HIMSS Asks Congress for Patient Identity System--Again
Health Information Management and Systems Society believes up to 14% of medical records have wrong, potentially dangerous info due to misidentification. New system might include biometrics.
9 Health IT Tools Patients Should Understand
(click image for larger view and for slideshow)
For the second year in a row, the Health Information Management and Systems Society (HIMSS) has urged Congress to support the establishment of a national patient identity system to make it easier to exchange healthcare information between disparate facilities.
This year, HIMSS is asking Congress to commission a report from the Government Accountability Office (GAO) so that the political branch can make informed choices. But HIMSS still has the same objective, said Richard M. Hodge, senior director of congressional affairs for the organization, in an interview with InformationWeek Healthcare.
"I don't think anything has changed [since last year], except that a lot more people get the issue this time," he said. "So we're hopeful we'll be able to move forward on this."
Hodge said that HIMSS has been working on the issue with other associations and think tanks, including the Bipartisan Policy Center, and has held discussions about patient data matching with the Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator of Health IT (ONC). It also has been educating Congressional representatives. Partly as a result, he said, awareness of the topic's importance is increasing.
The idea of a national patient identifier has been off the Congressional table since at least 1999, when an omnibus appropriations law banned it. Budget legislation over the years has carried that prohibition forward, mainly because of Congress' perception that the public views such an identifier as a privacy risk.
But HIMSS is not pushing for a unique patient identifier similar to the social security number that Medicare, Medicaid, and some private healthcare organizations use to identify patients. Instead, the association wants Congress to weigh the options for "optimized patient-data matching across systems," using advanced algorithms to reliably identify people while protecting their privacy.
Moreover, HIMSS' recommendation to Congress says, "A technologically advanced nationwide patient data matching strategy does not mean that every system has to use the same patient identity method but, rather, means creating national standards and solutions that can be used for exchanging information across systems."
The lack of such a system, HIMSS points out, has resulted in a growing number of patient-data mismatches. HIMSS cites industry estimates that "between eight and 14% of medical records include erroneous information tied to an incorrect patient identity." This costs hundreds of millions a year to correct and can result in "serious risks to patient safety," HIMSS notes.
Because Meaningful Use stage 2 regulations require organizations with different systems to exchange clinical data via health information exchanges, the number of mismatches will increase significantly in coming years, HIMSS predicts.
"What's happening now is that different provider groups and different combinations of providers and payers are coming up with their own [patient identity] solutions," Hodge noted. "So those differences are being built into our infrastructure. If we just had a common approach to this problem, we'd be a long way down the road."
Nevertheless, Hodge stressed, HIMSS rejects the idea of a unique national patient identifier as too simplistic. "One expert told us that a single identifier could have a substantial error rate of its own. So we're talking about more sophisticated approaches." Such strategies, he added, might combine a numerical identifier with biometrics and probabilistic matching methods.
To allay public concerns about privacy, HIMSS notes in its brief that security and privacy technology has greatly advanced since 1999. Asked about all of the health data breaches that have been in the news lately, Hodge attributed most of them to human error or to healthcare organizations not instituting proper security procedures. "It's seldom that somebody hacks a really up-to-date, sophisticated security system," he said.
If anything, the kind of patient data matching system that HIMSS advocates would make the data more secure, he claimed. "Today, you could get somebody's health information if you had their social security number," he pointed out. Conversely, eliminating the use of those "socials" in healthcare would help thwart identity thieves, he added.
InformationWeek Healthcare brought together eight top IT execs to discuss BYOD, Meaningful Use, accountable care, and other contentious issues. Also in the new, all-digital CIO Roundtable issue: Why use IT systems to help cut medical costs if physicians ignore the cost of the care they provide? (Free with registration.)
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.