A Framework for Cross-Organizational Patient Identity Management

*REVISED 2018*

The healthcare industry is making significant progress on technical interoperability, but we continue to fall short of the promise of true health information exchange. Until we can consistently send and receive accurate and useful patient data nationwide, we will fail to realize the documented benefits of well-executed health information exchanges: improvements in clinical decision making and patient safety, business process improvement, and support for value based payment.  Among the remaining challenges to successful nationwide exchange is patient matching across organizational boundaries.

A Framework for Cross-Organizational Patient Identity ManagementThe inability to consistently and accurately match patient data creates a number of problems for physicians and other health care providers.  Providers may have an incomplete view of a patient’s medical history, care may not be well coordinated, patient records may be overlaid, unnecessary testing or improper treatment may be ordered, and patient confidence may be damaged or diminished.

In addition, providers may experience a number of clinical workflow inefficiencies that are costly. Those include prolonged troubleshooting to find the correct patient record, a reversion to manual telephone and fax information exchange workflows, waiting for a duplicate lab test order, or a manual effort to fix a patient record match.

To address these critical patient matching and identity management issues, The Sequoia Project, in collaboration with the Care Connectivity Consortium (CCC), has developed a framework for future growth and improvement that will shed light on several key topics:

  • A case study illustrating one organization’s inter-organizational patient matching journey from a 10% success rate to a greater than 95% success rate and what we can learn from their experiences;
  • A patient matching maturity model designed to help organizations assess their current state and provide a roadmap towards methodically improving; and
  • A list of minimally acceptable patient matching practices for CIOs, CTOs and other technology leaders to adopt, if they haven’t already, and implement. This list establishes a “floor” in terms of matching patients across organizational boundaries.

Download the Framework for Cross-Organizational Patient Identity Matching

2018 Updates to Patient Matching Framework

Following publication of the proposed framework, The Sequoia Project convened a Patient Identity Management Workgroup, inviting members and non-members. Comprised of industry and government experts, the workgroup was charged with dispositioning public comments to develop final recommendations for improved patient identity management in a freely-usable resource for the industry.  Over time, it is the intent of The Sequoia Project that this document is periodically updated to capture and advance cross-organizational patient matching innovations.
Patient Identity Management Work Group Members: (* Denotes co-chair)
  • Jamie Bennett, Healthcare Systems Specialist, JP Systems Inc., Veterans’ Health Administration
  • Ryan Bramble*, Senior Director of Technology, Chesapeake Regional Information System for our Patients (CRISP)
  • Karon Casey, IT Manager, Coastal Connect Health Information Exchange
  • Adam Culbertson, Innovator in Residence, HIMSS
  • John T. Donnelly, President, IntePro Solutions Inc.
  • Zachary Gillen*, Senior Director, Care Delivery Technology Services, Kaiser Permanente IT
  • Eric Heflin, Chief Information Officer /Chief Technology Officer, The Sequoia Project
  • Al Jackson, Vice President of Information Management & System Performance, Surescripts LLC
  • Lesley Kadlec, MA, RHIA, CHDA, Director, Practice Excellence, American Health Information Management Association (AHIMA)
  • Katherine Lusk, MHSM, RHIA, FAHIMA, Chief Health Information Management and Exchange Officer, Children’s Health (Dallas, Texas)
  • Rebecca Madison*, Executive Director, Alaska eHealth Network
  • Shelley Mannino-Marosi, Senior Director, Program Management, Michigan Health Information Network Shared Services
  • Greg Mears, MD Medical Director, ZOLL
  • Wendi Melgoza, RHIA, CPHI HIM Data Quality Manager, Sutter Health Shared Services
  • Ben Moscovitch Manager, Health Information Technology, The Pew Charitable Trusts
  • Marty Prahl, Health IT Consultant, Social Security Administration
  • Catherine Procknow, Software Developer, Epic
  • Carmen Smiley, IT Specialist (Health System Analysis), Office of Standards & Technology HHS Office of the National Coordinator for Health Information Technology
Contributing Authors of A Framework for Cross-Organizational Patient Identity Matching: (* Denotes co-chair)
  • Lead Author: Eric Heflin, Chief Technology Officer/Chief Information Officer, The Sequoia Project
  • Shan He, Medical Informatics, Intermountain Health Care/Care Connectivity Consortium
  • Kevin Isbell, Executive Director of Health Information Exchange, Kaiser Permanente/Care Connectivity Consortium
  • Andy Kling, Director of IT, Geisinger Health System/Care Connectivity Consortium
  • Katherine Lusk, Chief Health Information Management and Exchange Officer, Children’s Health (Dallas, Texas)
  • Odysseas Pentakalos, Ph.D., CTO, SYSNET International, Inc.
  • Chris Ross, Chief Information Officer, Mayo Clinic/Care Connectivity Consortium
  • Seth Selkow, Director of CCC Program and HIE Engagement, Kaiser Permanente/Care Connectivity Consortium
  • Sid Thornton, Medical Informatics, Intermountain Health Care/Care Connectivity Consortium
  • Jim Younkin, Senior Director, Audacious Inquiry
  • Kelly Carulli, Manager, Audacious Inquiry
  • Dawn Van Dyke, Director, The Sequoia Project (Editor)

Below is a more detailed explanation of the topics explored within The Sequoia Project Framework for Patient Identity Management paper:

     Case Study

Intermountain Health Care, a CCC member, is a sophisticated healthcare provider and payer, and has invested heavily in healthcare information technology.  So when they started exchanging data with other organizations, they expected a reasonably high degree of success.  They surprisingly only achieved a 10% success rate in accurately matching patient records across organizational boundaries.  Through algorithmic performance and refinement, and data quality analysis, Intermountain and its partners gained significant initial improvement from 10%.  Human workflow and data entry issues were next inspected, with an expected improvement to 90%, but actually only resulted in an improvement to 62%.

Patient Match Rate Analysis

Patient Match Rate Analysis

The remaining 38% error rate was analyzed in detail and found to break down into algorithmic issues, authorization/consent issues, network and IT issues, and other errors such as inconsistent encoding.  These improvements resulted in a match rate of 85%.  A number of best practices were then identified and implemented resulting in successful patient match rates of over 95%.  These practices include systematically working with partners, addressing patient consent issues, proactively improving “fragile” identities, and addressing human workflow issues.  An analysis of common patient matching traits is presented, along with a list of rules developed during the study. These rules are further analyzed in terms of completeness and uniqueness.        The result was significantly improved match rates for Intermountain and its partners, and patient matching improvement strategies that can be replicated across the industry.

At the conclusion of the case study a number of lesson’s learned and best practices are shared.  There are also suggestions to improve cross-organization patient matching success to greater than 99%, which include the use of a supplemental identifier, involving the patient in the identity management process, and more.  We also provide a self-diagnostic tool, in the form of a questionnaire, to jump start a self-assessment of your own patient matching strategies.
             Patient Matching Maturity Model
We believe that more precise definitions of the maturity model will give organizations the ability to adopt more advanced patient identity management in a methodical manner.  The levels currently being contemplated in our proposed maturity model, now open to public comment, include:

  • Level 0: Indicating ad hoc processes and outcomes, little to no management oversight or recognition;
  • Level 1: Indicating adoption of basic defined processes with associated repeatable outcomes, and limited management involvement;
  • Level 2: Indicating increasing maturation of processes, definitions of most key processes, data governance, algorithm use, active management involvement, accumulation of quality metrics;
  • Level 3: Indicating advanced use of existing technologies with associated management controls and senior management awareness, use of quality metrics; and
  • Level 4: Indicating innovation, on-going optimization, and senior management active involvement.       

Assessments are based on the International Organization for Standardization (ISO) framework, which includes people, process, and technology, with the added dimension of governance.  Current traits associated with the various levels include patient identity management validation plans, community collaboration, use of standards, quality metrics, knowledge sharing, partner onboarding maturity, and more.  Each of these traits is defined and mapped to appropriate maturity levels.

      Patient Matching Minimal Acceptable Principles
This proposed framework illustrates a very low-level, and concrete, list of cross-organizational patient matching practices.  The target audience for this, the last section in this paper, are senior technical staff responsible for implementing clinical document care summary exchange. A number of specific rules are presented, such as the prohibition of using exact character-by-character matching, the corresponding responsibilities on both partners to an exchange of patient data, and similar practices.  Other principles include not relying on any specific identifier (such as a social security number), not making any assumptions about the life cycle of a patient identifier, using normalized traits, and more.