Identity Management
Match, manage, and protect identities
Any kind of identity mix-up is disturbing, but when it occurs within the healthcare system, the fallout can be severe. At best, misidentifying patients leads to lowered consumer confidence, but at worst it can compromise a person’s essential medical treatment. As a healthcare professional, you want to be absolutely certain that comprehensive and correct data is associated with each person who comes in for care, and that you’re utilizing the most advanced measures to make it happen. Universal patient identifiers are an integral part of that goal. Patient Safety Awareness Week is the perfect time to convey that message clearly and positively. What is Patient Safety Awareness Week Patient Safety Awareness Week, organized by the Institute for Healthcare Improvement, is an annual recognition event dedicated to boosting the public’s knowledge about health care safety. In 2020, it runs from March 8th to the 14th. Patient Safety Awareness Week is your ideal opportunity to proactively inform and reassure patients of your commitment to safety. New systems, such as universal patient identifiers (UPI) developed by Experian Health, were created to ensure that patient demographics are as complete and error-free as possible through patient matching. Impact of patient identity problems Many patients may already have concerns about their records, having heard about problems from the news, friends or relatives, or have personally experienced identity misidentification. According to an ECRI Institute report, approximately 30% of the patient data that’s held in electronic health records is either incomplete or inaccurate. So how bad can the damage of patient misidentification be? The Ponemon Institute reported that roughly 86% of all clinicians witnessed a medical error that was caused by patient misidentification. And most disturbing: a study by the National Institutes of Health discovered more than half of all the deaths attributed to medical errors are a result of identity errors. Identification mistakes don’t just lead to unnecessary patient suffering either. These unforced errors undermine the very foundation of healthcare organization: trust. The organization that makes them suffers a serious blow to their brand. How patient identity mistakes are made Human error has been most often to blame for patient identity mistakes. Every day, healthcare providers handle an astonishing influx of information, as hundreds of thousands of electronic patient records flow in from a vast number of different systems and departments. All the while patients’ names and addresses change, which in turn requires updates. Inputting all that data manually is a major challenge, and inconsistencies typically occur in the data entry process. In fact, the National Center for Biotechnology Information found that the greatest proportion of mismatches are centered around a patient’s middle name and their Social Security numbers. Misspellings and entering first, last, and middle names into the wrong fields are also common. Once identity mistakes are entered, a patient can have duplicate records and disparate facts, matching past diagnoses and prescribed medications. Billing problems, too, can result. A patient’s statements might not be sent to the correct mailing address, resulting in them experiencing unnecessary credit troubles. Solutions to identity problems In order to consistently and correctly match patients with their medical records, innovative technology has been developed. UPIs use Experian’s consumer demographic information and methodologies to identify record matches and duplicates in a patient’s file. Once a unique UPI is created for the patient, the potential for identification mix-ups is vastly reduced. More, UPIs lead to efficiencies that drive costs down for all concerned. It’s expensive and laborious for healthcare provider employees to record and update such a high volume of patient data by hand. Rectifying mistakes is not only time-consuming, it can cause insurance issues to arise. Certainly, obtaining the best treatment is paramount to patients, but keeping healthcare costs to a minimum is also important. 79 million Americans are struggling with overwhelming medical liabilities, found The Commonwealth Fund. However, a survey conducted by Black Book found that patient matching discrepancies can lead to nearly $2,000 in extra inpatient costs per person. No one should pay more than they have to for their healthcare, and UPIs can make sure bills are appropriately assessed. For this year’s Patient Safety Awareness Week, spread the word to your patients that measures have been put into place to protect their identity. As of the end of 2019, every person in the U.S. has been assigned a UPI, and correct and complete information will be associated with each patient. Everyone should be aware that you are taking steps to ensure the accuracy of their medical records — which keeps them safe and their financial obligations down.
It’s amazing to look back at how far medical science and digital technology have come – and how those two worlds are increasingly intertwined. Ten years ago, the idea of managing your healthcare bills or making appointments through an app on your phone would have been unthinkable. Now we take it for granted! But having all these tools at our fingertips means there’s more data being shared between different services and platforms. As a healthcare provider, you might be accessing and sharing patient data multiple hospitals, primary care services, pharmacies, patient portal providers, payers and more. It’s vital to make sure that data is accurate. Research by RAND Corporation revealed that between 8-16% of patient records are duplicates. Trying to provide care on the basis of unreliable data is inefficient and expensive for providers, who lose staff time and revenue trying to match up records and reconcile the data on file with the patient in front of them. According to RAND, a mid-size health system absorbs as much as $96 for each duplicate. What this means for patients is even more worrying. According to the US National Institutes of Health, “195,000 deaths occur each year because of medical errors, with 10 of 17 being the results of identity errors or wrong patient errors.” In a value-based system where patients are covering more of the costs themselves, the financial impact of having unnecessary repeat tests or longer-in-patient stays due to delayed treatment is an added pain. Currently, standard health IT products have some catching up to do, as only 10% of duplicates are spotted. But looking ahead, the future of patient identities is promising. Unique patient identifiers are key to unlocking value-based care The twin trends of value-based care and healthcare consumerism are bumping up patient expectations. They expect a seamless experience. They expect their records to be updated immediately. They’re confused when one department doesn’t have access to information that was just shared with another. And they definitely don’t want to see different services working off different versions of the same record. The answer for many high-performing health systems is to introduce unique patient identifiers (UPIs). This allows a patient’s record to follow them throughout their healthcare journey, ensuring that at every touchpoint, clinical and admin staff are confident in the accuracy of the information they hold. But transitioning to any new system can involve a bit of culture shock for those involved, and so careful planning is essential. What steps can providers take to make sure they implement a patient identity management strategy that’s built to last? How to future-proof your patient identity platform 1. Make sure everyone’s on board with the plan First, whatever solution you’re using to manage patient records, it’s essential that your patients, staff, payers and any other parties involved all buy in to the new approach. Changing the way you handle data and introducing new digital tools such as UPIs can often call for a mindset shift in the way your team and consumers think about data. Be sure to communicate the benefits of UPIs to patients, payers and staff. For example, UPIs can: improve patient safety, by preventing duplicate and inaccurate recordslower healthcare costs, by eliminating inefficiencies and errorssafeguard patient privacy, by keeping records securecreate a better patient experience, by supporting patient-centered carehelp staff access up to date information about their patient’s healthcare situation 2. Choose a UPI system that works within and outside your network Some providers use hospital- or practice-based patient identifiers, where a master patient index is used to link all versions of a patient’s record held within a single organization. An enterprise master patient index (EMPI) does the same, but across several facilities or services. A cross-enterprise solution makes it much easier to manage patient identities across your entire network, without having to wrangle disparate records that don’t interface well with each other. When this system is based on ‘referential matching’, which uses wider data sources and UPIs to build a more connected and accurate data ecosystem, you’ll get a much more complete view of your patients and far fewer inaccuracies. 3. Use data analytics to improve decision-making UPIs bring another advantage: they enable you to analyze health, credit and consumer data for a single patient, giving you useful insights about your patient population as a whole. A network of interoperable data can help you spot trends in the social and economic factors that affect health and wellbeing, so you can target your resources more effectively. As the world of public health data matures, it’s highly likely that UPIs will become the norm. Data-sharing remains a challenge, but by using digital tech to your advantage, you can improve the way patient records are managed in your health ecosystem. Learn more about how UPIs could help close the patient data gap in your organization.
At the end of 2019, Experian Health announced that every person in the U.S. population, an estimated 328 million Americans, had successfully been assigned a unique Universal Patient Identifier, powered by Experian Health Universal Identity Manager (UIM) and NCPDP Standards™ (the “UPI”). Universal Patient Identifiers (UPIs), created with a comprehensive view of patients from health, credit header, and consumer data sources, are thought to significantly reduce the challenges that stem from the misidentification of patients which span patient safety, financial, and operational inefficiencies. But what does 100% coverage mean? And what does this mean for the future of healthcare? To take a deeper dive, we sat down with Victoria Dames, an Experian Health leader in the identity management space to learn more. 1. It doesn’t get more perfect than 100%, so tell us more. What exactly does 100% coverage mean? Experian Health developed an algorithmic engine known as our Universal Identity Manager about five years ago. Since this time, we’ve worked closely with many providers, pharmacies and payers to help address their duplicate records. We’ve been monitoring our adoption and enumeration by unique patient identifiers against 328M individuals in the US population (2010 Census) and achieved this milestone at the end of 2019. Through our broad network of provider clients, which include hospitals, pharmacies, payers, and healthcare technology companies, patients who have received care from participating entities over the past few years have been enumerated. As new patients enter the healthcare ecosystem, this number will continue to grow. 2. Why are universal patient identifiers (UPIs) needed and how do they benefit providers and patients? The Universal Patient Identifier (UPI) helps providers link the right records together, preventing duplicate records from being created. For example, think of all the ways duplicate accounts or variances can occur: address differences, name variations (Katherine, Kathryn, Kathy, Kat), maiden names and potential user entry error. With the UPIs, providers can link records together and have one complete record and view of the patient, ultimately leading to a better patient experience. It’s important to note that the UPI is not something the patient knows or sees, but rather part of the technology. It can be embedded within a hospital’s information system, for example. It simply links a patient’s records together, so a provider has a complete view of the patient’s identity. The flow of communication happens when participating healthcare organizations send Experian Health patient demographic information; the system provides the organization in return with the insights and identifiers that they need to better manage patient identities and prevent duplicate records. The UPI can be attached - if the situational requirement is met - to active claims in real-time transactions effectively improving the integrity of patient records. During this process Experian Health does not rely on or use any clinical information about the patient; Experian Health only leverages the minimum data elements needed to successfully match an identity. 3. How did you get numbers assigned to all Americans? When a healthcare organization enlists our help, we process all their historical records through the UIM, returning a Universal Patient Identifier (UPI). The initial run of this data helps resolve existing duplicates which can date back several years. Working with multiple providers and pharmacies, we were able to get numbers assigned to all Americans. The number will continue to evolve of course, as the population changes with births and deaths. 4. Are there privacy risks with this? Experian Health is a HIPAA-compliant Business Associate when it receives PHI from customers. It takes its privacy obligations very seriously. As to UIM, privacy risks are minimized by the fact that the UIM does not leverage any medical records, prescription histories, or provider systems. The purpose of the solution is to assist healthcare professionals to better match an individual’s identity through data assets that would normally be unavailable to a healthcare provider. 5. Does a UPI function similar to a credit report, meaning it provides a singular view of a patient’s medical history? It depends on the situation. If a provider has a patient in their EHR twice under two spellings of the patient’s name in error, then yes, the UPI would link those two profiles, creating a singular view of the patient in that provider’s system. Additionally, the UPI generated by Experian Health is designed to help facilitate interoperability between healthcare providers. For example, if your pharmacy has you listed under your maiden name of Smith and your doctor has your married name of Wilson, during the ePrescribing process, your ePrescription might not get associated with your prescription profile. If both providers have the UPI on record and submit it during the transaction, the systems will match the patient using the UPI. It’s important to note that the UPI is technology for entities and is not patient facing. 6. What is the direct benefit to consumers; will it help them control their medical data? Consumers will benefit depending on how a provider implements and utilizes the UPI. For instance, if a provider has two medical records, and they merge this into one record, the patient will see one consolidated record. Imagine two patient profiles for the same individual at a pharmacy. One prescription is filled under each profile and the two separate prescriptions, if taken together, could lead to a severe reaction. If filled under two different profiles, the automated process to screen for drug interactions would not identify this harmful reaction. But the UPI directly solves for this issue. 7. What are the next steps and goals for Experian Health as it pertains to UIM? Our goal is to continue to partner with healthcare organizations to help prevent and resolve their duplicate records. We are continuing to invest in our technology and capabilities within identity, as we care deeply about patient safety and data integrity. Having a single, unified and accurate view of the patient is a challenge that plagues the healthcare system, and now we have a comprehensive solution that reduces the barriers to make healthcare safer.
When a doctor pulls up a patient’s record, it should be a safe assumption that the information on the screen relates to the patient sitting in front of them. It should contain every detail of the patient’s medical history, along with their current address and accurate personal information. It certainly shouldn’t contain anyone else’s data! Yet all too often, patient records are plagued with inaccuracies. Around 30% of patient data in electronic health records is incomplete or inaccurate, and up to half of records are not linked to the correct patient. The ONC estimates that around a fifth of patients may not be matched to their entire medical record within an organization, while more than a half of records shared between organizations contain errors. Despite all of modern medicine’s ground-breaking achievements and our increasingly digitized world, the ability to share information between different payers and providers in a reliable and secure way remains frustratingly out of reach. Could a universal patient identifier unlock interoperability? Imagine a healthcare ecosystem where administrators and clinicians can safely exchange information without worrying about whether it’s inaccurate, incomplete, or incompatible with each other’s systems. Interoperability could make life easier for healthcare staff and patients alike. While regulations such as the Affordable Care Act introduced many carrots and sticks to drive up adoption of electronic medical records to support interoperability, they also revealed a critical gap in healthcare: the need for a universal patient identifier (UPI). This is an identifier that would help manage patient identification across the whole healthcare ecosystem. A UPI would allow providers and payers to follow patients throughout all their major medical and life events and be sure that the information they hold for their member or patient is 100% accurate, current and complete. Instead, the absence of a UPI, compounded by the sheer volume and fluidity of patient data, has created significant issues downstream. Billing errors, unnecessary treatment and testing, HIPAA breaches, prescriptions filled for the wrong patients and many other issues all play a role in the growing number of preventable medical errors (estimated to be the third leading cause of death in the US). Striving for truly interoperable patient information should be a priority across the entire healthcare industry. Still, while federal funding for a UPI is currently being considered by Congress, we’re seeing more and more industry-led responses to help improve patient identity management. 5 benefits of using a universal patient identifier for interoperability Improve patient safety How can physicians be sure they’re recommending the right treatment for a patient, when there could be a vital piece of information missing from their medical history or allergy list? How can a pharmacist feel confident handing over a prescription, when there’s a chance the patient in front of them isn’t the same patient named on the script? A UPI can help avoid ‘wrong patient’ events and allow providers to share information to spot trends in recurring errors so that action can be taken to prevent them in future. Lower healthcare costs The West Health Institute found that that medical device interoperability could save the U.S. healthcare system more than $30 billion per year. For individual providers, UPIs could improve productivity by reducing the amount of time clinicians and hospital staff spend trying to sort out inaccurate records. And with nearly a third of claims denied as a result of patient misidentification, this could mean savings in the region of $17.4 million for the average hospital. A better patient experience Patients are right to be frustrated when their physician doesn’t have up-to-date records about them, or their provider sends appointment reminders to an old address. Expecting patients to fill out multiple forms (often multiple times) is inefficient and hardly contributes to a positive patient experience. A tool such as Universal Identity Manager can help providers exchange timely data, eliminate duplicate records and coordinate care, so the patient is supported throughout their healthcare journey. Stronger privacy Electronic records linked with a UPI allow healthcare organizations to phase out manual processes—which is not only more efficient, but also helps minimize the risk of patient data falling into the wrong hands. It’s much easier to keep the data secure when it’s contained in a single record, compared to multiple versions of a record filled with scribbled notes and random updates that could easily end up attached to the wrong record. Experian Health’s Precise ID gives healthcare organizations a HIPAA-compliant way to authenticate patients and reduce the risk of a data breach during enrollment. Better data to tackle the social determinants of health As consumer data opens up new opportunities to improve population health, a network of shared data will be essential for identifying trends in the social and economic factors that affect medical outcomes. Interoperable data sets and technologies can enhance the way public health data is collected and used, for better patient outcomes and population health. Interoperability currently remains a challenge, but the tools exist to improve the way information is shared and used across the healthcare ecosystem. By integrating clinical data into the patient access workflow, you can increase productivity, reduce costs, and ultimately improve the patient experience. Contact our team to find out how this could help your organization achieve more efficient, accurate and actionable data sharing.
Last week, I spoke at the technology briefing of a national health plan group to give a presentation on the role of consumer data and patient identity in healthcare and how social determinants of health (SDOH) can help payers improve population health and lower costs. To illustrate the importance of leveraging consumer data for SDOH outcomes, I like to use the example of Vern. Vern is 78 years old, lives alone in a lower income apartment complex and hasn’t attended a wellness check in several years. Last month, he had an unexpected trip to the emergency room (ER) due to heart disease and continues to be readmitted for his condition. But why does he keep getting readmitted? Is it because he can’t afford his prescribed medication? Is he having a difficult time finding transportation? Or could it be that when it comes to healthy eating—buying fresh product on a weekly basis is challenging for him? These are some of the SDOH that could be contributing to Vern’s readmission—not solely his now heart disease. Had his care team known more about Vern, aside from his condition, they could have proactively addressed some of his barriers to care and prevented the ER admissions—saving them from costly care episodes and preventing negative outcomes for Vern. By utilizing SDOH insights, Vern’s care team can help ‘even the playing field’ for him by understanding his non-clinical barriers to health, what key things are driving those barriers, and what makes sense to address them. All of this, of course, underpinned by an accurate identity (but, let’s talk universal patient identification another day!). With SDOH insights, Vern’s care team could have gotten him to his wellness checks, his condition would have been detected earlier and he would have received the services he needs proactively. This would save countless dollars in repeated readmissions, ER visits and other costs associated with a chronic condition that can’t get better when your members don’t have the luxury of prioritizing health over basic needs. To avoid these missed opportunities, many healthcare organizations are turning to consumer data to understand their patients or members better. Insights on SDOH are transforming the care experience for people like Vern, as well as saving money for patients and the healthcare industry. Here are three ways consumer data is driving improvements in population health and lowering healthcare care costs at the same time: Helping patients lead healthier lives Research shows that clinical care alone is not enough to safeguard a person’s health. Up to 80% of health outcomes are attributable to non-medical factors such as your financial situation, stability of living arrangements, access to transportation and healthful food options, amongst other things. Around 68% of Americans are affected by at least one of these SDOH, which can make prioritizing good health a challenge. When healthcare organizations are more informed of the SDOH impacting their patients or members, they can take steps to help prevent avoidable hospital visits, ED utilization, appointment no-shows and worsened conditions by encouraging and facilitating earlier intervention. For example, 1 in 8 Americans are food insecure. If care teams are able to recognize when this is an issue for the people they’re caring for—they can look at partnering with community organizations, like a local food bank or meal delivery service, to address gaps in nutrition for better health outcomes. Reducing the financial burden of healthcare expenses In the U.S., healthcare has the world’s largest gross domestic product (GDP) spending (18%). By helping your members overcome barriers to attending appointments and potentially discovering health issues sooner, the healthcare industry can reduce the costs of healthcare. For example, 3.6 million Americans miss out on medical care due to transportation problems. If care teams knew who they were and what specifically is impacting them ahead of time, they could step in to arrange transportation or offer alternative options, like telemedicine, so problems can be detected earlier. Not only is this better for the patient’s health, it’s better financially too—emergency room visits cost an average of nearly $2,000 while inpatient hospital stays come in at an average of $10,000. When 33% of ER visits are from those experiencing homelessness—the extreme condition of housing instability—it’s imperative that we consider more than a patient’s profile from a claims or clinical data perspective. Offering a better patient experience When healthcare organizations can see each patient as a whole person, they can offer better engagement plans that make prioritizing their health a smaller mountain to climb. Does your patient prefer information by phone, text or email? Do they use their patient portal? Are there other services they might benefit from, that can help improve their health in other ways? Armed with the right data, you can answer these questions and tailor your communications with each patient, ultimately helping them achieve better outcomes. What’s more, when you leverage consumer insights to improve your population health strategies, you’ll also create a better patient experience through improved care coordination, prompt referrals and timely information sharing—making the whole process better for everyone. Translating consumer data into intelligent business decisions With reliable consumer data sourced from Experian—an original-source provider and data steward when it comes to consumer privacy—you can learn more about your patients and make the right care management decisions to address the non-clinical barriers to health impacting the health of your members and your organization. Learn more about how to leverage consumer data to help improve outcomes for your patient population. Mindy Pankoke is a Senior Product Manager for Experian Health
Last week, I attended the ONC Symposium on Patient Matching for Prescription Drug Monitoring Programs (PDMPs) and conversations with pharmacy stakeholders confirmed that momentum is growing for an industry-wide solution to the patient matching challenge. Recent legislative movements could see a removal of the ban on federal funding for a universal patient identifier (UPI), while within the industry, we now have a range of exciting collaborations and innovative solutions on the table to help improve patient identity management. As someone who works closely with pharmacy leaders, PDMP administrators, health IT experts and standards organizations, I’m optimistic about what patient matching technology could mean for the pharmacy world. Here’s why. When life doesn’t match health events In today’s healthcare system, patients move through several facilities and services, seeing multiple doctors, pharmacists, nurses and other clinicians. In between those interactions, life happens. A patient might move to a new house. Get married. Have kids. Relocate to a different state. Maybe they visited Pharmacy A for their medications while living in San Francisco, but delivered their first child in Hospital B, after moving to Los Angeles with a new surname and different address. How does the health service know this is the same person? Who is keeping track? Patients with similar names can have their records combined, while data entry errors lead to the same patient having multiple unmatched records. The ONC itself has found that 10-20% of patients may not be correctly matched to their entire medical record within an organization, rising to 50-60% when data is shared between organizations. For pharmacists, the fact that nearly 80% of prescriptions are delivered electronically means the opportunities for data entry errors to creep in is worryingly high. How can they be sure that the prescription they’re holding is for the patient across the counter? A prescription in the wrong hands could be fatal. PDMP facilitators face the same problem when trying to improve patient match rates for the proper tracking of opioids. Since the data comes from various sources, often formatted differently and not always including required fields, PDMPS are forced to do the best they can with what they have. To further complicate the issue, states across the U.S. do not have a common, underlying method of uniquely identifying patients to be able to exchange information across state PDMPs. While PDMPs establish central repositories of prescribing and dispensing records of medications classified as controlled substances that can be accessed online by authorized individuals and agencies—individual state PDMPs vary in required prescribing information and in data submission time, usually with a week or more of delay. An additional challenge exists since not all programs share their data with other state PDMPs, preventing information exchange and reducing the effectiveness of the programs. The answer is to have a single, complete picture of each patient that can be accessed by all relevant organizations in the healthcare ecosystem – but how close are we to achieving true interoperability? Why EMPIs aren’t the answer The common solution historically has been to use an enterprise master patient index (EMPI) to link all versions of a patient’s record within a health eco-system (such as in a pharmacy, a physician’s office, or a PDMP). The problem is these usually rely on limited historical and demographic information, which may have gaps or errors that end up being replicated in any service using the EMPI. A universal patient identifier that integrates patient information from reliable health, credit and consumer data sources can give pharmacies and other providers a much more comprehensive view of their patients than traditional matching approaches. Referential matching technology, as recommended by Pew researchers, uses unique identifiers and third-party data to provide continuous updates to the master patient index, so you know you’re giving the right prescription to the right person. Collaborating for better patient matching solutions One example of how this is already being used to link patient prescription data at scale is in Experian Health’s collaboration with the National Council for Prescription Drug Programs (NCPDP), which sets the standards for the digital exchange of pharmacy-related healthcare information. Lee Ann Stember, President of the NCPDP, says: “We needed a single, unified and accurate view of the patient that could address the patient safety and business issues that plague our healthcare system.” To this end, we’ve teamed up to create a patient matching solution that provides a framework for establishing a unique patient identifier across the entire US healthcare network. This is a vendor-neutral, cost-effective solution that lets providers exchange information efficiently and accurately. There’s less chance of a prescription being given to the wrong patient and causing unwanted and even fatal interactions. In August 2018, NCPDP working groups approved the UPI as a standard field. This means the UPI may be used by other partners to improve the accuracy of patient data exchange. The PDMP Reporting Standard was among those identified as suitable for communicating the UPI. With this standard, pharmacies will be able to submit the UPI directly to PDMPs so that patients can be matched using the UPI instead of probabilistic or manual processes. A UPI can help states who share data improve their matching because it is a real-time solution that will feed into the management of controlled substance prescriptions across state lines, creating better visibility into interstate prescriptions and more importantly improving patient safety. The current lack of transparency into controlled substances—who is filling, when they are filling, how often they are filling, etc.—is feeding the national opioid epidemic which is taking a significant human and capital toll. Working towards an industry-wide solution Our strategic alliance with NCPDP was inspired by a shared desire to leverage data for the common good. We want to give more providers the opportunity to benefit from this UPI solution, to help address some of the patient safety challenges facing the healthcare industry. That’s why Experian Health is offering access to our Universal Identity Manager (UIM) Batch product for no charge. This tool strips out duplicates in your patient data and gives you a UPI that can be used across different health entities, enabling secure information exchange. It can even provide updated demographic information using the United States Postal Service CASS address standardization. Given the advances already made in trialling innovative solutions for the secure and accurate exchange of prescription data, the pharmacy industry is well-placed to lead the way in adopting more comprehensive and reliable patient matching frameworks. As we know, better data means better care. More accurate patient matching not only improves patient safety, but allows for better care coordination, financial savings and greater operational efficiency. — Find out more about how the Universal Identity Manager and other identity management solutions can help pharmacies improve patient matching. Matt McGrath is Vice President of Pharmacy Strategy and Solutions at Experian Health.
Medical identity theft is a growing concern for healthcare organizations in the digital age. In 2017, healthcare data breaches accounted for 24% of all data breaches, rising to 29% in 2018. In just 12 months, the total number of personal medical records exposed jumped from 5.3 million to 9.9 million. In fact, healthcare data breaches tend to expose many more individual records than other industries. For example, according to the Identity Theft Resource Center, 43.9% of breaches in the first half of 2019 were in business, while only 36.9% were in healthcare. But for healthcare, this meant exposing a staggering 77.4% of all records left vulnerable to identity theft, compared to just 9.5% by business breaches. The potential impact of a healthcare data breach seems to be further-reaching than in other fields. At the same time, healthcare is slightly behind other industries when it comes to data security. Financial services have a two-decade head start to refine their anti-fraud strategies. This, coupled with the fact that medical identities are worth 20 to 50 times more to fraudsters than financial identities, means medical identity theft is increasingly appealing to criminals. It’s a big concern, but healthcare organizations can use data to fight data theft. When you’re armed with the right information, you can put in place the right strategy to protect your patients. What is medical identity theft? Medical identity theft is when someone uses another person’s health-related identifying information without them knowing. This could include their name and address, Social Security number, health records, or insurance information. Fraudsters can use this information to access medical services without paying, submit false insurance claims, or buy drugs. They pretend to be someone else to access services illegally. In addition, that personal information could be used for other kinds of identity fraud or blackmail. What are the consequences of medical identity theft? Karly Rowe, Vice President New Product Development, Identity & Care Management Product at Experian Health, says: “For patients, the impact of having their personal information stolen, and then possibly used to make false claims in their name, can be hugely violating. When someone’s record becomes overlaid with a thief’s record, this can have massive consequences for that person’s future treatment. It’s a major stress to sort out – both administratively and financially. And for organizations, there’s obviously the reputational hit. The relationship between provider and patient is based on trust. When you fail to secure your patients’ most personal information, you risk losing that trust for good.” It’s also a major cost. Medical fraud in the U.S. is estimated to cost somewhere between $80 billion and $230 billion, with the cost to individual providers and payers coming in at around $2 million per breach. To tackle the problem, healthcare organizations are stepping up their security practices across the board. A HIMSS survey, in partnership with Experian Data Breach Resolution, reported that data security strategies have improved. Ninety-two percent of those asked had performed a formal risk analysis, and more than half had increased their patient data security budget. A number of organizations also teamed up to form the Medical Identity Fraud Alliance, to mobilize the industry to tackle the problem. Still, there’s a ways to go. 3 ways to leverage data insights to prevent medical identity theft Protecting patient data calls for a data-based solution. Here are three ways to leverage consumer data and technology to protect your patients and keep their information safe: Resolve patient identities. Accurate patient data is the cornerstone of data management. If your records aren’t entirely reliable to begin with, keeping them safe and secure will be much harder. Put preventative measures in place to minimize the risk of duplicates and errors. Assigning a Universal Patient Identifier (UPI) will let you follow the entire patient journey, so you have a complete, accurate and secure picture of each patient. Protect patient identities. Patient portals allow people to access their health information from their personal devices. It’s convenient and can improve engagement and health outcomes. Unfortunately, they can also become vulnerable to breaches by data thieves. You have to make it easy for patients to use portals, but difficult for fraudsters to get their hands on that personal data. As patient portals gain popularity, you must have the right technology in place to validate and protect patient identities. Automating patient enrollment with a tool like Precise ID® can help authenticate patient identities from the start using identity-proofing, fraud management and device recognition. Enrich patient identities. With data insights, you can check that your patient is who they say they are the moment they arrive in reception. Using the broadest and most trustworthy datasets, identity verification solutions make constant checks, so you have a single, accurate and 360° view of each patient. Not only is this ‘golden record’ the cornerstone of patient care and experience, it’ll let your staff update patient data during intake without manual corrections. Medical records contain some of the most sensitive personal information, so it’s vital to safeguard it with the strongest security that exists. — Download this free eBook to learn how to evolve today\'s patient matching technologies or find out more about how to protect your patient data and prevent medical identity theft.
Medical identity theft is a growing problem for the healthcare industry: nearly 15.1 million patient records were compromised in 2018, an increase of nearly 270% on the previous year. While providers are busy rolling out patient portals and electronic medical records to better serve consumers, criminals are sneaking through the cracks to steal patient data and profit from vulnerable health systems. The rapid rise in medical identity theft is partly explained by the fact that it goes undetected for much longer than other types of identity theft, giving criminals more time to use stolen personal information for financial gain. It’s also a lot more lucrative. Medical identities can be used to access treatment and drugs, make fraudulent benefits claims and even create fake IDs to buy and sell medical equipment. This can be devastating for victims, both emotionally and financially. Unlike credit card theft, where victims aren’t considered financially liable, 65% of people who fall prey to medical identity fraudsters are left with hospital bills running into the tens of thousands. The compromised medical record is tough to reconcile, jeopardizing future medical treatment. For providers, a data breach can mean significant reputational damage and loss of trust, and huge financial consequences – each breach costs an average of $2.2 million. But what’s most alarming for providers is that more than half of data breaches originate within the organization. Unfortunately, many providers lack sufficient security protocols and detection tools to safeguard the data they’re holding. The good news is that the tools exist to help you protect your patient data. What can healthcare providers learn from other industries about identity protection? Banking and financial services have pioneered identity protection over the last twenty years, and healthcare can learn a lot by looking at what’s worked in those industries. For consumers, using digital technology to pay your bills, book flights and buy pretty much anything is the norm, all with reassuringly quick fraud detection and resolution. Healthcare has been a little slower to embrace digitization in this way. Despite the opportunities, fears around security, privacy and inconveniencing patients have stalled efforts to transform outmoded processes. Drawing on two decades of innovations in other fields, fast-paced technological developments mean many of the early challenges around implementing safe and secure patient portals have been overcome. 6 strategies to keep patient data safe Here are six smart ways to ensure your organization has done everything possible to safeguard patient data. Tell your patients how you’re keeping their data safe Patient trust is at the heart of a successful patient-provider relationship. Share the steps your organization is taking to secure patient information, so patients feel reassured and confident in using their portal. Data security should be a key strand in your patient engagement messaging. Verify patient identities to protect access to medical records To avoid HIPAA violations, it’s critical to ensure you’re giving access to the right patient. Secure log-in monitoring and device intelligence can help you confirm that the person trying to log in is who they say they are. When something doesn’t add up, identity proofing questions can be triggered to provide an extra check. In an exciting new development, the healthcare industry is also starting to see the use of biometrics to supplement existing identity-proofing solutions. Just as you might use facial recognition to unlock your smartphone, there are now ways to authenticate your healthcare consumers’ identity using the same technology. Automate patient portal enrollment You want your portal to be as secure as possible, but not at the expense of your patients’ time and effort. An automated enrollment process can eliminate the hassle of long, complicated set-ups and reduce errors at the same time. Arm your organization with a multi-layered security strategy There is no silver bullet for protecting patient information—it will require various tools. A robust data security strategy will be multi-layered, including device recognition, identity proofing and fraud management. Educate staff on security threats and warning signs Data breaches aren\'t all malicious – human error is a massive component, from mailing personal data to the wrong patients, to accidentally publishing data on public websites or leaving a laptop behind after getting off the subway. Training staff on the potential pitfalls will help them help you in protecting confidential patient information. Develop a robust device strategy ‘Bring Your Own Device’ arrangements (BYOD) are convenient for staff and patients, but personal devices need to be secured when accessing patient information across the network. Make sure your teams, patients and visitors are aware of how to log-on securely to WiFi and follow best practice to keep data safe. In a climate of ‘doing more with less’, healthcare leaders are turning to other industries to find ways to boost quality of care and streamline operational efficiency. Automation, digitization and consumer-centric approaches make good business sense across the board, but they’re sensible investments for your data security strategy too. Investing in secure patient identities is a way to prevent painful and unnecessary losses down the line – and it’s what patients have come to expect. — Find out what more you could do to shore up your data security and prevent medical identity theft.
“Build it and they will come” might work for 1980s movie characters, multinational coffee franchises and beloved sports teams, but it’s not a great engagement strategy for most consumer-facing organizations – especially in healthcare. Take patient portals, for example. Giving your patients a way to access their health records can help improve their health outcomes, increase compliance with care plans, and create a more positive healthcare experience overall. But do your customers know the portal exists? Do they know how it could serve them? Do they trust it? You’ve built it, but how many patients are actually logging on? In 2017, over half the US population had access to a patient portal. Around half of those people used it at least once in the previous year. Of those who didn’t, 59% said it was because they didn’t feel they needed to access an online medical record, and 25% were worried about privacy and security. This tells us two things: If healthcare providers want to increase the number of patients using their portal, they need to proactively communicate the benefits to those patients, and healthcare providers could do more to reassure patients they take portal security seriously. If patients discover that using the portal is better than not using it, and that they can do so securely, they will be more likely to log on. You can address both in your patient engagement and marketing strategies. Perhaps the better mantra is: “if you solve their problem and tell them about it, they will come”. Balancing portal security and patient convenience Your patient portal is more than just a platform for patients to access test results, sort out bills or schedule appointments. It’s a way to nurture the patient-provider relationship. And at its heart, that relationship is about trust. One way to build trust is to ensure your portal meets the strictest of security measures without creating an excessive admin burden for patients. You can do this with a security strategy that layers up several protective measures to help you tackle common areas of vulnerability, including weak ID verification, over-reliance on password-protection, and failure to encrypt sensitive data. A few practical ways to keep your patient portal secure include: using ID verification when someone signs up for the portal using device intelligence and identity proofing when a user signs in to the portal deploying extra security checks where the risk of identity fraud is higher putting systems in place to flag and respond to security breaches as fast as possible. A solution like PreciseID® can help you take care of your patients’ privacy and security behind the scenes. They’ll see just enough to reassure them that you’re taking their security seriously, without any protracted log-in process that puts them off using the portal altogether. Marketing your patient portal so more patients benefit from it Solving your patients’ concerns about security is just one route to boosting portal utilization. Another important way to ensure more patients use and benefit from the patient portal is to actively encourage them to access their online records regularly. Research suggests individuals who are encouraged to use their online medical record by their provider are almost twice as likely to access it, compared to those who weren’t actively encouraged. So how do you convince your patients of the benefits of regularly logging on? That it’s not just a convenient way to manage their medical journey, but could result in better health? The answer lies in consumer data – the lifestyle, demographic, psychographic and behavioral information that gives you a fuller understanding of what drives your patients. Experian Health’s ConsumerView data analytics can capture insights that let you reach out to your consumers with the right message, in the right way, at the right time. Do they live a busy lifestyle? Reassure them that the portal can save them time. Are there lifestyle factors that may hinder their adherence to medication? Encourage them to use the portal to make sure their prescriptions are up to date. If you discover your consumers are big social media users, you might target your portal engagement campaign through those channels. Equally, if a consumer doesn’t have any social media accounts, there would be no point investing in Facebook ads. Personalization makes your patients feel taken care of, leading to greater trust, loyalty and satisfaction. Increase patient portal engagement today In the wake of consumerism and IT transformation across many other industries, a tailored and digitally secure healthcare service is a must. “Consumers now expect to be provided with a turnkey, individual experience that is fast and seamless,” said Kristen Simmons, Experian Health’s senior vice president of strategy and innovation. Your patient portal must be seen to provide a valuable and secure service. While there’s a way to go to increase the number of patients making full use of portals, the tools exist to support healthcare providers’ engagement goals. Learn more about how your organization can leverage consumer insights to improve patient retention and engagement.
