Unique Patient Identifier Solves Patient Safety Concerns Caused by Data Breaches

tascet-twitterNational patient identifier is the foundation for interoperability across the entire healthcare system and removes the financial threat of synthetic identities

TASCET, Inc., released its “Unique Patient Identifier,” or UPI, solution to the healthcare industry — resolving a long, contentious search by providers, patient privacy advocates and public agencies.

Organizations including the College of Healthcare Information Management Executives, the Association of Medical Directors of Information Systems and the American Hospital Association have called the unique patient identifier “foundational” and the need for a UPI “urgent” for safely exchanging electronic health records without risking patient privacy. Centralized payment hubs being developed by a number of banks have also found it necessary that a unique patient identifier exist in order to assure prompt and accurate payments.

Tommy G. Thompson, former Secretary of U.S. Health and Human Services, applauds the industry-led effort to implement a UPI. “During my tenure as Secretary, we saw the promise of electronic health records and secure information exchange, but knew patient record matching would be challenging. The lack of a unique patient identifier has become a major impediment to the secure sharing of health information, and a very real threat to patient safety,” says Thompson. “I’m encouraged that private enterprise is moving forward with workable solutions.”

Describing the breakthrough, Larry Aubol, CEO of TASCET, Inc., says: “The UPI solves the most difficult challenge to patient safety: ensuring that patient records cannot be compromised due to mismatching, duplication, fraud or data breaches.” Years of discussions with industry executives, physicians, associations, privacy advocates, HIEs, payers, pharmacists and government officials provided the backdrop for the development of the unique patient identifier.

Massive data breaches have heightened the concern over patient record exchange across the nation. The Identity Theft Resource Center reports that more than 109 million patient records were compromised in breaches since January, 2015, in addition to those suffered across industries and the U.S. government. The compromised information is sold and resold, enabling criminals to pair valid information with false information to create synthetic identities and commit fraud, leaving patients and healthcare systems at great risk, Aubol notes.

“Even before data breaches became systemic, development of a UPI solution was prompted by basic patient safety concerns,” Aubol recalls. “The biggest obstacle has been making the UPI inherently secure so that patient records are always protected from unauthorized access, and that’s exactly what we do.”

In 2008, the RAND Corporation examined the benefits of a unique patient identifier for the U.S. healthcare system. Its report highlighted six attributes outlined in the ASTM standard, which called for the UPI to be unique and canonical, invariable, nondisclosing, verifiable, ubiquitous and limited in use to accessing health information.

“To be both unique and canonical, a patient identifier must prevent multiple patients from being assigned to the same patient identifier, while also ensuring that the same patient is not attributed to more than one identifier, across the nationwide healthcare system,” explains Aubol. “The UPI accomplishes these and the other attributes noted by RAND, all while protecting the privacy of the patients and improving revenue cycle management for providers.”

“The UPI is just one component,” Aubol noted, “but it is the foundation for interoperability in nationwide health information exchange, and the means to safeguard patients and their privacy.”