Who Are You? The Quest for a Unique Patient Identifier

Patient identification and matching (PIM) errors carry consequences that range anywhere from frustration due to relatively minor mistakes to outcomes that can only be described as devastating.

At one end of the spectrum is a scenario in which two siblings were patients at the same physician practice. When a medical assistant didn’t check multiple identifiers for one of the siblings, they accidentally documented in the wrong file, leading the physician to write a note in the incorrect sibling’s chart. This mistake, fortunately, was caught early.

Other patients aren’t so lucky, including a patient whose story was collected recently by AHIMA and CHIME. The patient underwent a routine mammogram, but never received a phone call about the results. Thinking “no news is good news,” she went about her life and returned to her doctor’s office for her regular annual physical one year after the scan. When she made a remark about her relief to her physician, she discovered that her test results had been incorrectly filed in the chart of a deceased patient with the same name. After this mistake was uncovered, she learned that not only did she have breast cancer, but it had advanced to a terminal diagnosis.

Patients and even veteran healthcare professionals hear stories like this and ask: how—given all the technology and safety checklists we employ—did we get to a place and time where these errors are still happening? The answer, of course, is complicated. Answering it involves a discussion of the potential benefits of a unique patient identifier (UPI), a dive into the history of the Health Insurance Portability and Accountability Act (HIPAA), an understanding of Congressional budgetary processes, and an explanation of the other processes and tools that health information management (HIM) professionals use to accurately match patients with their unique health information.

It also requires understanding the difference between the terms “patient matching” and “patient identification,” which are often used interchangeably but refer to different processes. Matching involves leveraging demographic data elements, often within one single health system, to link a single patient to their unique records from a prior encounter. Lauren Riplinger, JD, vice president, policy and government affairs at AHIMA, likes the ECRI Institute Patient Safety Organization definition of patient identification, which was adapted from the Australian Commission on Safety and Quality in Health Care: “Patient identification is the process of correctly matching a patient to appropriately intended interventions and communicating information about the patient’s identity accurately and reliably throughout the continuum of care.”

Currently, there is no cohesive national strategy for uniquely identifying patients due, at least in part, to the fact that there is a federal ban on the creation of a UPI. While patient matching experts don’t view a UPI as a silver bullet, AHIMA and its partners in advocacy believe UPI should be part of the national conversation. Because of this belief, AHIMA frequently calls on its members to help advocate on the issue. A clear understanding of what a UPI is—or could be—and how it can help ensure patient safety and lower costs will help AHIMA’s members advocate effectively.

History of UPI

Because the appropriations bill is approved by Congress every year, groups like AHIMA and CHIME ask legislators to remove this ban from the Labor-HHS bill. In summer of 2019, those efforts were successful when US Representatives Bill Foster (D-IL 11) and Mike Kelly (R-PA 16) introduced an amendment to strike this language from the fiscal year 2020 Labor-HHS Appropriations bill. Unfortunately, the final spending package that Congress passed in December 2019 kept the ban in place. There was some good news, in that the legislation requires the Office of the National Coordinator for Health IT (ONC) to issue a report within one year that evaluates the effectiveness of current patient matching methods and recommends actions that increase the likelihood of an accurate match of patients to their health data.

Because of this ban, many people within HIM and healthcare don’t fully understand what exactly a UPI would look like or how it would work. Most stakeholders agree that it would be some combination of alphanumeric figures, but much of the finer points about how it would work can’t be worked out due to the federal ban. If that ban were repealed, those conversations would likely work through considerations such as:

• Which federal entity would issue a UPI?
• Would a UPI be designated at birth or prior to birth?
• Would individuals be issued a UPI at a set point in time or the next time they present for care?
• Are only American citizens eligible for a UPI and if so when can a UPI be issued during the immigration process? What if a non-citizen needs care when they are visiting the US?
• Would a UPI be voluntary or opt-in? Could someone opt out of having one?
• Medicare and Veterans Affairs programs have patient identifiers—how would they work with a UPI?

While providers use identifiers such as date of birth, postal address, phone numbers, and SSNs, the variation in how these identifiers are captured can lead to discrepancies, according to Julie Pursley Dooling, MSHI, RHIA, CHDA, FAHIMA, director of HIM practice excellence at AHIMA, who says that due to the rise of identity theft and credit card and health insurance fraud, consumers are becoming more hesitant to share SSNs.

When registrars and providers do ask patients for SSNs, it’s usually done verbally, leading to variance in how the numbers are entered. Additionally, Social Security cards do not have photographs or biometric features that can help authenticate that an individual is using their own card. Postal addresses aren’t a sure thing, either. According to United States census data, 11 percent of Americans move every year, which is one part of the issue with postal addresses. The other is that that the address field in electronic health records (EHRs) is “rife for variation,” according to officials at the Regenstrief Institute, which released a paper last year with Indiana University and The Pew Charitable Trusts, analyzing address standardization and patient matching.¹ The combination of date of birth and first and last names have become notoriously unreliable identifiers. For evidence of this, look no further than an incident at a New Jersey hospital, where two patients on a kidney transplant list with the same first and last name and close birthdays were misidentified. In this case, a patient further down the transplant received a kidney meant for someone else.

Karen Proffitt, MHIIM, RHIA, CHP, vice president of industry relations for Just Associates, has seen firsthand the consequences of duplicate and overlaid patient records in her previous HIM leadership roles and through master patient index (MPI) cleanup work.

“And the reason I think it [a UPI] could be helpful is because we’ve had a dramatic decrease in the ability to capture Social Security numbers due to people’s fear around all that,” Proffitt says. “So, if we had something else to start relying on, over time you could achieve some critical mass and affect more significant changes.”

Sustainability of Current PIM Methods

Proffitt says that in her experience, it often takes a “sentinel patient safety event” such as the kidney transplant case in New Jersey for some providers to wake up to the dangers of duplicate and overlaid records. She notes there are also substantial hidden costs to having poorly managed master patient indices.

“Denied claims cost an average of $1.2 million per year in general, and 35 percent of all denied claims are caused by patient misidentification—so that’s pretty huge. There’s an older study that found that 4 percent of duplicate records have a clinical impact, which ends up coming out to about $1,100 per duplicate record,” Proffitt says.

There are costs associated with full-time employees who manage duplicate queues and other data integrity tasks, as well as with other clinical and IT staff that are dedicated to making sure records are moved from one record to another, re-entering orders, and untangling overlaid records, Proffitt says. She also pointed to a Black Book Research survey that found that the average cost of repeated medical care due to inaccurate patient identification with a duplicate record is approximately $1,950 per inpatient stay and more than $800 per emergency department visit. Hospitals without the staff to devote to these MPI maintenance tasks often end up paying a significant amount to companies like Just Associates to perform major MPI cleanups

As AHIMA and its advocacy partners have noted in their discussions with lawmakers, Congress has moved in the right direction on national health information exchange over the last 10 years, especially when it passed the HITECH Act and 21st Century Cures Act, which strengthens interoperability efforts. While improving interoperability can contribute to lower healthcare costs and patient safety eventually, there’s still much that can be done by HIM professionals and their partners in the meantime. One of those partners is the ECRI Institute, which is devoted to health IT and patient safety issues.

Lorraine Possanza, DPM, JD, MBE, program director, Partnership for Health IT Patient Safety at the ECRI Institute, says that given the transition to EHRs over the last several years, lots of people assumed that meaningful use and electronic records would simplify information exchange—but that’s not always the case. It begins with something as basic as the provider making sure they’re talking to and documenting on the proper individual.

“Think about how many places there are to register a patient, how many times and how many different individuals touch that information,” Possanza says. “Are they all asking the same questions in the same manner to ensure they obtain all the information needed? Are they filling out all the areas of data collection that need to be gathered? And are they doing it consistently at all the various collection sites? And is it recorded consistently?”

An overlooked—but critical—part of verifying a patient’s identity is convincing patients themselves to be invested in the process of ensuring they’re identified properly. The John Smiths of the world likely have been mistaken for another person often enough to know how easy it is for others to be confused about who they are, but it’s not uncommon for patients to get irked when they’re asked to state their name, address, and date of birth over and over again.

“In general, I think that people don’t understand how important it is to answer those questions about their identity,” Possanza says. “And the way that staff asks those questions is just as important. You don’t want to say to a person, ‘Your name is Mary Jones, right?’ You want to ask them their name and birthdate or whatever you’re using as the confirmation identifiers.

“If I could tell you the number of events that have occurred where a patient went for an X-ray and they took the wrong patient, because the patient responded inappropriately to the query. Or we see events where the right person went and had the X-ray taken, but the results went to the wrong person’s chart. So, all of those things matter.”

Notes

1. Regenstrief Institute. “Standardizing Last Names and Addresses Leads to Better Patient Record Matching.” April 4, 2019. www.regenstrief.org/article/pew-patient-matching.
2. Ponemon Institute. “2016 National Patient Misidentification Report.” December 27, 2016. www.psqh.com/resource/ponemon-institute-2016-national-patient-misidentification-report.

References

Chang, David. “NJ Hospital Gives Kidney Transplant to the Wrong Patient.” NBC10 Philadelphia. November 26, 2019. www.nbcphiladelphia.com/news/national-international/virtua-lourdes-hospital-camden-new-jersey-kidney-donor-transplant-mix-up-wrong-patient/2234096.

AHIMA. “Limiting the Use of the Social Security Number in Healthcare.” Journal of AHIMA 82, no.6 (June 2011): 52-56. http://library.ahima.org/doc?oid=104465.

Mary Butler (mary.butler@ahima.org) is the associate editor of the Journal of AHIMA.

Impact Area

[box type="info"]

Continuing Education Quiz

• Quiz ID: Q2019102
• Expiration Date: February 1, 2021
• HIM Domain Area: Clinical Data Management