Tuesday, December 1, 2009

Costs and Benefits of a Unique Patient Identifier for The U.S. Health Care System

In the healthcare industry, misidentification errors are not restricted to diagnostics and therapeutics but also may affect documentation. So, my earlier posts on semantics, ontologies, interoperability and the like notwithstanding, all is for naught when a given document doesn't provide information about a given patient. A chain is only as strong as its weakest link and patient identification is usually the first link in the healthcare chain.

Complicating the issue, not everybody can participate to the same degree or in the same way in the process of identifying a patient uniquely. Neonatal and senile patients are two groups where health providers and technology are on their own, when it comes to identifying the patient. Naturally, readers of this post fall into neither of these groups.

See, for example, Patient Misidentification in the Neonatal Intensive Care Unit: Quantification of Risk at


which provides a rather thorough study of errors in the first of these three groups.

The information that is used routinely for patient identification is frequently similar but often not recognizably unique.

In my November 20, 2009 post, Biometric and Other Identification Technologies, I discuss some leading technologies.

Although widely touted as “great” in security circles, all biometric devices (i.e., fingerprint, palm outline, iris, retina, et al) used for unique identification produce false positives and false negatives.

For example, an episode of Fox's "24" last season showed a White House visitor placing her thumb on a fingerprint scanner, a type of screening that is not typically used at the White House.

Fingerprint: false positives or negatives with scars, calluses, cracks in the skin, dirt, household cleaners and other variables

Retina scan: susceptible to diseases such as glaucoma.

At the same time, non-biometric technologies have their own sources of error.

For a widely discussed examination of the costs and benefits of a unique patient identifier for the U.S. health care system, see


This recent study says using unique patient identification numbers for U.S. citizens would reduce medical errors, make electronic health records simpler and protect privacy.

The study says that despite a potential cost of $11 billion to create unique patient ID numbers, the effort "would likely return even more in benefits to the nation's health care system."

Most health care systems use statistical matching to find EHRs, according to the study by RAND Health, a research division of the RAND Corp. Statistical matching looks for demographic information, including names, birth dates and all or part of Social Security numbers.

See my November 17, 2009 post, Unique Patient Identification Numbers, Electronic Heath Records (EHR), Electronic Medical Records (EMR), and Social Security Numbers (SSN).

RAND researchers, who reviewed past studies, said that method causes errors or incomplete results about 8% of the time and leaves patients more exposed to privacy breaches.

"Assuming every health care system would have these [ID] numbers, then you'd be more likely to pick up all of the person's information," said Richard Hillestad, PhD, the study's lead author. "It would certainly make a lot of things easier."Using demographic information to locate EHRs causes errors or incomplete results about 8% of the time.

But critics expressed concerns.

"It's an absolutely terrible idea," said Deborah Peel, MD, a psychiatrist and chair of the Patient Privacy Rights Foundation, a watchdog group based in Austin, Texas. "Any database that has these numbers is bound to be a treasure trove for identity thieves."

The study was funded by a group of health information technology and IT companies, but Hillestad said that didn't influence the outcome. Dr. Peel is skeptical. "The combination [of data] is really deadly," she said. "That's why I say this is a data miner's dream."

The American Medical Association advocates prohibiting the sale and exchange of personally identifiable health information for commercial purposes without a patient's consent. The AMA also advocated in 1999 in favor of legislative action to repeal the portion of the Health Insurance Portability and Accountability Act of 1996 that mandated use of a unique patient identifier.

Hillestad said privacy is a big issue, but touted the ID numbers as a security boost.

"You're not sending all of the name and demographic information through the line to get connected," he said. "[Privacy] would depend on how much you protect the numbers."