Each of us takes for granted that, when we attend a healthcare facility, providers are looking at our medical record, our complete medical record and only our medical record. We may be surprised to know that misidentification in healthcare occurs more often than we may think.
The most common error leads to the creation of multiple disconnected records for a single patient. In this circumstance, providers subsequently see an incomplete record that may be missing critical information.
Worse still, thankfully rare, is when misidentification leads to one patient's records being overlaid with another patient. Clearly, this can lead to very serious treatment issues.
Interoperability of healthcare information has the potential to improve outcomes and reduce cost. However, interoperability will not succeed without 100% accurately matching patient to their various health records.
Interoperability will also fail if we cannot honor the privacy wishes of each patient. Healthcare information represents some of the most personal and private data concerning each one of us.
1. Inaccurately matching records to patients
Currently, healthcare information systems typically identify patients with a combination of local identifiers (e.g. Medical Record Number) and Person Identifiable Information (PII) that might include name, address and birhtdate. If you are Tim Smith the systems might have a dozen “Tim Smiths” in various databases; perhaps some with the same birthdate. Information like address can be out-of date or entered incorrectly.
Collecting more PII is good but data entry errors often go undetected. It is difficult to obtain accurate quantification of the problem but the literature indicates error rates of at least 5% and there are many reports of 10% or higher.
As healthcare evolves to exchange clinical information across larger and larger domains - cities, states, and eventually the entire nation - identity errors become more and more frequent. An increasingly large number of healthcare organizations are involved. There are more systems to interface; with dissimilar policies, different sets of identifying data, different technologies, etc. Furthermore, identification needs to occur across larger and larger patient populations. The chance that someone else has identifying information similar to yours - what we call your biographic profile - increases the more people there are.
2. Privacy is diminished
All the information that health systems collect about you (for a good reason) can make it difficult to manage your privacy. Firstly, the information indicates who you are and, secondly, it is subsequently attached to your medical information, i.e. some of the most private information about you that exists. When the medical system wants to order a test about you, they use part of your biographic profile. When they want to report a result, they use part of your biographic profile. When they want to submit a bill… you guessed it.
Remember, all of this use of your private data is with the best of intent. You wouldn’t want your lab result to end up in someone else’s medical chart. Nor would you want to be billed for someone else’s medical procedure. But all that information sharing puts your privacy at risk. Large parts of your biographic profile are being attached to parts of your sensitive medical information and being transmitted electronically to a variety of locations that are outside of your control. “You,” or at least enough about you to identify you, are being sent to various medical facilities, being seen by their personnel, and being stored in their databases. Is it any surprise that medical identity theft is one of the fastest growing crimes in America?
 2013 Survey on Medical Identity Theft, Ponemon Institute, Sept. 2013, http://medidfraud.org/2013-survey-on-medical-identity-theft/