Patient Matching in the Era of COVID-19: Maintaining Control Over Patient Privacy and Data Governance

COVID-19 is changing nearly everything about the way healthcare organizations operate. From telehealth visits and elective surgeries to staffing strategies and sanitation protocols, hospitals and health systems are being forced to re-examine the very basics of how they deliver care in order to protect staff and patients from a highly contagious disease.

Of course, radical reinvention is nothing new for healthcare. Over the past decade, change has been constant for an industry that has adopted digital tools at lightspeed while dramatically overhauling the way trillions of dollars move through the system.

Even something as seemingly fundamental as patient privacy has evolved alongside the digital transformation. As patient data moves out of filing cabinets and onto cloud servers, a new regulatory framework is emerging to keep data secure while encouraging organizations to share information appropriately with patients and peers.

Earlier in 2020, the Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator (ONC) took a major step toward realigning the patient data access environment by releasing a landmark set of final rules about information blocking and public data sharing accountability.

While these rules were designed in a pre-pandemic world, they may have equally important implications for the new demands of public health, including disease reporting and social contract tracing.

The effectiveness of the new regulations–and the success of the nation’s simultaneous efforts to combat COVID-19–will depend on how well individual healthcare organizations collect, govern, share, and secure their patient data.

Providers will need complete visibility into their patient populations in order to track infection patterns, provide resources to COVID-positive individuals, and report on outcomes–all while managing the heightened data accountability expectations baked into healthcare’s new patient data access framework.

Preserving Privacy in a COVID-19 World

The coronavirus outbreak has brought privacy and security concerns to the forefront. Proactive management of the pandemic will require contact tracing agencies to identify all the places a person has been and all the other people with whom that individual has come into contact. While experts will likely need to spend more time hashing out the ethical and legal boundaries of contact tracing programs, healthcare providers will have to be prepared to supply the necessary data when asked.

Reliable patient matching is very important for identifying groups of people who may be related to each other or share a household. With the right tools we can see who shares a doctor and who may have been exposed during an office visit. And in addition to controlling spread at a community level, we can use that information to match people to services they may need if they are showing symptoms or test positive for the virus.

An enterprise master patient index (EMPI) provides a scaffolding for good data governance so organizations can provide the right care to the right individuals while safeguarding those individuals’ information. As we start adjusting to COVID-19, and especially as we start to develop contact tracing programs to control the spread of the virus, reliable patient matching and strong data governance are going to be even more important.

EMPIs can be a major component of recovery because EMPIs synthesize vast amounts of information from different sources and help create trustworthy profiles for individuals. If we review lab feeds, for example, and see a positive COVID-19 test, we may be able to surface that information to the right providers to make sure that person gets support and follow-up.

However, not all EMPIs are created equal, and not all platforms will adequately support healthcare organizations as the industry moves into uncharted data management territory. Organizations have to make sure they are employing the right strategies to balance privacy with public health, including being fully aware of where data is moving, who has access to sensitive data elements, and how patient information is being used.

Privacy must continue to be a top priority for healthcare organizations going forward. Privacy starts with accountability and accountability starts with having visibility and appropriate control over who is accessing data and how they are using it.

Organizations will need to assess their data governance processes to ensure they have the right controls and permissions in place to safeguard data without running afoul of data sharing and reporting requirements.

Healthcare providers are going to be held accountable to that–they’re going to be held to the highest standard, whether by regulators, by local public health authorities, or by their patients. Providers’EMPI strategy must be able to help them meet their data governance responsibilities without exposing their patients to risk.

Taking Ownership of Data Governance to Meet Modern Privacy Needs

The famous data science maxim “garbage in, garbage out” applies to patient identity management just as much as anywhere else in the health IT environment.

Patient matching data and unique identifiers are only going to be as good as the data capture workflow being used. If an organization doesn’t take ownership over the processes of ensuring complete and accurate capture of patient data at the point of service, there is no EMPI in the world that will be able to perform perfectly against poor data.

One of the most frustrating things vendors experience with healthcare organizations is the expectation that they can simply throw their data over the wall to an EMPI vendor and expect the vendor to handle everything. Some vendors do promise that, but it’s not something they can realistically follow through on.

EMPIs are typically organized around one of two major models. The first focuses on establishing strong internal data governance processes from the beginning to the end of a data element’s lifecycle, creating an environment that fosters accurate patient data matching, avoids duplicate patient profiles, and allows data to stay local to the organization where it originated.

The second model relies more on data aggregation techniques and the probability that a patient’s true identity can be assembled from among a huge pool of potentially relevant data elements. The EMPI vendor largely takes on the responsibility of combing through the melting pot of data to ensure patient profiles are complete and accurate.

On the surface, that type of large-scale data aggregation looks very attractive to healthcare organizations, in part because it seems a lot simpler than having to be meticulous about managing their own data. But there are a lot of pitfalls with this approach.

First, there is the basic concern about hoarding hundreds of millions of pieces of sensitive data in a single location, making it more susceptible to a highly damaging data breach. In 2019, data breaches cost healthcare organizations more than $4 billion, with an estimated cost of $423 per record, according to a recent report from Black Book Market Research.

Second, healthcare organizations that agree to add their data assets to a third-party stockpile risk relinquishing critical control over the use and reuse of that information. Such data can be used for a variety of different purposes, some of which are for the vendor’s benefit and not yours. We have seen so many recent cases outside of the healthcare industry where data is being used for inappropriate reasons, and there’s no reason to think our industry is going to be exempt from those types of situations. Exposing your patients to that risk is not necessarily a good business decision.

Aggregating data under a third party’s control also puts sensitive clinical information at greater risk.

How can one be sure that they’re maintaining separation between certain data, such as behavioral health data or HIV/AIDS status, and the clinicians who don’t necessarily need access to it? What happens if that information is accidentally exposed during a contact tracing activity to the wrong entity?

Providers cannot simply afford to lose strict control over privacy and consent models for those types of elements. In addition to the tangible penalties for that type of mistake, the toll it takes on an organization’s reputation is incalculable.

Making Informed and Justifiable Patient Identity Management Decisions

Appropriate data access and use is especially important in light of the new CMS data access rules and ONC interoperability rules, which require healthcare organizations to be able to provide access to information at a patient’s request–or justify their decision-making process when data is not accessible for any reason.

In the Cures Act final rule, ONC established guidelines around information blocking that come with certain exceptions, such as the infeasibility of a request or the need to protect a patient’s privacy. But healthcare organizations cannot use these exceptions as blanket excuses for withholding certain data.  Nor can they afford to lose sight of meaningful controls on keeping personally identifiable information private and secure.

In the context of these rules, there’s a lot to be said about how some organizations withhold information, purposely or otherwise. But it’s also important to remember not to minimize the impact of the flip side.

Patients want more control over how their data is being used and who has access to it. These rules reinforce their right to that control. If there are, for example, questions about how a patient’s phone number ended up somewhere or how exactly it’s being used, that’s something providers should be aware of they look at privacy issues in light of the pandemic.

Local management of patient identities with limited and controlled use of external data sources allows for more accountability because providers retain visibility into which systems contributed to a patient’s identity profile, when those decisions were made, what was updated when, and why two records were linked together.

The intersection of these enhanced regulatory requirements with the growing pressures of COVID-19 will create a complex environment for healthcare organizations already coping with numerous changes to the way they operate every day.

No matter what the next challenge, patient privacy and data governance will need to be a key part of the solution. Ultimately, it doesn’t matter if you’re trying to prevent duplicate records, meet a patient’s expectations for data sharing, or trace COVID-19 exposure patterns: privacy is going to continue to be a major, major concern for healthcare organizations and patients.

Daniel Cidon is CTO of NextGate.