The Dangers of Patient Data Mismatches

Congress Urged To Study Data Matching Issue
The Dangers of Patient Data Mismatches

Because the nation lacks a single patient identification system, misidentification of patients is a danger when healthcare providers exchange records. That's why the Healthcare Information and Management Systems Society has asked Congress to commission a study of the patient data matching issue.

See Also: The Application Security Team's Framework For Upgrading Legacy Applications

As more electronic health records are exchanged among healthcare organizations using different patient identification systems, the opportunity for data mismatches increases, says Richard Hodge, senior director of Congressional affairs at HIMSS.

"Various private organizations are coming up with solutions of their own," he says in an interview with HealthcareInfoSecurity's Marianne Kolbasuk McGee (transcript below). "But there isn't yet a good strategy on how those various systems and electronic health records will be able to communicate with each other across a nation."

The mismatching of patient data gathered from various sources can create "potentially life-threatening issues for patient care," Hodge adds. He cites a Rand Corp. study that found 8 percent to 14 percent of EHRs might have potentially dangerous patient data mismatches, such as a blood type being part of the wrong patient's file.

Government and the healthcare industry must come together to help determine the best practices for accomplishing nationwide patient data matching, Hodge says.

"It's important to note that HIMSS is not making recommendations on a specific solution or technology," he says. "Rather, we want to facilitate the study and the dialogue so that we can more safely and securely match the right patient with the right data."

In the interview, Hodge also discusses:

  • How standards could play a role in improved data matching. "A national patient data matching system doesn't necessarily mean one system, but it could mean the government and industry coming together to decide on common fields of data and common standards by which systems could talk to each other across systems in a reliable way," he says.
  • Why biometrics, voluntary patient identifiers, as well as matching algorithms are possible methods for making sure all the right data is included in patient records aggregated from multiple sources;
  • Why Congress also needs to examine how differences between HIPAA and various states' privacy laws potentially hinder health information exchange.

At HIMSS, a trade association with 46,000 members, Hodge serves as a liaison with Congress. He has 30 years of experience in government and industry as a healthcare administrator, health policy analyst, consultant and government affairs director, including more than 15 years of experience working on a wide variety of healthcare issues with the U.S. Congress and the White House. Before joining HIMSS, Hodge was director of federal government affairs with Sanofi-Aventis Pharmaceuticals.

MARIANNE KOLBASUK MCGEE: Could you tell us briefly about HIMSS and your role?

RICHARD HODGE: HIMSS is an issue-focused organization and we currently have about 46,000 individual members around the country, about two-thirds of whom are employed in either provision of healthcare or healthcare information technology areas. We focus on facilitating the adoption of electronic health records and health information technology across the country. My job is director of congressional affairs and I focus on educating and informing members of Congress on the issues, the successes and the progress that we're making.

Patient Data-Matching Study

MCGEE: Why does HIMSS think a study commissioned by Congress of a nationwide patient data-matching strategy is needed?

HODGE: As electronic health records are increasingly part of the provision of healthcare in this country, the opportunity for data mismatches increases. There hasn't been a lot of work in this area. Various private organizations are coming up with solutions of their own across the country and being very successful with that. But there isn't yet a good strategy on how those various systems and electronic health records will be able to communicate with each other across the nation. And so we think it's important that the government and industry come together to discuss and study what is the best way to do that.

It's important to note that HIMSS is not making recommendations on a specific solution or a specific technology. Rather, we want to facilitate the study and the dialogue so that we can more safely and securely match the right patient with the right data as high of a percentage of the time as possible.

Patient Data Mismatching

MCGEE: How prevalent is the problem of mismatching of patient data and what are the risks?

HODGE: The risks are severe patient safety issues. If the wrong blood type is on a patient's file, or if data from one file has gotten into another, there are potentially life-threatening issues there for patient care. As far as the prevalence, a 2008 RAND Corporation study estimated that some 8 percent to 14 percent of electronic health records might have a patient data mismatch error.

Data-Matching Best Practices

MCGEE: What are some of the best practices that might be used to ensure reliable patient data matching while also protecting patient privacy?

HODGE: Technology has advanced a long way in recent years, and there are all kinds of alternatives, some of which are being adopted. They include probabilistic and deterministic algorithm methods of matching you with your data using various fields of data in your file. There are also other solutions such as voluntary patient data identifiers. And there are biometrics, including iris scans, fingerprint scans and various other forms of biometric data, which could be part of the ultimate solution.

National Patient Data-Matching System

MCGEE: How might a national patient data-matching system work?

HODGE: It doesn't necessarily mean one solution would fit the entire country, but it might mean industry and the government coming together to decide on common fields of data and common standards by which systems could talk to each other across different systems in a reliable way. The technologies are pretty sophisticated these days. It's certainly within our reach to be able to do this without having a single patient identifier. We're not proposing that at all.

National IDs?

MCGEE: Congress has blocked development of a national patient ID as mandated under HIPAA. Do you think there will ever be a chance that there may be a national ID, and does HIMSS think that's needed?

HODGE: We're not proposing a national ID of any form. There are other ways to do this and we're proposing a study. As I mentioned earlier, there are organizations, consortiums, patient-care organizations, hospital systems, insurance payers and other kinds of organizations that are coming up with their own solutions. There are plenty of examples of best practices out there. What we're suggesting is we ought to take an organized look at that. We should identify how prevalent a problem it is, update the previous work that was done, look at the best practices, look at the various solutions and where technology is taking us, and let the data and study direct how the nation will proceed.

Addressing Privacy Discrepancies

MCGEE: Turning to another subject, does HIMSS think Congress and the states should address the discrepancies between HIPAA and the various state privacy laws?

HODGE: As we build the ability to exchange information more widely across the country ... we do think that Congress needs to be aware of the hindrance that these differing laws put in the way of the widest and most accessible exchange of information. We're proposing that Congress take a look at that, be aware of the problem and consider ways to go forward. It might be appropriate to have hearings, to examine various best practices in different states and to further address the issue. We're not proposing one single solution or that there is federal preemption or anything of that nature. We're just proposing this as one of the problems that we need to address as we continue to expand our capability.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.