Governance & Risk Management , Healthcare Information Exchange (HIE) , Privacy
Patient Data Matching: Privacy Challenges
HIMSS' Lisa Gallagher Offers Update on Efforts to Overcome Hurdles
Although there's an ongoing ban on federal funding for the development of a national unique patient identifier, progress is still being made through collaborative efforts to improve patient data matching to ensure safety and privacy, says security expert Lisa Gallagher of the Healthcare Information and Management Systems Society.
When Congress passed HIPAA in 1996, the law called for the creation of a unique health identifier for individuals. But in response to controversy that included privacy concerns, Congress in 1999 passed a law prohibiting federal funding for the identifier.
Since then, however, the widespread adoption of electronic health records systems and the federal push for secure national health data exchange has increased the need for more accurate patient data matching methods and technologies to help safeguard patient safety and data privacy (see Making a Case for a National Patient ID).
For instance, accurate matching of health data sent from one hospitals' EHR system to another healthcare provider's system is essential to ensure that medical information is incorporated into the correct patient's file - and not the file of some other patient with a similar name, for instance.
Healthcare technology companies, and organizations such as HIMSS, have been working on developing methods, such as new algorithms, to improve patient data matching in light of the ban for the Department and Health and Human Services to fund the development of a national unique patient identifier.
Testing Patient Matching
Based on findings from a recent patient matching testing event that HIMSS hosted with collaborators from the healthcare IT sector and HHS, promising developments for improving patient matching include the use of an emerging standard, Health Level Seven International's Fast Healthcare Interoperability Resources framework, Gallagher says. The proposed standard, known as FHIR, leverages the latest Web standards to exchange electronic health data, she explains.
"We had two use cases around patient matching, which showed ... interfacing matching software with the new FHIR reference implementation can actually simplify the process of patient matching," she says in an interview with Information Security Media Group.
A complicating factor in benchmarking patient matching technologies is that it requires setting up measurements to evaluate algorithmic matching results using "real world" patient data, Gallagher says. "And that's challenging given the business agreements [between healthcare organizations] and [patient] privacy issues."
In the interview (see audio link below photo above), Gallagher also discusses:
- Other lessons emerging from the recent patient matching testing event that took place in a laboratory environment and was hosted by HIMSS;
- HIMSS' views on whether the federal ban needs to be lifted on the creation of a national unique patient identifier in order to advance further progress in patient data matching;
- What's next in HIMSS' patient matching efforts.
Before becoming vice president of technology solutions at HIMSS, a global not-for-profit organization for those involved in healthcare IT, Gallagher was the association's senior director for privacy and security. In her current role, she is responsible for HIMSS' efforts in business and financial systems; privacy and security; cloud computing; identity management; and other technology areas. She's also a member of the Health IT Standards Committee, which advises the Office of the National Coordinator for Health IT.
