How to improve and streamline patient identification

We continue to explore challenges in the healthcare industry and ways you and us, as tech specialists, can address in our new and ongoing projects. Today, let’s talk about patient misidentification, the way it harms patient outcomes, the reputation of healthcare institutions, and the money of everyone who participates in the healthcare ecosystem.

So, patient identity and the question of whether or not it is grasped correctly is vital for healthcare. The stories of mismatching patients and their health records range from comedic to frankly terrifying (as ProPublica material about a grieving family that allowed end-of-life for a person who was not, in fact, their loved one).

The chain of reaction, occurring when one person’s name is misheard during registration, can (and does) cause a ripple of unfortunate and fatal events.

While healthcare officials in America know about “identity crises” and 66% of healthcare CIOs think of addressing it as one of their top priorities, there’s little action seen on the level of governance. HIPAA has 18 patient identifiers that may or may not be included in patient records and should be protected with appropriate safeguards - yet, providers and laboratories often only use two, per the recommendations of Joint Commission’s National Safety Goals that have been released in 2014. These two identifiers are name and date of birth and/or medical identification number (a tag on the bracelet that is sometimes given to you at hospitals.) Apart from that, there is another recommendation, issued by ONC for Health IT from the 2016 year that encourages EHR developers to add more demographic elements to patient identification - like previous addresses, email addresses, etc, telling they’re essential for the seamless exchange with fewer duplicates and other errors.

Now, these are recommendations and encouragement, not requirements: as far as recommendations go, your next visit to a hospital can result in you going to a new specialist with health records of the person you share a name with. And these are, of course, cases where the name and date-of-birth match. As you imagine, the ID process works about as well as expected.

According to the last year’s research, about 18% of patient EHRs are duplicates, which means about 1 in 5 patients have their data incomplete. Pew’s report says that too, 20% of patients may not be completely matched to their records in the organization they’re assigned to (when their primary physician works); and there’s a 50% probability of correct matching outside of this organization.

The consequences are painstakingly clear: people receive wrong lab results, wrong tests, wrong diagnoses, treatments, and surgeries they do not need. With the pandemic changing statistics about leading causes of death, preventable medical errors are in the fourth place (patient misidentification is one of them). By the way, misidentification and, in general, lack of identifiers, make it really hard to track and analyze virus spread, too: how do you map the movement of the infection if you don’t know where are the people having coronavirus live? Really bad.

We’ll spare you the account of administrative and financial losses associated with patient mismatching and its domino effect. Imagine patients’ pain and disappointment, and how lawsuits and lost time and credibility affect doctors and healthcare institutions at large.

Let’s talk prevention, shall we?

Where and why patient misidentification occurs

To understand how to fix misidentification - or build tools that will assist hospitals in doing so, - you need to understand where - on patient’s journey and on patient’s workflow - the cases of misidentification occur. Sadly, the latest misidentification statistics reaches back to 2016, and the Ponemon Institute’s study, - we decided to roll with it, as the issue is still largely unaddressed.

  • 63% of incorrect identification occurs at registration (like an armband given to the wrong patients), and 32% attribute to registrars’ human errors (misheard or misspelled patients’ name).
  • 60% of them occur due to lack of time for doctors during treatment;
  • 35% of them are because employees or clinical personnel lack training;
  • 29% of misidentification cases attribute to siloed, inefficient software, and business processes connecting different hospital departments and workflows of its employees.
  • 20% are due to inefficient safety safeguards;
  • 15% are attributed to overconfidence in the identification system, installed in the place;
  • and 9% are due to patients lying.

All of that, as you imagine, results not only in the wrong treatment but also in denied claims - and only denied claims can cost a hospital, on average, $17.4 million annually.

What can we learn from these statistics?

1. One or two patient identifiers are not enough for identification. Moreover, the searches only by name at the register’s desk often result in duplicates, as the registrar can’t overlook all medical records or charts, so they create new ones. 56% of incorrectly filled records occur because two patients have the same name or date of birth. Due to duplicates, it’s often impossible to find patients’ complete medical history - and the reactions go further into care outcomes, 10-20% of which are harmful, and losses we’ve already pinpointed.

2. Registers and doctors are people. Shocking, we know. Using siloed systems with unusable interfaces, doctors need to choose between quick and helpful and slow and potentially harming options, they’ll choose the former. They spend about half-an-hour on searching for a correct record per shift; that’s a lot. In order for people to work more efficiently, they need tools that were made to assist them - not tools that were made because EHRs are needed to be made.

3. Manual work makes things worse. It takes a toll both on our case of patient identification and on administrative workers and doctors. So, there should be safeguards checking the accuracy of manual work - or there should be the tech that reduces the ridiculous amounts of it.

So, what we, as tech people, can offer to collaborate with hospitals and ease their pain and losses?

What you can build to help solve the misidentification crisis

It’s generally offered hospitals to implement tech systems that will help them identify patients and procedures and diagnoses assigned to them in an unambiguous manner. So they’ll be waiting for you.

To solve the two-identifiers problem, you need a system that will include more identifiers. Medical wristband with a unique hospital identification is very common, but as you’ve seen from stats, they’re often mismatched with patients, so as they are right now, they are not reliable. How to make them more reliable? Sprinkle Internet-of-Things. Build a solution that will track RFID tags or barcodes on their wristband. Doctors will match the barcode to the medical history of particular patients, put on them their bracelets, and if it’s attributed to a wrong person - the app will show. How?

Well, through showing the patient's face. Offer hospitals to collect something more solid and unique than people’s name and birthdays: their photo. Patients’ photos are covered by HIPAA and totally can be collected. Photos could also be very helpful on the register level - mismatching will reduce, as the person behind the computer will, well, put a face to a name.

And to administrative staff, what can we do for them? Automate the heck out of their manual work. Half-an-hour a day is way too much (and that’s average). Build an easy-to-use system that will forbid them to create a duplicate, will help them conduct correct claims in accordance with patients’ insurer. Make it easy for them.

How else can we make it easy for them? Patient-facing apps that allow them to check in a hospital - and match their name & date of birth to patient records by themselves. What is nicer about these apps is that they reduce waiting time and increase patients’ satisfaction and control of their health.

But it’s too good, right? Right. Because it’s largely inaccessible for senior people you still haven’t explained how to use smartphones and to people in rural areas, who have bad internet. And to other people who can’t use mobile devices. You can identify them via biometric - installed in hospitals as gates or tables and in users’ smartphones, it will allow healthcare to build seamless check-in experience for more people. Like in airports. Moreover, biometric identification (by arises, fingertips, or face) will help hospitals in identifying people in ECU.

Emergency care units lead us to another problem. They’re pretty much disconnected from the primary care. They have different systems for patient records, and there could be misidentification during transfer between departments (thus, wrong surgeries). You can help hospitals deal with these by creating a centralized system that will collect all data about patients and care operations in one place, and update them in real-time. Alternatively, you can build APIs that will enhance interoperability and connect your system - for instance, a solution for ECU, to the hospital’s EHR. By the way, APIs are in high demand right now, as EHR providers must open their databases to patients (and, therefore, vendors), according to new HHS rules.

What about patients who move through the country and have their medical history siloed between different EHRs - or different hospitals using the same EHRs? Well, you can connect them via API to your patient-facing application that would collect all patient data from them. Then, the patient will be able to show the lacking info to their current medical providers or even share it, right at the point of care.

There are, of course, other ideas. For instance, the banking industry also has tons of sensitive data about people in place: and one bank can access the whole background of crediting on a single person in few clicks. Healthcare could adopt this approach, taking data for identification from, for instance, postal services (like address and index) but that requires negotiations, and negotiation requires the discussion of benefits, and data sharing is - well - not really beneficial for outsiders.

All these ideas can be broken down to tools (and we’ll show the examples of them, soon), but we can’t skip the discussion of challenges. There are privacy concerns that follow both healthcare - it’s the most popular industry for hackers that still uses Windows 7; the concern is explainable - and tech (check out the latest Google’s lawsuit.) So you must learn HIPAA rules and commit to building the system within them.

There is data quality challenge because healthcare departments approach patients’ data differently, and you need to be able to utilize/standardize it without breaking down the existing workflows.

Accessibility challenge we’ve been talking about that remains unaddressed for many people. Biometric facial recognition algorithms often have a racial bias - so there’s the problem of exclusion.

Prepare to address all of them by collaborating with hospital’s employees and their patients, because if tech solution is created in a soft tech-y vacuum, it’s generally useless for real use-cases. Believe us, we know. (By the way? If you new to all this and want to see more generic tips for building products in digital healthcare, check out our Q&A about that on YouTube.)

From the point of software development, we also recommend adding to your check-in system patient classification by the urgency of their concern (assigned automatically, if patients come with the emergency unit) and the nature of it (what specialist is needed, what are the symptoms). That will smooth the process of patient onboarding or transferring - and allow clinicians to prepare for the conversation and get familiar with patients’ medical history before facing them.

Apart from that, you need to preventively identify how many patients come to hospitals daily and what are their symptoms. That will allow you to build a solution that will weather the standard workflow. And, if you’d wanted, you could use it for real-time analytics, hospital load forecasting, and even for public emergency analysis.

Now, let’s give a few examples of a few solutions that already exist on the market.

Existing solutions for patient identification and check-in

Vecna Technologies, a company that develops self-service systems for patients, integrated with Imprivata’s PatientSecure identification solutions in 2018, so hospitals could install kiosks with palm scanning to identify patients correctly and securely via Vecna’s patient-facing platform. In general, biometric solutions for PI are considered a very perspective niche - lots of companies who were already existing in the ID market expanded to healthcare to offer their expertise there, as well (like Veridium, who initially operated in fintech.)

Imprivata’s PatientSecure, though, does not only offer biometric identifications but also presents patients’ data via creating a consistent, clean flow.

Correct patient identification is often an “added benefit” for RFID-based and other IoT solutions - of the real-time patient location system. They are primarily marketed to optimize clinicians’ workflow that helps hospitals save lots of money by, for instance, alerting them of a free operating room, waiting for patients or patients who wandered off - addressing preventable fall events. One hospital managed to achieve $1M savings annually with RTLS tech.

So, there’s quite a lot of opportunities to catch here - and to offer to healthcare organizations.


If you found this article useful - don’t hesitate to share it on social media; it will show us we are moving in the right direction. If you want any help in building solutions for patient identification, contact us either there, on social media, or here.

If you’re a hospital, who suddenly realized you need to beat some of the challenges described in this article, contact us, too! Despite being a startup hub, we’re quite fond of working with providers, too.


Tell us about your project

Fill out the form or contact us

Go Up

Tell us about your project