DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Identity Crisis: An Examination of the Costs and Benefits of a Unique Patient Identifier for the U.S. Health Care System

Posted on October 20, 2008October 24, 2024 by Dissent

By: Richard Hillestad, James H. Bigelow, Basit Chaudhry, Paul Dreyer, Michael D. Greenberg, Robin C. Meili, M. Susan Ridgely, Jeff Rothenberg, Roger Taylor

A national health information network, or NHIN, that enables disparate health care information systems across the United States to allow authorized users to easily and quickly share critical health information has the potential to enhance safety and dramatically improve the quality and efficiency of the national health care system. A unique patient identifier (UPI) to use as a singular key to accurately link, file, and retrieve individual health records was seen as an important element of the national system and was mandated as part of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) legislation. However, privacy and security concerns about electronically sharing patient information have completely sidetracked the development of standards for a UPI and threaten to delay the development of the NHIN.

Correctly linking patients to their health data is a vital step in achieving quality health care. The two primary approaches to this linking are the UPI and statistical matching based on multiple personal attributes, such as name, address, and Social Security number (SSN). Lacking a UPI, most of the U.S. health care system uses statistical matching methods. There are important health, efficiency, security, and safety reasons for moving the country away from the inherent uncertainties of statistical approaches and toward a UPI for health care.

This monograph examines the operational advantages and disadvantages, compares the errors, examines the costs, and discusses the privacy issues associated with the UPI and its alternatives. Our analysis indicates that a health care system in which every patient has a unique, nondisclosing (i.e., containing no personal information) patient identifier is clearly desirable for reducing errors, simplifying interoperability, increasing efficiency, improving patient confidence, promoting NHIN architectural flexibility, and protecting patient privacy. A one-time cost of $1.5 to $11.1 billion for a UPI, to remove the systemic errors in health-records retrieval, is small by comparison with the value a potential efficiency savings of $77 billion per year at the 90-percent level of adoption (with additional safety and health values that could double these benefits) that previous studies estimated for connected Electronic Health Record (EHR) systems. Prohibiting development of a UPI actually sidesteps the larger problem: the development of a NHIN without first establishing a legal environment that best protects privacy while also encouraging the advances that interoperability of EMR systems between providers would bring to health care quality and efficiency. Continuing de facto endorsement of statistical matching as the only practicable approach to linking patients to their electronic health records will inhibit the effective development of the national health information network.

This monograph should be of interest to health care IT professionals, other health care executives and researchers, and officials in the government responsible for health policy.

Free, downloadable PDF file(s) are available from:
Full Document (File size 0.6 MB, 2 minutes modem, < 1 minute broadband)
Summary Only (File size 0.2 MB, < 1 minute modem, < 1 minute broadband)

Category: Health Data

Post navigation

← Taking a Peek at the Experts’ Genetic Secrets
Working Together on Health Information Privacy →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.
  • Websites selling hacking tools to cybercriminals seized
  • ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database
  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.