The State of Patient Identifiers

As part of healthcare’s digital transformation, payers and providers alike have rolled out patient portals and telemedicine platforms to improve patient engagement as well as access to care services, and to decrease administrative costs. With the advent of the COVID-19 pandemic, these clinical resources have become more vital and more heavily utilized than ever before, making the need for reliable patient identifiers absolutely critical for these hospital platforms and health services.

Because of the risk and privacy implications of more widespread access to HIPAA-protected medical data, many stakeholders worry about increasing the number of access points in spite of the many potential benefits of electronic health records (EHR) and patient portals, and growing consumer interest in remote access to healthcare services.

At the heart of the issue is a desire to ensure that those who access protected health data are indeed who they claim to be. Identity management services that can remotely authenticate a unique individual and offer more self-service features are a crucial first step in achieving higher utilization levels of clinical offerings such as patient portals and telehealth services, while still protecting sensitive patient information and limiting risk.

To this end, there is a growing call for national adoption of a unique identifier for patient matching and interoperability. Patients and anyone on the care team, including physicians, nurses and office staff who require access to sensitive health data need to be authenticated with such an identifier prior to being granted access. This critical step acts as a layer of defense against misidentification in order to safeguard against those who would otherwise use private personal and health information for misdeeds or fraudulent activities.

But with the increase in digital access points comes the increase in risk to those individual identities, systems and medical data. Hospitals and other care organizations are challenged to provide a frictionless patient experience with layered security controls. Appropriately managing patient identifiers is the first step in securing those access points, while providing the best experience to those using the systems.

To better understand how healthcare organizations are addressing those risks, LexisNexis Risk Solutions surveyed over 100 healthcare organizations to identify the challenges inherent in creating and managing patient identifiers. Survey respondents provided insights about current best practices to accurately and efficiently identify individuals. Respondents also shared the tools, skills and partnerships needed to improve the balance between patient engagement and ensuring security to minimize the risk of sensitive health data being accessed accidentally by the wrong person or maliciously by cyberattackers.

Download our research report for the full survey results as well as expert analysis on how to put this information to use in order to improve your hospital or healthcare organization's approach to authentication and patient identity management.