“National Patient Identifier” (NPI) really should be called Unique Health (Safety) Identifier, as it is more about ensuring the health and personal health safety than anything else.
PRIVACY: Current identification process risks privacy; national patient identifier would protect privacy while also increasing patient safety. To file a healthcare claim right now, providers send name, age, address, sometimes part or all of an SSN, and other information that purposely identifies the patient. That is the information that someone would be interested in stealing for other purposes. An NPI would actually protect privacy by enable providers to send health data for a medical record without other personal information. There is little incentive to steal health data for an identifier that does not disclose who the person is. If there is a breach with an NPI, a new NPI can be issued and data can be ported over. In the current system, if someone learns the answer to your secret question (eg. the first elementary school you attended cannot be changed) or knows your address and birthdate, how is your privacy protected going forward?
Data Quality is a huge challenge: The staff at the front desk, who are responsible for accurately identifying who a patient is and locating the electronic record that corresponds to the patient, are among the lowest paid staff. The intake staff have the least vested interest in assuring accuracy. Some providers do not have a robust standardized process and some do not enforce it or do quality assurance. If poor quality data is input into the system, the system will deliver poor quality data back. How do you standardize identity validation and data entry across all providers?
PRIVACY: A national patient identifier (NPI) needs to be “non-disclosing” or “non-discoverable”: nothing about it should give away the age, gender, religion, address, face recognition, iris, palm, or anything else that might disclose who the person actually is. The NPI must be used in conjunction with other proof(s) of identity in the same way one is sometimes asked for a driver’s license and 2 other forms of identity. Otherwise, errors will be made that contaminate other data.
Need Robust Identifier: The SSN is not legally supposed to be used for patient identification and it is an ineffective choice. Issues include the recycling of numbers, stolen numbers, lack of cross-checking of digits (for example, with a credit card number, you will be told immediately if it is incorrect if the format or value is incorrect). There is no robustness with an SSN. CMS has created a new Medicaid number by adding a letter to the SSN. In contrast, Ireland is using an algorithm to generate a unique health identifier that is more robust than the US’s SSN. Data[except mental health data] will be coupled with unique provider identifier and location. Patients will be able to see who viewed their data in a patient portal.
Business Case and Scope
The business case is the biggest obstacle. Engaging people in having a national patient identifier is similar to engaging them in having a personal health record. Google tried and failed at this. How much will a hospital pay to be able to get data from another hospital and how many individuals will subscribe? One challenge of a national patient identifier card where patient scans it and enters a pin (like an ATM card or credit card in Europe) is who will pay for the cost of the cards and the equipment to read the cards?
Scope should be identification and authentication. Including the ability to use the NPI to access longitudinal data, even if anonymous, may decrease adoption.
Biometrics versus cognitive confirmation. The police/government can compel you to provide a finger print to access a cell phone but they cannot compel you to provide the pin because that is considered a cognitive response. They can also compel you to give a key to access a bank safe but not codes. They can compel you to give DNA and other biometrics. What does this mean for how biometrics are used to solve this challenge?