Why does patient identity management matter in healthcare?
Problems with identity management in healthcare organisations have yet to be solved completely. Today, sharing data across integrated health systems must be achieved by merging identities, despite them not being managed the same way in every healthcare organisation. Would using a centralised patient identity server be the solution?
Since healthcare organisations started using IT systems – over 35 years ago according to some reports – patient identity management has always been a real challenge.
Duplicates are the main risk to identity management
To provide the right standard of patient care, the right diagnoses and treatments must be given to the right people. Nevertheless, a survey carried out in 2014 by the Regional Healthcare Facility Identity-Vigilance Group (GRIVES) on regional data in Provence-Alpes-Côte d’Azur (France) shows that 0.76% of the patients from healthcare organisations which took part in the survey were screened for duplicate patient records and that 0.79% of patient intake records created them. Supervisory authorities have long since undertaken a widespread operation to make hospital workers aware of this problem and the High Healthcare Authority (Haute Autorité de Santé) has made identity management a high priority as part of the V2010 of the healthcare organisation certification procedure.
Handling every determining factor of people’s identities
Identity management is about dealing with every determining factor which may cause mistakes or inconsistencies. First of all, there are what are known as ‘strict characteristics’ i.e. patients’ full name, sex, date and place of birth, and ‘extended characteristics’ which can change over time – such as name changes after marriages or divorces. This is especially true for foreign nationals who initially have no known patient identification. Permanent patient login details for each healthcare organisation and directory identification numbers are also a current issue. Lastly, complementary characteristics cover any other information that could identify individuals.
Healthcare identity-vigilance as seen by the healthcare organisation
Since an integrated health system was set up, different login details – copies of local identities (IPPs in France) – have had to be unified as part of healthcare data sharing in the local region.
Those responsible for identity management and administrative managers must find a solution to merge patient identities from different healthcare organisations. That is why centralised patient identity server solutions, or enterprise master patient indexes (EMPI) are now being implemented to merge identities used in healthcare within the same region. As such, any structure which produces medical information must technically transfer identities to healthcare organisation’s shared identity server so the information can be automatically merged. Whenever an identity is created, the server makes a comparison between it and a known identity based on different algorithms, according to strict, secondary or complementary characteristics. If there is still any doubt, adjustments can then be made manually. The server also manages alerts as well as all the created identities’ workflow.
Even if technology will not be able to remove human intervention entirely, it can certainly speed up implementing an effective identity management strategy.