Because of its potential for impacting quality of care and patient safety, patient identity management is a long standing challenge in the health care organization, provider office, or anywhere patient databases are collected. The increasing penetration of technology into the healthcare environment only exacerbates the problem. Recognizing the importance of this topic, HIMSS undertook efforts to address these issues. One outcome of this work was a White Paper on Patient Identity Integrity whose purpose is to identify the complex issues relating to the accuracy and completeness of electronic health data attached to or associated with an individual patient and the linking of all such data within and across systems. The paper discusses the critical business processes that must be in place to support and maintain the integrity of the data for quality of care, patient safety and cost management.

Download the HIMSS Patient Identity Integrity White Paper

In researching for the White Paper, the HIMSS Work Group on PII discovered that there was no central source for information on the topic and gathering resources was difficult if they existed at all. HIMSS decided to develop a Toolkit on this topic as a central repository for available information to enhance the industry's understanding of patient identity integrity and the many issues involved in reliably – and safely – matching patient identity across systems. The Toolkit is divided into seven sections including: security safeguards, model interface protocols, key performance indicators, model data practices, model monitoring reports, executive level training, and literature reviews. These reflected the critical areas of recommendations made in the White Paper.

Security Safeguards:

How to incorporate security safeguards into the workflow and business process, including role-based staff training requirements.

Security Safeguards Introduction

NIST - Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)

Find databases with protected health information - Inventory PII, PHI, and other sensitive data within databases and spreadsheets

ONC Medical Identity Theft Report

HITECH Breach Notification Interim Final Rule

The Health Information Security and Privacy Collaboration (HISPC)

HHS - The Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information (2008)

Managing Information Security and Privacy in Healthcare Data Mining

NIST - Building an Information Technology Security Awareness and Training Program

Information Security Awareness Training: “Good Computing Practices” for Confidential Electronic Information

NIST - Information Security Training Requirements: A Role- and Performance-Based Model (Draft)

Checklist of Responsible Information-Handling Practices

Model Interface Protocols:

Model Interface Protocols Introduction

Key Performance Indicators:

Key performance indicators for managing patient identity integrity with tools and use cases for effective matching: computing duplicate record rates, duplicate creation rates, search threshold minimums, record auto-linking minimums, maximum allowable duplicate record rates, among others.

Key Performance Indicators Introduction - coming soon!

Model Data Practices:

A discussion of the data elements used to maintain PII through utilization in record matching algorithms and the creation of a data dictionary, with model procedures for the collection, validation on patient re-entry, input, and query of information, use of lookup entries as well as newer technologies.

Model Data Practices Introduction

Model Monitoring Reports:

Model monitoring reports for data accuracy, pattern analysis and trending by individual, location, and organization performance along with procedures for sanction and corrective actions.

Model Monitoring Reports Introduction

Managing the Integrity of Patient Identity in Health Information Exchange

VHA - Repair of Catastrophic Edits to Patient Identity

5 Tips for Successful Patient Identity Management in Government Agencies

Reconciling and Managing EMPIs

Medical University of SC Policy: Information Security - Data Integrity

American College of Cardiology - Unique Patient Identifier Principles

Agency for Healthcare Research and Quality - Case Study on Mistaken Identity

Executive Training:

Executive training on organizational commitment to accurate patient identification that includes: quantifiable expectations and performance standards, data governance stewardship, training and administration of all intake and scheduling areas including appropriate compensation, recognition, and professional certification in those areas.

What the C-Suite Needs to Know About Patient Identity Integrity

What the C-Suite Needs to Know About Patient Identity Integrity - HIMSS Annual Conference Recorded Session

Existing Literature/Publications:

A resource for users to find out more information on the patient identity integrity topic.

Accurate Patient Records Matching—Time for HIE Leadership

Patient Identity and Integrity References

Looking for more privacy and security related information?
Please visit the HIMSS P&S Toolkit and the P&S Toolkit for Small Provider Organizations for additional resources.

Help Us Grow the Patient Identity Integrity Toolkit
Members are encouraged to contribute to the Toolkit by sharing tools they have found valuable, submitting ideas for new content, or providing feedback that will help enhance this resource. All submissions will be reviewed by the P&S Toolkit Content Review Task Force prior to posting.