Three ways hospitals and Health IT can make patient-matching more fool-proof. By Jason Harmon, CTO, Get Real Health
Three ways hospitals and Health IT can make patient-matching more fool-proof.
By Jason Harmon, CTO, Get Real Health
In 2002, the Annals of Internal Medicine detailed the story of two patients in the same hospital with similar names, but very different medical issues. One had a brain aneurysm; the other, a heart condition that required an electrophysiology study. The cardiologist went to work on who he thought was the latter patient, making an incision in her groin, puncturing an artery and threading a tube through it and into her heart, where he stimulated her heart electrically, testing for abnormal rhythms. After an hour on the operating table, the cardiologist received a call from another doctor asking him why his patient was in heart surgery. She had a brain aneurysm, after all, not a heart condition.
This case of mistaken identity might be extreme – and hospital procedures have certainly improved in the intervening dozen years – but it is a cautionary tale that is still relevant today. In 2011, the Pennsylvania Patient Safety Authority reported 813 wrong-patient medication errors in the space of just six months – and that’s only in one state. The sobering reality is hospital errors because of patient misidentification happen more often than any of us care to think.
Because of this, the Office of the National Coordinator for Health Information Technology (ONC) released its recommendations for patient identification and matching in February, urging hospitals to implement systems that ensure proper identification of patients. The recommendations include standardizing patient identifying attributes, introducing certification criteria that require certified EHR technology (CEHRT) to capture the data attributes, and working to develop best practices and policies to encourage consumers to keep their information current and accurate.
Although these recommendations are currently just that – recommendations – the likelihood that they will become requirements down the road is high, so hospitals and other healthcare providers (and the IT companies that serve them) would do well to start thinking now about how to create and implement systems that integrate these recommendations.
The need is clear: creating a better way for patients to be correctly identified across healthcare systems, pharmacies, doctors’ offices, clinics, and other patient interaction points will help improve patient safety and lower costs. In an age when the benefits of coordinated care are evident, having IT systems in place that make that coordination more reliable and more streamlined makes perfect sense.
But what exactly can health IT companies do to make integrated patient matching a reality? At Get Real Health, we’ve been developing patient-engagement apps that provide patients access to their healthcare records and allow them – along with their providers – to track symptoms, behaviors and other critical data to monitor their health, particularly for chronic conditions. But what we’ve seen first-hand in bringing our app to organizations with widely disparate IT systems is that there isn’t a lot of consistency in the way each organization and system matches patients.
Yet our experience has also shown us that there are a number of measures healthcare providers and health IT developers could take to make patient-matching more fool-proof:
1. Capture the right data
Many hospitals don’t capture the necessary data to correctly identify patients. It’s one thing to record a patient’s first and last name, date of birth and zip code – but if we’re talking about John Smith who lives in Manhattan, chances are, more than one person shares that same information.
Social security numbers are unique to each individual, but collecting them can raise security concerns, besides the fact that not everyone has a social security number. The same is true with driver’s licenses or other ID cards – not everyone has them for a variety of reasons, such as age or immigration status, and these numbers can change over time as an individual moves from one state to another. Even identifiers which may change over time, like driver’s license numbers and email addresses, can be useful in helping to provide additional assurance of matches based on other criteria. A driver’s license number can’t be used alone to match a patient, but it can be very useful to ensure that matches primarily based on name, date of birth, and location are accurate. You might find several John Smiths born on Jan 3, 1976 in Manhattan, but if a driver’s license number also matches one of theirs, you can be assured you are matching the right one.
Our challenge is to find a data fingerprint so it can be reliably used to identify patients. Some other criteria can be captured to create a unique patient profile, such as the patient’s city of birth and maiden name. But, again, this might not prove enough if the city of birth is large and the patient’s mother’s maiden name is common. Our industry would do well to spend some time and thought to identify supplemental information that will accurately separate one John Smith from another.
2. Capture the data consistently
The next step is making sure the data set is captured consistently. If all healthcare organizations captured the same information about a patient, it would be easier to ensure that all providers across the continuum of care are talking about and treating the same patient. This is no easy task, as it requires a uniform system – or, at the very least, uniform standards. But again, the stakes are high enough to warrant the hard work it would require to make sure all healthcare providers are collecting the same patient data.
3. Verify ID of patients entering information online
As soon as a patient is sitting at home, entering profile information on a computer, there’s the risk that that patient isn’t who she says she is. Thus verification of a patient’s identity is key. We have unique experience with this because, in many cases, this is exactly how a patient gets started with our product. How do we know they are who they say they are? This process of identity verification is a separate step that must be done before patient matching occurs to ensure that the demographics we are attempting to match to a patient are actually those belonging to the individual requesting access.
Only after identity verification is completed using either in-person identity verification or dynamic knowledge based authentication can we proceed to using the verified demographic attributes to match the user to a patient record in a Master Patient Index (MPI) and then allow the connection to a patient record to occur.
These are just a few things that need to be on the radar of hospitals and health IT companies as they move towards implementing the ONC’s recommendations. If we all get a jump on this issue of patient-matching and begin planning now, it will make any requirements that come down the pike easier to accommodate – while simultaneously improving healthcare for everyone. And that’s a goal worth shooting for.
About the author
Jason Harmon, GetReal’s CTO and Founding Partner, has an extensive background as a technology executive with more than 20 years of software architecture and development experience specializing in large-scale, high performance applications. In addition to architecting many of the systems built by Get Real Health, Mr. Harmon sets and oversees technology standards and practices.
Prior to co-founding Get Real Health, Mr. Harmon worked as VP of Software Development for USWeb/CKS, and was the chief architect of their iFrame platform for hosted applications. Mr. Harmon has been recognized by Microsoft for his contributions to the HealthVault and SQL Server platforms and has spoken at conferences and universities in the US and Europe.
