The Trusted Guide to Marketing Thought Leadership

Blog Posts
Apple Drinks Google's Milkshake
Revenue Performance Staff
7 Reasons You Need To Be In China
Revenue Performance Staff
Google CPCs Drop As Facebook's Rise 28%
Chris Trayhorn
Nobody Even Sees 50% Of Your Media Buy
Chris Trayhorn

EHR Identity Management: A Proposal for the U.S.

mThink Knowledge's picture

mThink Knowledge - Posted on 13 November 2005

Printer-friendly versionSend to friend
Authored by: 
John Quinn;
PDF File: 
pdf/pdf iconHCT3_wp_quinn2.pdf
Accenture
In the United States, reliably matching EHRs with patients encompasses complex and far-rangingtechnical and social issues.

With potentially over 300 million individuals and electronic health records (EHRs) accessible through a national health information network, the importance of “identity management” cannot be overstated. Identity management of an EHR involves a technology-assisted process that ensures a positive match between the elements of an electronic record that may be gathered from multiple source locations and the patient being treated. Correct identification is important with any computer-assisted process — from electronic banking to making a restaurant reservation — but with a patient’s safety at stake, it takes on special importance.

If a physician or any caregiver receives the wrong health record content for a particular patient, the probability that significant harm may be done to that patient increases dramatically. For example, incorrect information about a patient’s current medications and known allergies could lead to mistreatment resulting in a fatal drug-drug interaction or allergic reaction in the patient. This problem is compounded if the patient is unconscious at the time or otherwise unable to communicate.

Reducing the risk and occurrence of medication errors and adverse drug events, and thereby lowering the number of avoidable deaths, injuries and disabilities, is one of the key reasons for moving the U.S. toward an EHR system. Our approach to portable EHRs must strengthen this measure of safety, rather than add another risk.

Social and Political Factors

Before we evaluate the technical aspects of identity management, consider the current social and political factors that complicate patient identity management in the United States.

Attaching government identification or general numeric identifiers to individual citizens is politically sensitive. Though public resistance to creating a national person identifier may — in this case — be contradictory to its best interest, previous attempts have met strong resistance. For example, Congress swiftly, effectively repealed the HIPAA person identifier shortly after it was passed into law and publicity in the press brought it to the public’s attention. Further, even though the Social Security number (SSN) — or a modification to the current SSN — could function as such an identifier, the laws that created the Social Security Act and various laws modifying the original act restrict its use for any but very narrowly defined uses. Even if restrictions were removed and funding was provided for a national database, studies have shown that the current SSN structure is inadequate for the job of a national healthcare identifier.

Another curious American phenomenon is the small subset of the population that — for various reasons such as personal desire, mental illness (e.g., paranoia), criminal records and illegal immigration status — consistently resists accurate identification. This opting out of the system becomes a serious problem when an individual deliberately ties his or her identity to another unsuspecting person (identity theft) and consequently intermixes two different medical records.

Issues at the IDN Level

In an integrated delivery network (IDN), the networkwide or enterprise patient identifier unites the patient’s clinical and administrative information across the IDN (hospitals, primary care physician, specialists, ambulatory care centers, etc.) in a dynamic and ongoing exchange to provide information to the patient’s caregivers and healthcare to the patient.

Correctly implementing identity management — identifying the patients and connecting them to their medical information — is a prerequisite to using the information in any medical record. This process is similar to accessing a bank account with the right account number, but is fraught with additional concerns about a single medical identification number and a patient’s history that may span many legacy identifiers when the information is sourced from multiple information systems that were established over a long period of time.

Managing the legacy identifiers in these multiple information systems is a key capability of any identity management system. Using an IDN enterprisewide identifier to manage multiple legacy identifiers is a key part of any IDN identity management program. Each individual may already have dozens of different legacy identifiers that may include: SSN, driver’s license, individual hospital account and medical record numbers, lab system identifiers, pharmacy system identifiers, etc. — and the numbers keep growing. During the patient entry process (scheduling, registration, admission, etc.), a patient’s identity is often confirmed with a selection of possible identifiers or key information (name, address, date of birth, etc.) that may or may not result in a unique match of identification.

Further challenges remain for the hospital’s medical records department. Mismatched identifiers must be subsequently untangled by merging or unmerging records and by creating or deleting links among databases. In all these areas, there is little or no room for error, because incorrectly identifying patients could invite catastrophic outcomes.

Using EMPI to Manage Identity

The real challenge in identity management is integrating the numerous data sources — each one holding important patient information — and unifying disparate information silos into a single virtual record system through the dynamic and intelligent matching and linking of related patient records. This all needs to be done without overwhelming IT staff, users or hospital budgets.

In addition, the emergence of IDNs during the 1990s across the U.S. created a new set of technical challenges.Multiple hospitals were effectively merged into one network with their IT systems and medical records departments intact. These mergers usually happened without a specific IT plan (or funding) for enabling a conversion of the IT systems or a comprehensive merge of the medical records.

All this led to the creation of a new hierarchy to solve these problems: the enterprise master person index (EMPI). The EMPI evolved out of the previous hospital master patient index and represents the latest technology to manage medical records. An EMPI is the basis for a unique person identifier as a crossreference across all systems, data records and applications throughout the healthcare information network. It plays a central role in the identification process from the moment of a patient’s entry into the IDN, where a new enterprisewide ID — or a link to an existing identifier (or identifiers) — may be created. Integrating the EMPI in this phase is necessary to access and assimilate information from numerous data sources by managing new or legacy identifiers.

The EMPI can be a stand-alone system (unique to a hospital/caregiver’s database) or part of a major clinical records system. How an EMPI is implemented by the IDN is usually determined by the system’s architecture and its acquisition history within the organization. In any case, an overarching EMPI that embraces all systems is necessary to manage the multitude of patient identifiers within the environment.

The operational real-time integration between systems is a less evident use of the EMPI. Here the EMPI ensures that a substitute legacy local identifier appropriate for the receiving system is used for messages sent to a system incapable of using the newer IDN identifier.

Most importantly, in addition to this internal IT management of identifiers between systems, patient identification starts during the patient’s entry into the IDN — typically when a patient is scheduled or registers for a visit. Typically, there are two process approaches to establishing identity — passive and active:

  • Passive: Look up, match and gather information relating a patient’s identity to an existing ID — or create a new one — after the initial encounter is completed; generally an automated process (see Figure 1).

  • Active: Identity is matched immediately during the initial encounter; applies the EMPI rules and expertise while the patient is interacting with an IDN employee. However, this technical integration that gets information to the user right away by integrating the EMPI into the workflow is usually technically problematic (see Figure 2).

In all cases, the medical records department has the final job of manually sorting out the known or suspected identification problems and “gray area” matches.

RxHub: An EMPI Example

An example of a large healthcare network across a very large population using EMPI numbers is the electronic prescription benefits exchange service, RxHub. Connecting physicians, patients, pharmacies and pharmacy benefit managers (PBMs)/payers, the RxHub exchange routes patient medication history and health benefit information between PBMs and physicians.

The exchange streamlines e-prescribing and smooths pharmacy claims adjudications for eventually up to 150 million covered members. In order to better manage this huge number of records, RxHub has implemented an EMPI based on Initiate System’s Identity EMPI product.

However, RxHub’s simplified EMPI application has an intrinsic simplification over the problem of matching medical records. If a patient does not have a benefit plan number that matches the information from the benefit plans, the request is simply rejected. This is an inconvenience, as it requires the patient spend time on the phone with the benefit plan to fix the problem.

At RxHub, errors do not in general create a patient safety problem, but are a payment inconvenience that can be straightened out later. The process does not support an immediate decision such as those faced by physicians in an emergency room. All of these problems are amplified at the regional and national level where it is not clear what service will exist that is similar to an IDN’s medical records department.

ID Is Key to Privacy

It’s impossible to achieve positive and consistent patient identification without also considering the counterbalancing issues of privacy. As a medical record follows a patient, identity issues become synonymous with privacy issues.

For various (HIPAA-associated) reasons, privacy policies associated with the source clinical information systems may complicate or preclude distribution of medical records through a portable EHR. This is an area where policy and legal change is probably necessary. Currently HIPAA allows state privacy rules that are more stringent to preempt national HIPAA requirements. At a minimum, mechanisms need to be created to coordinate a patient’s specific privacy requirements and possible state requirements that might not normally apply where the EHR information is being used.

Summary

Improving patient safety — reducing medication errors and adverse drug events — is the key driver in a move to an EHR system with a reliable identity management capability. In addition to the formidable technical challenges of identity management, social and political factors in the U.S. (e.g., aversion to a national ID number system) complicate an identity management solution. The recent emergence of IDNs and the related technical complexity of maintaining identity management capabilities across numerous information systems led to the creation of the EMPI. Used as a stand-alone system or part of a participating IDN, the EMPI points the way to an EHR system featuring comprehensive identity management capabilities.With up to 150 million records, the RxHub electronic prescription exchange service is a good example of a very large healthcare network on the scale of at least one-half of a fully deployed national health information network that is using an EMPI today.

The obvious and most elegant solution to the identity management challenge in the U.S. would be a national identifier, similar to the one in use for almost 60 years in the U.K. However, because of the particular social and political factors in the U.S., we see an EMPI-based process as the most practical path. In addition, federal and state privacy policies should be coordinated to avoid further technical and practical hurdles for EHR implementation.

About the Author
Title: 
Chief Technology Officer, Provider, Health & Life Sciences
Accenture
John Quinn is chief technology officer in Accenture’s Provider, Health & Life Sciencespractice focusing on emerging healthcare information systems technologies. He has over 29 and 32 years’ experience in the healthcare andcomputer industries, respectively. He has participated on the HL7 board of directors since its inception 18 years ago and has served as the chairof its technical steering committee for the last 14 years.
  • "share
..

Top Stories
SCAMWORLD: Huge Beatdown Of Internet Marketing "Gurus"
Chris Trayhorn
Former Epic Execs: Leaving A Sinking Ship?
Revenue Performance Staff
TradeDoubler Financials: "Especially Bleak"
Chris Trayhorn
The Future Is Local?
Chris Trayhorn
AdWords For Video Is Finally Here
Chris Trayhorn
Travel Vertical Heats Up For Summer
Revenue Performance Staff
Performance Marketing Technology Allows Brands To Track Social Media To Point-Of-Sale
Revenue Performance Staff
Performance Marketing State of the Union
Peter Klein
Motivating Affiliates “From Within”
Evgenii Prussakov
Technology Gives Performance Marketers the Edge
Rob Durkin

Thought Leadership

Perform: Marketing 2.0
Midmarket Strategies
Healthcare Technology
ASCET: Supply Chain
The CFO Project
The CRM Project
The Energy and Utilities Project

Sponsors