Big Brother Versus the Integrity of Healthcare Data

In my previous article, we discussed the issues surrounding the National Provider Identifier (NPI) and the Health Plan Identifier (HPID). The NPI has been successfully implemented, the HPID is delayed indefinitely. The last required identifier remaining to be implemented from the original HIPAA legislation is the National Patient Identifier (also NPI) sometimes referred to as Master Patient Index (MPI). The intent of this code set is to create and assign a unique ID to every patient who receives healthcare in the United States.

This code set is intended to address the “holy grail” of healthcare IT, the ability to relate patient data for an individual collected by different entities and for different encounters into a single integrated medical record. The benefits of this achievement seem fairly obvious. Clinical data could be shared and updated by all providers interacting with a patient. The quality of care would improve and medical mistakes would be reduced.

master patient index

Most organizations maintain some sort of Master Patient Index (MPI) that is designed to create a list of all patients who have received services within the scope of the provider healthcare IT system. This index is then used to link current and previous encounter data for a patient together into a complete medical record for clinical and financial purposes.

When patients enter the closed system of the provider healthcare IT network, whether it is a large provider network or a private practice, an individual is given the task of determining if the patient has already had data collected within this organization from a previous encounter or if this is the first encounter recorded in the system. The success rate of this process varies widely from organization to organization. It is difficult to measure the accuracy of this task, especially when records are mismatched or connected even though they do not represent the same individual.

It is a little easier to identify duplicate records. This occurs when a new MPI record is created even though a record already exists for a specific patient. There are proven mathematical processes and statistical procedures designed to detect duplicate records. When these are applied to the typical MPI, the results are not encouraging. A study conducted by BMC Medical Informatics took 300,000 records that supposedly represented distinct and unique records and found that 24,000 of these records had duplicate entries and 3,000 had three or more records for the same individual.

These errors occur for two basic reasons, inaccurate data entry of the key fields used for record matching and inaccurate procedures for matching these records.

Error rates improve within a closed system where specific procedures can be implemented and monitored. This report by ONC studied the issue and includes some quality recommendations. It notes that Kaiser Permanente, which has 17 instances of the same Epic system across the regions they service, has a reported match rate of greater than 90% within each instance. This rate fell to around 50% or 60% when sharing data between these systems or with outside Epic systems.

Each individual has three data elements that are regularly used in conjunction with each other to identify them as unique individuals in a healthcare database, name, social security number (SSN) and date of birth (DOB). When this data is collected, the organization checks to see if it is already present in their database. If so, the new encounter data is connected to previous data by linking it to the existing MPI record. If not, a new MPI record is created and the encounter is considered to be the beginning of the medical history for that patient in the closed system.

There are fundamental problems with each of these data elements that make this process difficult even in a closed system and nearly impossible to support when sharing this data among different systems. Anomalies in names caused by misspellings, abbreviations, nicknames and suffixes can all lead to new unique records. Hyphens, spaces and even capitalization and roman numerals (Thurston Howell III) can easily confuse this process. When used to search the existing MPI, if a record is not found, a new one is created causing previous medical history to be disconnected from the new history, creating two virtual patients where only one exists.

Many institutions try to refine the name matching with two other fields, the SSN and DOB. However, they both have problems as well. The DOB can be absent or incorrect and is difficult to verify. The SSN is not available for newborns, or any other resident or visitor to the USA that has not applied for and received this ID. People are much more reluctant now to provide their SSN since it can be used to access data in other systems. None of these values can be verified electronically as they are entered by any supporting system. They can be misread and mistyped. Some organizations even go so far as to attempt to collect additional information like previous names, addresses other data in an attempt to improve their results.

Without a way to reliably link medical history inside a closed system, it is impossible to ever link this data nationally. This problem will get much worse as the data exchanges from the ACA legislation grow and patients expect to have their medical history follow them as they move from one provider organization to another and one health plan to another. The benefit of a permanent and accurate electronic medical history for everyone is obvious. It would benefit all aspects of healthcare IT. Physicians would finally be able to consult complete medical histories on each patient including all previous lab tests, physician notes and even family medical history.

Another potential benefit of improving this process is the reduction of medical mistakes. Medical mistakes are the third leading cause of death after heart disease and cancer.

Each year over 400,000 people die in hospitals due to medical mistakes. That is over 1000 a day. Many more experience the detrimental effects of these errors that will negatively change their lives forever. Many of these mistakes can be linked to the misidentification of the patient or the missing or inaccurate medical information caused by the inability to verify and match patients to their clinical information. Given all the benefits that could be achieved through improving this process, why have we not implemented the Unique Patient Identifier?

The values and benefits that I have described for this code set are also what is preventing its implementation. The ability for an organization to link all data for an individual from multiple sources into a combined computerized history is what many people fear. Although most would agree that it is beneficial in the healthcare arena, what would prevent these codes from being used to collect other data as well? The unique identifier, if it existed, could be used to make all other data collection equally efficient. Systems that collect our phone records, tax records, computer usage, banking information and other data could be linked together. Who would control this information and how would it be used? We have all experienced the erosion of our privacy through the increasing efficiency of computer systems to collect data on us as we use IT services. Data is being collected at all times be it from credit card purchases, social media services to normal web browsing activities. Some of this is voluntary and beneficial while some is not and at times collected without user consent.

Ever since the National Patient Identifier was introduced in the original HIPAA legislation, it has been attacked by privacy advocates that fear that it will be used to link data collected by the government and by commercial entities to examine our most personal habits and tendencies. The leaks from Edward Snowden that unveiled the existing efforts of the government to examine and link metadata have reignited this debate.

Since the beginning of HIPAA, congress has prevented HHS from spending any money on developing standards for the development of this identifier. Each year since then, when the annual appropriations bill is passed, this ban has been extended. Without the funding of this research, it will never be known if a system can be implemented that is limited only to healthcare, how these codes will be assigned and maintained or any other issues or solutions to this mounting problem. Like many other issues before congress, it is unlikely to be addressed until the problem reaches a critical level. In my mind, this will happen a few years from now when healthcare exchanges become more mature and the industry can no longer afford to operate them independent of each other with no ability to reliably share patient data.

-By Kalon Mitchell, President – MEDTranDirect