Despite EHR, Patient ID Problems Persist

If you think that moving to electronic health records will eliminate mistaken identity in healthcare, you are mistaken.

This article appears in the June 2013 issue of HealthLeaders magazine.

The change from fee-for-service to coordinated care is challenging providers to solve a longstanding need to identify patients more precisely to avoid waste, fraud, and substandard care.  

For years, the healthcare industry has recognized the problem of errors related to improper patient identification. If you were to think that moving to electronic health records would eliminate mistaken identity in medicine, you would be, well, mistaken, according to a variety of healthcare executives interviewed for this story.

The reasons are many, but mainly boil down to incompatibilities between different vendors' EHR technology and the variety of identifiers generated by the other technological systems in use in hospitals and that come from many sources—everywhere from insurance companies to subsystems dedicated to labs or other diagnostics—and that have evolved in isolation from each other over the past 40 years.

"You have to be able to identify the patient across all the venues of care in order to be able to do analytics on the information to make sure that … the care is being delivered, and people are getting the care, and that they're getting only the care that they need in a cost-effective manner," says Frank Richards, CIO of Geisinger Health System, a system that serves more than 2.6 million residents throughout 44 counties in central and northeastern Pennsylvania.

Patient identification is a fundamental building block of the emerging accountable care organization trend, according to Bill Spooner, CIO of Sharp HealthCare, which operates four acute care and three specialty care hospitals with an approximate total of 2,000 licensed beds in the San Diego region.

"The important thing is to be able to get accurately identified patients into your database and to be able to link them out to your transaction systems so everybody knows who they are so you can effectively engage in care management," Spooner says.

The United States in particular faces a hurdle that other developed countries do not: By law, the U.S. Department of Health and Human Services is prohibited from establishing a national patient identifier.

Providers are coping in several ways. Technology exists to flag suspected duplicate identities with varying degrees of certainty. Some are turning to technology offered by suppliers of their electronic health records.

Other providers are relying upon technology that has been employed by payers for years. And for those systems that can make the technological jump, patients are now being positively identified during every visit using smart cards with photo IDs attached, or even by biometric means, such as fingerprint, palm, or retinal scans.

Duplicate-detecting algorithmic technology is generally known as enterprise master patient index technology. "It's all matching on information that you have on the patient, so name, address, telephone number, cell phone number," Richards says. "There are algorithms that run that give you a score of how sure the system is that this is the same person coming from multiple different institutions."

Geisinger is a textbook example of why, in the EHR age, EMPI is still in use. "Epic's master patient index works very well in the Epic world, which is in our case pretty big," Richards says. "We have about 9,500 users on any given day using the Epic system. We have their inpatient/outpatient, many of their specialty modules—ED, OR. We probably run 12 or 15 of their software modules here, and they have very good master patient index for all those. It will track multiple medical record numbers from different sources."

But when Geisinger first installed Epic, it didn't reconcile Epic medical record numbers effectively with other external systems in use, not only within its provider system but now increasingly with its health information exchange. "So let's say that we purchase a hospital that has another billing system or another lab system or something," Richards says. "Epic, at least as we installed it originally, was not capable of taking calls from an external system, reconciling the numbers in its database, and interacting with that system," Richards says.

So, for the past 15 years and continuing today at a cost of $1 million a year, Geisinger maintains an EMPI separate from Epic to reconcile the non-Epic patient identifiers.

"We'd need an army of people to check every one of these, so it's well worth it," Richards says. "So once I've identified that person A from hospital X is the same person from Geisinger, I'll then capture their identifier, their medical record number, from hospital X and so I'll have that forever, and so the next time I don't have to match on all of these parameters. I know that this person coming from this organization has this patient identifier. Over time, it gets more efficient."

Not all hospitals have been able to make the kind of investment Geisinger has. "Right now, the current matching strategy [for] when somebody's not within the system is using their other identifiers: their name, their date of birth, their Social Security number, a variety of things," says Bala Hota, CIO and CMIO of Chicago-based Cook County Health and Hospitals System, with a 464-bed main hospital and a variety of clinics. "But what do you do if the patient doesn't have a Social Security number? Or if there's some problem with the data that you receive? In a public hospital system, that's often the case, and so then you're forced to do some other matching on the data elements."

While Cook County H&HS has "really good matching" about 70% of the time, he says that still leaves the other 30%. "You have to have manual matching. You have to have an inbox almost for somebody to do a match. There's a lot of work there," Hota says.

So he is turning to Cerner Corp., which supplies Cook County H&HS' EHR. "We've looked primarily at the system that's integrated with the Cerner electronic record, and they have this self-registration kiosk that they offer," Hota says. "The advantage is it's fully integrated into our existing electronic record and so we won't have to worry about designing and implementing a project to integrate some external system."

Payer-assembled data forms the cornerstone of the patient ID efforts of Salem Health, a two-hospital system with more than 450 acute care beds based in Oregon's Willamette Valley.

The insurance industry has previously struggled with the question "Was the Mary Smith who has BlueCross the same Mary Smith that has Aetna Medicare?" says Cort Garrison, MD, MBA, CIO of Salem Health. "They have some matching algorithms, as well as somewhat of a common database that we think covers about 70% to 80% of our population."

Salem Health plans to leverage this insurance industry work to bring up a communitywide central repository as part of its coordinated care organization, the state of Oregon's equivalent of an accountable care organization.

Since Oregon's 15 CCOs just organized starting August 1, 2012, they are "fairly new structures," and implementation of the patient ID system is depending on state Medicaid funding that is still pending, Garrison says. But an "agnostic" patient ID system must be built, because "no one EMR is a single source of truth in this community. Our Epic system has the inpatient and some of the outpatient stuff," but other record systems hold other patient data.

"We have basically three disparate EMRs that are prevalent in our community that we need to integrate for transformation purposes." Vendor-supplied EMPI technology alone is insufficient, Garrison says. "We could get there by using that technology alone, but I think we can get there faster by using a different source," he says.

A number of providers have turned to smart cards to solve the patient ID problem.

"It looks like a credit card, but it actually has a memory chip in the card," says Lawrence Carbonaro, director of patient access, purchasing, and HIM at Memorial Hospital, a 25-bed critical access hospital in North Conway, N.H. "You also have the patient's photo on the card, so when a patient presents anywhere [in the hospital], they have to have the card." A card swipe opens up the correct patient's EHR. "We have not had instances of anybody with a card where we've misidentified them by pulling the wrong medical record," Carbonaro says.

If patients forget their card, they can still register once they provide answers to pertinent questions. When it was installed in 2009, accompanied by smoother workflow processes, Memorial Hospital was about to reduce its headcount by 6.5 full-time equivalents, Carbonaro says.

Larger systems are also opting for smart cards. The Nashville-based Vanguard Health Systems operates in cities such as San Antonio, Chicago, Detroit, Boston, and Phoenix. A few of the company's markets are using LifeMedID, the same smart card technology Memorial Hospital uses, with plans to expand to other markets.

Since deploying the smart cards a year ago, nearly 22,000 patients in ambulatory service settings between the two Texas cities of San Antonio and New Braunfels use it, while Vanguard builds a new hospital in town, reaping the benefits of less overhead needed for ID matching, says Roderick Bell III, CIO of Resolute Health, a clinical integrated health and wellness enterprise owned by Vanguard that currently has a network of 150 physicians.

"I've been working with Life-MedID for maybe a year and a half, and I haven't had one duplicate record," Bell says. "I haven't had one patient identity theft, and I'm here in south Texas, where that happens a lot."

Vanguard is integrating LifeMedID technology with its EHR with the help of Allscripts, the EHR vendor, Bell says. "They love the idea that there's a card that will allow them their one-source solution, their Sunrise solution, meaning that there's one record in ambulatory, there's one record in acute care, throughout home health—everything is on one record. This card takes that to another level," he says.

At the March HIMSS conference, Allscripts, Cerner, and others announced the CommonWell Alliance, a consortium of EHR vendors devoted to standardizing patient ID as part of improving healthcare interoperability. All the providers and vendors interviewed for this story see CommonWell's efforts as accelerating their own efforts to eliminate patient ID discrepancies across providers and EHR vendors, and thus accelerate the movement to accountable care.

"We certainly do a lot of work on all of those products, so it's probably not such a bad strategy," says Beth Just, MBA, president and CEO of Just Associates Inc., a Centennial, Colo., consulting firm that has helped hundreds of healthcare providers implement master patient indexes for nearly 20 years.

For now, the industry lacks a universal solution. For instance, Geisinger tested adding a patient photo to be kept on file some years ago, but patient resistance was so great, the company chose to abandon the experiment, Richards says.

Some healthcare systems, such as Cook County H&HS, are considering employing enterprise data warehouse technology to help eliminate duplicate patient IDs. Emerging health information exchanges, many of which are employing EMPI technology, also provide a possible solution.

For instance, Resolute Health's Bell was encouraged recently when Allscripts acquired dbMotion, which Resolute was already planning on using as its health information exchange. dbMotion, coupled with LifeMedID, could provide a more comprehensive patient ID solution, as Resolute moves to stand up its private health information exchange and integrate with state HIEs in Texas and share patient information with competing hospitals.

Providers are just beginning to explore biometric methods of identification. "One system that has been presented by Cerner is a palm vein scan, where the patient actually can go and do a self-registration," Hota says. Cook County H&HS hopes to begin pilot testing of such a system soon, he says.

Just notes that there is, as yet, no silver bullet, no one-size-fits-all solution for the patient ID matching problem.

"If you can't uniquely identify your patients within whatever data you're analyzing, you're going to misread and therefore make executive decisions that are not spot-on," Just says. "And you make some big strategic mistakes because of that."

Reprint HLR0613-6

This article appears in the June issue of HealthLeaders magazine.