Discussing Patient Identity Data Governance

Keep up with the latest on information governance as this key strategy emerges for addressing a myriad of information management challenges in healthcare. This blog will highlight the trends and opportunities IG presents for ensuring information is treated as an organizational asset.

By Beth Liette, MS, RHIA

Improving patient identity accuracy can be a daunting task. There are many different groups that may have the ability to create medical record numbers or change patient identity information. Managing these issues can take hours, and tracking back to the root causes of errors can be complex and overwhelming.

A multidisciplinary team that coordinates data governance efforts is one way of working through these issues. The team’s responsibilities include investigating and determining root causes of errors, developing guidelines/policies and audit protocols, performing data mapping, and creating data dictionaries.

The team should include representatives from registration, billing, legal/compliance, information services, and health information management (HIM). Other representation should be considered based on high volume error-prone areas. For example, if your facility has a decentralized registration area in the emergency department (ED), a representative from the ED would be a good addition to the team. If your facility allows for the registration of patients while being transported to the facility, a transport team representative would be another valuable team member.

Issues and questions the team can address include:

Data Definitions

  • Define the critical data elements collected by patient access staff (e.g., patient name, address, date of birth).
  • Define the official naming convention for patients. Are full names required (first, middle, last) at each registration? Is there an indicator in the registration system for patients with no middle name or when the patient refuses to give the middle name? What is the naming convention for newborns? Are special characters acceptable in the name?
  • Define non-patient registrations (e.g., individuals who have not become patients yet but need to be registered so that external documents can be scanned into the electronic record (EHR) for the referral evaluation).
  • If you have the ability within your EHR to collect multiple patient addresses, define the use cases for the addresses (e.g., temporary address, confidential address, permanent address). Establish which roles can create or access these addresses.

Data flows and data mappings

  • Determine if name changes or medical record merges flow to all downstream systems. Do interfaces strip out leading zeros?
  • Determine if a naming convention can be agreed upon with other facilities so demographics can flow for transfers from one hospital to another.
  • Establish guidelines for pulling forward information at each registration.
  • Define the critical data elements that are verified at each registration and what documents are needed for the verification (e.g., driver’s license, custody papers).
  • Determine which downstream processes are affected by the use of critical data elements (e.g., billing’s use of temporary or confidential address).


  • Develop formal training programs that review patient identity guidelines and policies.
  • Write articles for facility newsletters regarding the role that patient demographics play in patient safety.

Guidelines/Policies and Quality Controls

  • Develop policies and guidelines to aid in correct patient identification.
  • Investigate the role of facial photos or biometrics in correctly identifying patients.
  • Investigate what roles in your organization are allowed to change demographics, including patient names.
  • Establish a consistent search method for attempting to find the patient (e.g. search includes identifiers such as date of birth, phone number, and gender).
  • Determine the process for identifying potential duplicate medical record numbers. Are critical data elements given different weights? Is there a way to flag known non-duplicates (e.g., twins)?
  • Define audits for data quality and where results are reported.
  • Develop a system of categorizing root causes of errors for trending purpose (e.g., human, workflow, communication, policies, hardware, software, etc.)

Correctly identifying patients and demographic information are critical processes for the organization. A dedicated data governance team that focuses on this area of organizational risk can help prevent identity theft, ensure patient safety, and ensure that medical records are correctly linked to each patient for billing and patient care.


Beth Liette is senior director of health information management at Cincinnati Children’s Hospital Medical Center and co-chair of the AHIMA Information Governance Practice Council.


  1. Great Article, thanks Beth!
    Lori McNeil Tolley

    Post a Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Share This

Share This

Share this post with your friends!