Blog

Search Our Site

May 10

The Tale of a Patient - or Two?

May 11, 2017 / by Catherine Schulten

Exploring the difference between patient data matching and patient identity.

Registration details for the same individual often have slight variances between systems. Depending on the data that was collected, the timing of the collection, and other factors, such as human error, the ability to match records across a health care organization can be difficult to achieve. Patient data matching involves comparing a set of individual attributes to determine if two or more records indicate they belong to the same patient. In other words: the more attributes or data points that are the same, the more likely the records belong to the same patient.

Consider this sample record comparison (use case 1):



While not every data point is an absolute match, we can determine that it is very likely (with a high degree of confidence) that the two records being compared belong to the same individual.

Now, consider this sample record comparison (use case 2):



In this record comparison, only date of birth (DOB) and Sex are an absolute match and First Name is a close match; all the other fields are different.

Is it possible that Record C and D belong to the same individual? Hard to tell simply based on the details listed here. This is patient matching.

Algorithms, such as probabilistic matching which leaves potential for a false positive or a false negative outcome, combined with “fuzzy logic”, like possible nicknames, enable a system to calculate how likely record C and D belong to the same patient. Even with strong patient matching methods, records C and D may have been labeled as two separate patients because they were not a probable match.

Let’s look at how the patient identity concept would have resolved use case 2 from the get go. A recommended first step in patient identity process is known as “Identity Proofing”.

Imagine when Jessica first arrived at hospital C and she was asked to supply a valid drivers’ license to aid in the confirmation of her identity. In this case, her drivers’ license displays her legal name is “MYRTLE JESSICA JENKINS” and the address listed is listed as “475 Millers Way”.



Then, hospital C runs an automatic verification via 3rd party source to check Myrtle’s details. It is learned that her current address is “12908 West Broad Street, Unit 3”, the “89 Elm Street” address as seen in her record is a PO Box, and the “475 Millers Way” address on her drivers’ license is where she lived several years ago and hadn’t had the chance to update her record at the DMV.

If these steps are performed by hospital C, the registration experience at hospital D will result in a more accurate understanding of Myrtle’s demographic details.



A recommended second step to the patient identity concept is authentication.

Now imagine that hospital C provides Myrtle with a strong authentication token to use within its healthcare enterprise each time she visits one of the HCO’s facilities. An example of a token might be a fingerprint biometric which is linked to her record at hospital C.

Myrtle’s next visit is at facility D and she uses her fingerprint biometric to check in for her visit. This process confirms her identity and her record details that were originally established at hospital C can be made available to facility D. This would allow facility D to insert those same, verified details into its health IT system or chose to independently verify beforehand. In this scenario, facility D’s standard operating procedure is to independently verify all demographic details even when they come from another facility within their enterprise. Upon verification, they learn that Myrtle got married and changed her last name to “Longstreet” and moved to a new home since her last visit to hospital C.



Now Myrtle’s singular identity that is known and her fingerprint biometric is affiliated with two different medical record numbers at different organizations.

And because the verified attributes in system C and D have been proofed, the manual record search is comprised of reliable details. With the patient identity concept, the EMPI that disambiguates identities within the enterprise knows with a higher degree of confidence that Myrtle Longstreet and Myrtle Jenkins are the same person.

Patient data matching and the patient identity concepts are complimentary, yet different. The combination of methods would produce a single, correct match every time.




Catherine Schulten About the Author

Catherine Schulten is VP of Product Management at LifeMed ID where she is responsible for orchestrating product roadmap initiatives and ensuring that LifeMed ID’s solution offering meets industry user needs. Catherine has over 25 years of health information technology experience addressing industry challenges from revenue cycle, HIPAA transactions, fraud, waste and abuse, and patient identity management. She has served as a WEDI board member and has co-chaired several WEDI workgroups.
Mar 10

The Role of Accurate Patient Identity in Continuity of Care

March 9, 2017 / by Catherine Schulten

Continuity of care is a critical component of a patient-centric care model. In order to be highly functional, this system must include a national patient identity system that works for all individuals and that relies on existing standards and best practices (FICAM, NIST, NSTIC) without the heavy overhead and expense inherent in burdensome federal regulations.

When healthcare networks aren’t communicating with one another how can we expect quality, cost-effective care?

Achieving continuity of care will require not only the collaboration of physicians, but will also require the “de-fragmentizing” of our Healthcare IT systems. Disparate HIT systems, specifically EHRs, need to establish a common foundation upon which they can effectively and accurately communicate PHI/PII between, and within, care networks.

Accurate patient identity proofing coupled with patient matching is essential

Multiple obstacles exist that prevent us from implementing an unhindered patient identity management structure. Prominent challenges include existing low-tech manual patient registration activities which contributes to the creation of dirty data (including keystroke errors, misspellings and the unintended creation of duplicate/overlay records). The presence of dirty data within the record is a patient safety risk, a clinical dis-satisfier, and an administrative nightmare at all care locations – large and small. Another challenge is that each EHR may know the patient by different internal enumerators, including account numbers and medical record numbers – each enumerator varies between facilities and systems. Additionally, a patient’s demographic details vary and aren’t dependable, including name spelling, the use of nick names, outdated vs. current addresses, accidental data transpositions and other errors.

All of these are overriding elements that obstruct the progression of value-based care by causing absolute matching to be a challenge across healthcare facilities and systems. The result is that physicians don’t have access to PHI needed at the point of care due to systems not being able to reliably match the patient’s identity from one system to the next. Even when physicians gain access to MRNs from other locations, there’s no guarantee the referenceable patient information is 100% correct or historically complete.

Reducing fragmentation and increasing data accuracy is the first step

Continuity of care can be achieved through a trusted patient identity system that allows health care organizations to know their patients as a “whole”. Patient identity assurance and interoperability is achieved via multi-factor authentication – the design that confirms the patient’s claimed identity by utilizing at least two different identity factors (something you have, something you know, something you are). Patient tokenization serves as the “1 patient, 1 record” or “1 patient, all correct records” concept. In this environment, the patient-physician relationship is better established due to the access of data via the token, supporting the quality of care provided.

In addition, physician PHI communication, or sharing, has a better platform to run on. Rather than relying on rules-based search and matching of a patient within the local EHR or depending on the HIE to discern matching probabilities, the patient’s token and trusted identity system becomes the deterministic “source of truth” for all locations.

Accurate patient identity is absolutely essential when exchanging patient information. Without high assurance that a patient is, in fact, who they claim to be and the medical records linked to that patient are correct, the patient’s token is no longer reliable. Federal regulations do not mandate strong patient identity proofing today, but other regulating bodies including the ONC, NSTIC, FICAM and others have elaborated on the importance of setting a strong identity foundation for exchange in the digital evolution.

Rethink what “accurate patient identification” does for continuity of care

Continuity of care is successful upon two key elements; a continuous relationship between health care organizations and their patients, and the seamlessness of care provided across the network. We set out to improve the patient experience, and we want to provide the infrastructure for predictive and thoughtful care to increase positive outcomes of our patients. We must improve identity management in healthcare to make these aspirations an actuality.

For those interested in more information, I encourage you to read the Accurate Patient Identity white paper that describes how patient identity serves as the basis for health information exchange, continuity of care and patient safety.




Catherine Schulten About the Author

Catherine Schulten is VP of Product Management at LifeMed ID where she is responsible for orchestrating product roadmap initiatives and ensuring that LifeMed ID’s solution offering meets industry user needs. Catherine has over 25 years of health information technology experience addressing industry challenges from revenue cycle, HIPAA transactions, fraud, waste and abuse, and patient identity management. She has served as a WEDI board member and has co-chaired several WEDI workgroups.
Oct 6

Methods of Enhancing Patient Matching Processes

October 6, 2016 / by Catherine Schulten

In early September, the Interoperability Task Force (IXTF) in conjunction with HITPC and HITSC (Health IT Standards and Policy Committees) sent Dr. Washington (the new National Coordinator for Health Information Technology) a letter describing their charter and recommendations. Not surprisingly the #1 priority need identified from this group was the ability to identify patient's nationwide.

The Task Force held several meetings and subgroup calls that identified 8 distinct priority needs across the 5 use cases detailed in Appendix B:
  • Ability to identify patients nationwide
  • Ability to locate relevant patient records
  • Ability to locate and identify providers
  • Ability to access and interpret consents/authorizations
  • Ability to exchange health information
  • Ability to encode data that is syntactically and semantically interoperable
  • Ability to effectively utilize health information
  • Governance


Appendix B describes identifying patients as consisting of the following elements:
  • Capture standardized demographics for patients
  • Patient matching algorithm
  • Show how to communicate with patients
  • Ability to exchange health information
  • Show proxy relationships and how to communicate with them
  • Show authenticated devices and how to communicate with them


And while the IXTF brought this important topic to light, once again we observe that the mechanisms by which to achieve this goal remain stuck in legacy thinking: a national agreement on demographic attributes and matching logic by which to establish patient matching.

It has been noted by the Sequoia Project that a match rate of 95% to 98% may be the upward limit of accuracy that any healthcare organization can hope to achieve. Once this match rate was identified, a cross-organizational maturity model involving data governance, data cleaning/normalization and supplemental identifiers (just to name a few) were included in the design.

If the best we can hope to achieve is 98% matching accuracy and 2% of the records continue to be mismatched, overlaid or otherwise discounted during a search and match attempt, then it’s time that the industry look at another way to solve this challenge.

We’ve seen that the industry is anticipating a solution that will solve the patient identity challenge once and for all:
  • The CHIME Challenge seeks to “ensure 100% accuracy of every patient’s health info to reduce preventable medical errors and eliminate unnecessary hospital costs/resources”
  • The Sequoia Project in collaboration with the Care Connectivity Consortium drafted a Framework for Cross-Organizational Patient Identity Matching wherein they state “Without a national patient ID system, we must focus on optimizing the current patient matching strategies.”


In order to achieve 100% matching accuracy, the current patient matching approach consisting of additional PII attributes, exhaustive attention to data quality and governance and world class matching algorithms won’t get the healthcare industry there. The only way to achieve this is through the use of what is known as a deterministic match. In other words, a 1:1 match with no chance for a false positive or false negative. Fortunately, this type of design has been in place for years.

As an example, consider your ATM and PIN code. You can withdraw cash from any ATM machine across the U.S. and even globally with a card that was issued by your bank and a PIN code that you personally established. When using your card, the funds are withdrawn directly from your account. There aren’t instances where funds are drawn from an account from someone who has a name similar to yours or who has a checking account that is 1 or 2 digits off from yours. The combination of the card and PIN results in only one match.




Catherine Schulten

About the Author

Catherine Schulten is VP of Product Management at LifeMed ID where she is responsible for orchestrating product roadmap initiatives and ensuring that LifeMed ID’s solution offering meets industry user needs. Catherine has over 25 years of health information technology experience addressing industry challenges from revenue cycle, HIPAA transactions, fraud, waste and abuse, and patient identity management. She has served as a WEDI board member and has co-chaired several WEDI workgroups.
Sep 28

ONC Publishes Nationwide Interoperability Roadmap

September 28, 2016 / by Catherine Schulten

The Office of the National Coordinator (ONC) published a nationwide interoperability roadmap that contains milestones, calls to action and commitments that healthcare organizations should be adopting in order to advance verifiable identity and authentication of all participants.

From today and into 2017, organizations should be focusing on improvements around how they send, receive, find and use priority data domains to improve health care quality. The objective states that 65% of Healthcare Organizations (HCOs) must permit patient access to patient portals via username and password plus KBA or emerging technologies in lieu of passwords to reduce vulnerabilities in identity theft.

Between 2018 and 2020, at least 50% of HCOs should have implemented identity proofing and developed authentication best practices. By 2024 90% of all HCOs need to be able to support the creation of accounts for caregivers, proxies and personal representatives.

The ONC's Roadmap specifically references National Strategy for Trusted Identities in Cyberspace (NSTIC) as a public-private collaborative whose overarching goal is the elimination of passwords because as they state “‘usernames and passwords are broken; most people have 25 different passwords, or use the same one over and over, ‘creating system vulnerabilities and increasing identity theft.”

These requirements are addressed through identity proofing, best practice authentication, and the replacement of a username/password paradigm with a multi-factor identity design that involves any one of a number of identity token modalities from card based to biometric to mobile.

Multi-factor authentication replaces the common and easy-to-hack username/password design with one that is easy for the patient to apply and is affordable for the HCO to implement and manage. The use of the patient’s own mobile phone running a secure mobile application allows the patient to assert their identity both in person or online without ever having to exchange a single piece o Personally Identifiable Information (PII). The 2nd factor in the form of a biometric or PIN code confirms the identity of the individual.

Identity proofing and authentication best practices requires that the HCO know who the individual is. This is accomplished today through the use of a NIST LOA3 design that allows the registration clerk to accurately and rapidly confirm the individual’s identity, address and identity documents (such as their driver’s license).

Healthcare delegates or proxies serve a crucial role in the care for their family members and ensuring that properly identified caregivers have the right to view, download and transmit the electronic information about the patient in their care is necessary to support patient privacy while promoting ease of data access when it is appropriate.

Fortunately, one need not wait until 2017 to begin addressing these milestones because solutions exist today.




Catherine Schulten

About the Author

Catherine Schulten is VP of Product Management at LifeMed ID where she is responsible for orchestrating product roadmap initiatives and ensuring that LifeMed ID’s solution offering meets industry user needs. Catherine has over 25 years of health information technology experience addressing industry challenges from revenue cycle, HIPAA transactions, fraud, waste and abuse, and patient identity management. She has served as a WEDI board member and has co-chaired several WEDI workgroups.