, we do already have the SSN and an aruguement for a National Patient Identifier is that it would “mask” your real SSN (which most of us law-abiding citizens do give upon arrival at any healthcare entity). In this way, it’s almost like your debit card. If your National Provider Identifier number were stolen, it could be cancelled and the damage would hopefully not leak into other facets of your life (such as your financial life etc.) which of course a stolen SSN could. So there would be a degree of protection in a second number unique to your healthcare life instead of always using your SSN which has much broader consequences if compromised.
Finally, I don’t see the American public accepting the future technologies of palm vein or retinal scanning in mass anytime soon and so far, any technology like that would have to be completely opt-in with consent coverage etc. I do know some organizations have initiated these campaigns and have marketed it as a way for you to protect your own information (which it is in many ways) but still, wide spread adoption of this seems doubtful.
So, I do believe that for now, the mix of current algorithmic EMPI products and professionals who really understand how to use those (and then how to utilize electronic workflows balanced with other human workflows) effectively is the best way to play this “who’s who” game that we are all in as we grow and connect databases through HIO’s and other ventures. The thing is that it’s indeed not a game and if you get someone wrong you could be playing with lives. Still, as mentioned in the article, there is NO substitue for the patient’s involvement in the process. The more they are involved and the more they help to identify who they are (through good reg/sched scripting, record viewing initiatives and possibly even admission kiosks), the better positive identity matching will be for everyone involved.
I agree with the author that a national patient identifier, or any other data token such as the SSN, will never be sufficient in itself to reliably identify an individual. I would put stronger emphasis, however, on her acknowledgement that such a unique identifier would be “one more data element to help confirm a patient’s identity.” I believe such a data token, if it were realized, would be more than one more element; it could play a very strong role indeed, in conjunction with the algorithmic processing of biographical information such as name, birthdate, etc.
I do not work in the Health IT industry, but have been a programmer for ten years in a large state university system where one of my main roles has been matching records entered from numerous sources to personal identities. Since I work with employee data, the SSN is available for the purpose of what I’m calling a data token.
The SSN by itself is definitely not sufficient to consistently identify a person. We combine an internally-developed algorithm based on name and birthdate with the SSN and other data tokens to achieve pretty reliable results for approximately 200,000 people. Not every programmatically-determined match is accepted without question; the algorithm knows when it cannot make a confident match and defers such cases for manual review.
I think Grant L touches on one of the key answers to security and privacy concerns concerning a national patient identifier. The national patient identifier should be reserved exclusively for the purpose of healthcare records. I would disallow even using the national patient identifier to log on to a website, even a healthcare-oriented system (just as the SSN is not acceptable as a logon token). The failure of the SSN to serve as an exclusive, unique identifier for all purposes is not because of anything about the SSN itself; it is because such a foolproof universal identity token, while a beguiling vision, is simply not feasible.