SOPA certainly made a big name for itself over the past few weeks. The Stop Online Piracy Act, and it’s Senate sister bill PIPA (Protect IP Act) has been halted in both the House and the Senate after a day of protest from thousands of websites worldwide, including Google, Wikipedia, and Reddit. These web giants encouraged their users to stand up and write their representatives urging them to vote against this nasty piece of legislation which would enable censorship over the internet by private corporations who believe that foreign websites are linking and hosting content that they own.
Up at 5AM: The 5AM Solutions Blog
A national patient ID is one of the more taboo subjects in United States law. As one writer for the College of American Pathologists reports, “In some federal government offices, all one has to do to stop a conversation cold is mention a national patient identifier. That’s how adamantly Congress, in a 1998 bill, outlawed any plans for, consideration of, and even research on a national system of assigning patient ID numbers.”
In fact, no government money can be spent even investigating the possibility of a national patient identifier, effectively making the law difficult to reverse without a large push from private industry.
If it were created, a national patient identifier would provide a unique number to identify an individual in health systems across the United States. It could be used to pull or push health data for a patient across the country on-demand without complication or fuss.
Without a national patient identifier, industries face the challenge of mapping patients in their internal systems to patients in systems outside of their operating networks. Typically, this involves sending patient names, addresses, phone numbers, social security numbers, and other identifying data across secure channels to ensure that the systems really are talking about the same person. Mistakes and match-refusals are common. Spelling mistakes and formatting inconsistencies while entering data can prevent systems from recognizing somebody as the same person (“Bob” vs “Robert,” or “Ft. Worth” vs “Fort Worth”). Policy differences also can prevent successful matching. Some health vendors will outright refuse, by policy, to make a patient correlation without having been sent the social security number of a patient. Other vendors will refuse to ever send a social security number over the Internet, even if the channel is secure. Systems like this will never be able to communicate with such limiting policies in place.
A national patient identifier cuts through all of this red tape. It replaces complex methods of patient matching that may or may not be successful, and reduces the likelihood of confusing people with similar information for one another. Overall, both the quantity and quality of information that can be gathered under a unique identifier is greater (and cheaper!) than a haphazard industry approach trying many different solutions.
Why is it important to enable systems to “match” patients? Imagine you’re lying unconscious in an emergency room, and the doctor can’t find a record to indicate your penicillin allergy. While the idea of a ER physician being able to conduct an instant search across the globe to find your records is itself still largely theoretical, realizing that theory is much, much more difficult without a simple way to identify patients.
The current government policy feels contradictory. On one hand, government initiatives such as the Nationwide Health Information Network (and implementation in CONNECT) suggest that moving health information into the electronic space, to be readily accessible by consumers of health data, is a national priority. On the other hand, policies preventing investigation into a national patient identifier stifle the ease of rolling out such systems nationwide and limit their accuracy.
Privacy is a major concern with a national patient identifier; however, both the concept of uniquely identifying numbers associated with people as well as the notions of ‘security breach’ are no different with a national patient identifier than with the systems that are currently in place. The information that could be gained from learning the national patient identifier would be little different from the information gained under the current approach of using names, social security numbers, and addresses. Once a person has this information, and somehow gains access to the health network, it will not matter if they have the NPI number or the separate bits of information. Also, the concept of a unique identifier exists nationally from birth in the US in the form of a social security number, and from the point of ID issuance at the state level. It is a little known fact that many states create drivers license numbers based off of the full name and date of birth of an individual. Maryland is one of those states, and based upon that number alone, anybody can tell who you are! You can try it yourself here. The real security is in maintaining the network and reducing fraud.
While in no way would the implementation of a national patient identifier be easy, it should at least be one of the possibilities that can be considered at the national level. It is in the interest of private industry to speak up and express their concern, since current government policy forbids any possible action internally.