Patient Matching and the Impact on the Immunization Community

Immunization Integration Program (IIP) Collaborative Patient Matching Brief

Patient matching is the accurate identification and linking of a patient's data within and across health systems in order to deliver a detailed view of the patient's healthcare record. This is typically achieved through matching on multiple demographic data fields such as name, birth date, phone number or address. To create an accurate immunization history, it is often necessary to match or link records relating to the same patient from several different data sources. Accurately capturing and consolidating immunization history is important to ensure that meaningful health decisions can be made on both the clinical and population levels.

The Immunization Integration Program (IIP) is sponsored by Centers for Disease Control and Prevention (CDC) and led by Healthcare Information and Management Systems Society (HIMSS), American Immunization Registry Association (AIRA), and Drummond Group. This policy brief was developed by the IIP planning partners, and the IIP Executive Committee representing clinicians, electronic health record (EHR) developers, immunization information systems (IIS) and immunization programs, health Information exchanges (HIEs), and other key partners.

This brief’s aims are two-fold:

1. Explore the benefits and challenges of patient matching and identification strategies as well as their impact on immunization data exchange and patient care.
2. Provide context and information to governmental partners about the importance of accurate patient matching strategies.

The intended audience is policy makers, including U.S. federal agencies, state health officials and state legislators. In addition to providing context and information, this brief also includes specific recommendations for public health organizations and federal and jurisdictional officials.

Patient Matching Scenario

Scenario Background: Catherine Rogers, a 4-year-old child, regularly receives vaccines at her pediatrician’s office, which sends immunization records to its state IIS. A mobile immunization administrating provider offers free nasal influenza (flu) vaccines across from a busy shopping center where Catherine and her grandfather are shopping. Catherine’s grandfather calls Catherine’s father to make sure it would be alright for Catherine to get her vaccine. After receiving the vaccine, Catherine’s immunization record is sent to the state’s IIS. However, due to data discrepancies and subsequent imprecise matching, Catherine now has two records within her state’s IIS: one from her pediatrician, and one from the mobile provider. A week later, Catherine is taken to her pediatrician for her scheduled 4-year-old checkup, which includes her second, and final, measles, mumps, rubella, and varicella/chickenpox (MMRV) shot.

Clinical Encounter: When Catherine visits her pediatrician’s office for the MMRV dose, the nurse uses his electronic health record (EHR) system to search for Catherine’s immunization history within the IIS. Only the record sent by the pediatrician's office is returned, and it does not include the recent nasal flu vaccine. When asked, Catherine’s mother indicates that Catherine did not receive any vaccines in the past month.

Impact caused by patient matching issues: A week after her visit to the pediatrician’s office, Catherine’s mother reminds her husband that their daughter should receive an annual flu vaccine, and he mentions that Catherine already received one when shopping with her grandfather. Catherine’s parents contact the pediatrician’s office with the flu vaccine information. Upon entering the immunization into the EHR system, the nurse notices that the two vaccines were not properly spaced apart. The Advisory Committee on Immunization Practices (ACIP) recommends there be at least 28 days between nasal flu vaccine and other live vaccine doses, including MMRV. Therefore, the MMRV dose must be repeated. Over the next four weeks, Catherine is at risk for measles, mumps, rubella and varicella.

One of her parents must take off work to make an additional trip to the pediatrician’s office. Her parents or healthcare providers should also inform IIS personnel of the need to merge Catherine’s two records. The repeated MMRV dose could cost up to $236 for the vaccine alone, and there might also be a charge for the office visit as well as indirect costs such as transportation and lost wages.

According to HIMSS, interoperability is the “ability of different information systems, devices and applications (systems) to access, exchange, integrate and cooperatively use data in a coordinated manner, within and across organizational, regional and national boundaries, to provide timely and seamless portability of information and optimize the health of individuals and populations globally.” The ability to exchange health information across the U.S. relies heavily on patient matching. In 2018, about 33% of all denied hospital claims can be linked to inaccurate patient identification, which, on average, costs each hospital $1.5 million and the entire U.S. healthcare system more than $6 billion annually. The estimated cost of repetitive medical treatment due to duplicate records is $1,950 per patient per inpatient stay and over $800 per emergency department visit. A 2022 Patient ID Now Coalition survey of technology vendors, public health and government, payers, provider organizations, and health information exchanges reveals that over one-third of respondents are spending over $1 million annually on overcoming patient identification.

One of the nation’s leading patient safety organizations, ECRI (originally known as the Emergency Care Research Institute), named patient identification and matching among the top 10 threats to patient safety. One estimate cited by the College of Healthcare Information Management Executives (CHIME) suggests that matching rates can be as low as 80% in some facilities, signifying that one in five patients might not be matched with all their records, even in organizations using the same EHR system. However, when organizations maintain good data quality and are able to manually check for patient matching errors, they can achieve much higher match rates.

Mismatched or missing data harms patient safety. A 2022 Patient ID Now survey shows that 70% of respondents agree or strongly agree that patients undergo or receive duplicative or unnecessary testing due to difficulties in managing patient identities.

Public health efforts to stop the spread of COVID-19 rely on data from hospitals, clinics, laboratories, pharmacies and other sources to determine vital information on virus spread and immunization rates. The COVID-19 pandemic has highlighted challenges to patient matching across disparate health information systems. An effective immunization campaign depends on accurate and up-to-date patient data, and patient matching is critical for standardizing data and ensuring accuracy and precision within and across health IT systems.

IIS at the state and local levels aim to support the appropriate delivery of immunization services to all members of a population. To meet that goal, every administered immunization must be shared with the IIS and any immunization provider must be able to query the IIS to determine a patient's immunization status. Accurate patient matching is critical to assure that immunizations are successfully reported to the IIS and associated with the correct patient, and providers must be able to access that patient’s complete record in the IIS.

Removing barriers to patient matching and developing and promoting universal matching strategies should be considered a high priority.

"Patient data has the potential to be fragmented across health systems. To pull all of that data together, so that healthcare providers have a holistic view to make the best decisions possible, we need to have a reliable,consistent way of identifying patients. Any time you lack complete information to make the best decision possible, there's an opportunity for error. Patient matching is a safety issue. Patient identification is paramount to making sure that patients receive appropriate, safe care."
Shaun Grannis, MD, MS, Regenstrief Institute VP of Data and Analytics & IIP Technical Council ChairPatient Matching Scenario

Policy Background

A ban exists on spending federal dollars to adopt a unique health identifier for individuals and narrow interpretation of this has prevented the institution of a nationwide patient identification strategy. The draft Fiscal Year (FY) 2023 Senate Labor-HHS bill has removed the ban for the second year in a row, and the House of Representatives’ FY2023 Labor-HHS bill repealed the ban in a bipartisan manner for the fourth year in a row. Despite this progress, Section 510 has remained in every FY appropriations bill since FY1999. Congress should take action to officially remove the ban. This will enable HHS to evaluate patient identification and matching solutions and explore collaboration with the private sector to identify a complete national strategy.

In 2020, HIMSS co-founded the Patient ID Now Coalition, and AIRA joined shortly thereafter. This coalition of about 50 healthcare and public health organizations represents a wide range of partners committed to advancing a nationwide strategy to address patient identification through legislation and regulation. In 2021, the coalition announced a framework to inform the creation of a national strategy to improve patient identification. In 2022, the coalition announced results of its survey on “New Perspectives on the Patient ID Problem in Healthcare,” reflecting the significant cost of patient matching to diverse types of organizations and the impact on patient health.

The state level perspective is also critical in this discussion. States face challenges supporting populations with lack of documentation or those with low socioeconomic status who may not have as many identifiers. The Association of State and Territorial Health Officials (ASTHO) published a set of Immunization Guiding Principles in 2017, which promote and support immunization through a comprehensive approach that involves the continued use and improvement of IIS functionality and secure data exchange. ASTHO supports measures that advance IIS operations and enhancements, and is engaged in collaborations with federal partners and state health agencies to improve immunization data quality and data exchange for public health action.

Several efforts are underway across the healthcare ecosystem that may also support patient matching efforts related to immunization data exchange, and involvement in these efforts may have policy implications:

• Privacy-Preserving Record Linkage (PPRL) is a methodology to securely de-identify and share immunization data in such a way that it can be linked to additional records from the same data source or from different sources submitting data about the same patient. PPRL is currently being tested by Indian Health Services (IHS) and select pharmacies as a method for submitting data to CDC that protects both personally identifiable information (PII) and protected health information (PHI). In addition to creating de-identified linkages nationwide, PPRL could potentially leverage linked data across the healthcare data ecosystem to improve patient matching within IIS.
• Project US@ is an effort coordinated by the Office of the National Coordinator for Health Information Technology that seeks to create a unified, cross-standards, healthcare industry-wide specification for representing patient addresses to improve patient matching. The Project US@ Technical Specification was released in January 2022 and is supported by the Project US@ ONC-AHIMA Companion Guide to provide guidance and best practices to facilitate adoption and conformance.

Patient Matching Strategies

In January 2019, the Government Accountability Office (GAO) published a report on patient matching, concluding that no single effort will solve the challenge of patient record matching. Patient matching typically occurs using algorithms, unique identifiers, manual review or a combination of these methods. The following three methods are currently used for patient identification and merging clinical data:

1. A deterministic approach requires that predefined data elements must match exactly without typographical errors or variation. Using the example above, Catherine Rogers’ first and last names submitted with a new immunization record must match exactly to her names in the IIS.
2. In rules-based methods, each data element is weighed with respect to how essential it is to match a record. Therefore, if every data element does not match exactly, the records will match if enough data elements are identical. For example, a match on Catherine Rogers’ name and date of birth might be more important than a match on her address.
3. Probabilistic algorithms factor in potential irregularities in the data (e.g., letters transposed in an address or name, or changes of address). Matching based on unique population characteristics might be fine-tuned by, for example, decreasing the importance of the last name if it is highly prevalent in an area. For example, if “Rogers” is a common last name where Catherine lives, matching algorithms might rely more on other data fields to determine a match.

The Pew Charitable Trusts published a comprehensive report, Enhanced Patient Matching is Critical to Achieving Full Promise of Digital Health Records, based on their evaluation of various avenues to improve patient matching. Pew looked at common approaches and themes that the government and private industry can use to improve patient matching. Approaches included creating a unique identifier for patients, establishing patient-focused solutions that allow each person to ensure that their records are matched, and standardizing demographic data, such as addresses. Pew’s research also revealed three themes: First, a national plan would require collaboration for defining best practices, agreements from healthcare agencies, recommendations from and implementations by technology developers on agreed-upon standards, and patient participation. Second, though no solution can achieve a 100% match rate for patients, steps can be taken to significantly improve record linking. Third, though opportunities exist to make positive, gradual changes in the near term, more lasting change would require the application of new approaches and technologies.

Perspectives from Healthcare Providers, IIS, EHRs and HIEs

Healthcare Providers

Healthcare providers have faced patient matching issues for decades. Access to complete patient information, particularly in unplanned visit situations, can be challenging. According to a 2019 survey conducted by eHealth Initiative (eHI) and commissioned by NextGate, about 38% of healthcare providers experienced an adverse event in the last two years as a result of patient matching issues. Providers and patients benefit from the ability to identify holistic clinical histories (including immunizations) to inform patient treatment. Inaccessible historical information can result in avoidable healthcare risks and wasted resources. For example, if Catherine Rogers’ record were matched correctly and her pediatrician had access to Catherine’s accurate immunization history, she probably would not have been given the MMRV vaccine too soon after her flu vaccine was administered.

Providers face several patient matching challenges both internally and externally. Provider registration staff must try to capture and maintain constantly changing patient demographic information. For example, individuals commonly change their name, address or phone number. The match process and any automated linkages must be able to consider data challenges such as misspellings and typographical errors.

When providers exchange data with partners (e.g., IIS, HIEs) to support patient care and public health, patient information must be matched both over time and across multiple disparate sources. Often, this includes collaborating with external parties to conduct routine reconciliation of incorrectly matched and duplicate records. In 2019, 80% of providers and HIEs reported employing staff dedicated to addressing matching issues on at least a weekly basis, indicating a significant commitment of time and resources.

Immunization Information Systems (IIS)

IIS has decades of experience with data exchange between disparate systems that require patient identification and matching. In 2000, at least 31 population-based IIS were exchanging electronic data with at least one other information system. By 2021, every U.S. state had an IIS actively exchanging data electronically, supporting over 117,000 EHR-IIS interfaces that require automated matching.

As IIS has expanded to incorporate immunization data for all ages from an increasing number of healthcare providers, the ability to correctly match patients becomes even more critical. The COVID-19 pandemic required many patients to receive immunizations outside of their medical home which expanded the number of providers submitting data to IIS. Lack of effective patient matching strategies among IIS can result in failure to match patient data, which can cause errors, incomplete records and/or inaccurate vaccine recommendations, potentially leading to under or over immunized patients. More complex or advanced patient matching strategies and related software can be expensive for IIS as it  operates on limited budgets.

In 2013, the CDC published essential capabilities for IIS to improve data quality, usefulness and credibility through patient-level deduplication best practices. The recommended multistep strategies apply to most circumstances and situations: education and training, screening, and cleansing incoming data, standardizing data, issue monitoring and mitigation, and ongoing adherence to standards. The consensus was that, when determining matching thresholds, duplicate records are preferable to erroneously merged records. Therefore, both routine automated deduplication and periodic manual deduplication efforts are required to ensure high levels of accurate matching. In the example above, when the IIS received the flu immunization record for Catherine Rogers that could not be confidently matched to her existing record, the IIS created a duplicate record which will require subsequent deduplication and merging them to correct.

IIS commonly uses address cleansing and verification to further standardize data and improve patient match rates. This process evaluates addresses without identifying the person and standardizes and validates addresses in accordance with the United States Postal Service standards. Approximately three-fourths of IIS are currently using Smarty, a shared address cleansing and geocoding service, provided at no cost to IIS members through an AIRA and CDC agreement. At least one state (Illinois) has reported improved match rates and address deduplication as a result of using Smarty.

IIS faces many challenges in implementing accurate patient identification and deduplication. All strategies are resource intensive, requiring significant funding and staffing resources to adopt and support. IIS may benefit from partnering with others in their jurisdiction (e.g., HIEs, state governments, etc.) to leverage patient matching capabilities, potential master patient indices (MPIs) and unique patient identifiers used across systems. Advocating for the development and launch of a shared MPI for IIS use would require pooling resources or investments to contract for software and services; consensus on governance, operating policies, ongoing funding/sustainability models for its use by IIS; and commitment across EHRs and other data sources to submit full patient demographics to IIS or MPI. Potential solutions would need to accommodate federal and state policies and programs, current private sector practices, and feasibility of implementation.

Electronic Health Records (EHRs)

EHRs strive to support the informational needs of healthcare providers, including robust patient registration functionality. They provide user workflows for registration functions, such as the match, merge and deduplication methods,, and inherent challenges described above. Part of this workflow may include presenting patient registration staff with a patient’s historical records to validate or update that patient’s current information.

EHRs must also support clinician or organizational requirements to engage in information exchange with external parties such as IIS. Successful patient matching is heavily dependent on accurate and current patient demographic data that can be included in queries and submissions to IIS. However, despite best efforts to capture accurate information in one system, there is still the potential that not all data exchange partners will store or share the same information, possibly leading to patient mismatches.

Health Information Exchanges (HIEs)

One of the core functions of HIEs is to link and match patient identities across disparate systems. HIE systems use deterministic, rules-based and probabilistic methods to match records. These matching algorithms also feature probability considerations for populations in which similar names (e.g., Catherine, Kathryn, Cathy) may impact the likelihood of potential matches. Match quality is further improved by having more data for the same patient, which may include longitudinal demographic information (e.g., address changes, name changes, nickname use, etc.).

HIEs may routinely receive immunization data from providers and route it to IIS. In such situations, HIEs may have the ability to apply matching algorithms and append immunization records with additional patient demographic information or an MPI to facilitate patient matching in the IIS. HIEs also work with healthcare providers that source information to assist indeduplication and match confirmation. However, HIEs report that staff, funding, and data governance protocols are insufficient to support patient matching activities.

Unique Patient Identifier Benefits and Challenges

Discussions about a national patient identifier in the United States have occurred for many years. Though benefits include greater ease of matching a patient across different healthcare encounters and locations of care, documented challenges to achieving that goal raise concerns among statisticians, researchers, public health professionals and, most importantly, patients. The National Committee on Vital and Health Statistics (NCVHS) analyzed the potential risks of a unique patient identifier, including inappropriate linkage of medical information with personal and financial data, unscrupulous use of health data, and the need for a centralized database to avoid “doctor shopping” for controlled substances. The Social Security number (SSN) does not suit this purpose because it is not under the control of the healthcare industry and could facilitate illicit access to personal and financial data. Any national identifier could also invoke fear of discrimination due to stigmatized medical issues and fear of deportation among undocumented immigrants.

Other countries have seen benefits from adopting a national patient identifier. The United Kingdom’s National Health Service (NHS) has used an electronic national patient identifier since 1991. Its benefits include collecting key outcome information (e.g., cause of disease or death), identifying groups of patients to receive vital health notifications, assisting study recruitment, and informing participant tracing strategies (e.g., finding patients lost to follow-up care). However, challenges include the duplication of identifiers for patients who are adopted, have sensitive conditions, are post gender reassignment surgery, or have a discontinuous history for any reason. Assigning identifiers at birth as the NHS now does, however, could miss some immigrants as well as persons who remain outside the healthcare system. Smart cards used by the Taiwan Health Care Smart Card Project employ a unique patient identifier to document health indicators and healthcare utilization. The project rolled out patient identifiers and smart cards at the same time, which required a comprehensive system security plan to protect cardholder privacy and assessments of efficiency and activity.

Conclusion and Recommendations

Leaders should fully promote patient identification initiatives such as prioritizing complete capture of accurate demographic data, incorporating address cleansing strategies, leveraging unique identifiers where available, fine-tuning matching algorithms, and identifying barriers to accurate matching practices. The Patient ID Now Coalition offers a framework for a national strategy around patient identity. The COVID-19 pandemic has emphasized the need to be able to exchange accurate, timely and complete data with IIS. To further support and improve accurate patient matching, we recommend the following:

Recommendations for the U.S. Department of Health and Human Services

• Catalog and publish patient identification strategies across jurisdictions (states, counties, cities, tribal entities) and at the federal level.
• Work with states and relevant stakeholders to identify common data elements for public health reporting to help with patient identification.
• Partner with health systems, public health programs and non-profit stakeholders to develop testing approaches to assess and improve patient matching methods.
• Continue to explore Patient ID Now's framework and recommendations surrounding patient matching accuracy and match rates, data quality, interoperability, privacy standards, healthcare quality and inclusion.

Recommendations for Jurisdictions (States, Counties, Cities, and Tribal Entities)

• Participate in ongoing efforts that support IIS operations and enhancements and collaborate with federal partners and other jurisdictions to develop and adopt uniform policies and business rules to improve efficiency.
• Share model practices and lessons learned on jurisdiction-level patient matching strategies that can help inform the development of a national patient identification strategy.
• Support efforts to allow patients to access their demographic data and to communicate discrepancies and updates to their healthcare providers and IIS.
• Utilize the United States Core Data for Interoperability (USCDI) patient demographic data elements and leverage address verification services (e.g., Smarty) and standardization efforts (e.g., Project US@). Research shows that match rates improve with standardized demographic data.
• Support efforts to provide guidance for removing obstacles to care coordination, patient matching and improved patient safety.

For inquiries, please contact IIP@himss.org.