Patient Record Matching: Fixing What’s Broken
New GAO Report Spotlights Problems and Potential Solutions
…Health records for twins are particularly vulnerable to mistakes, including being merged accidentally, says Susan Lucci, a senior privacy and security consultant at tw-Security.
“Hacking, especially ransomware, is a lucrative business. It has low startup and operating costs, low likelihood of being caught and prosecuted, and a high return on investment,” Walsh says. “Hacking is conducted by nation-states, organized crime, political activists, and of course, opportunistic individuals who – in some cases – would rather do hacking than work at a real job.”
“Twins are often given similar names and maybe a later admission could be mistaken as a typo – for example ‘Kristen’ vs ‘Kirsten’, ‘Cody’ vs ‘Cory’,” she says. “Extremely common names will find multiple matches not only in the name but even in the date of birth, so … the potential for an overlaid record is high.”
Privacy violations are, indeed, a big concern in inaccurate patient matching, says Joe Gillespie, a senior privacy and security consultant at tw-Security.
“One version of the patient’s record may contain privacy restrictions that might not appear in another version,” he notes. “The same could happen with communications with an authorized patient representative not being aware of certain health issues that were being treated due to that person’s involvement not being recorded in a version of the record…”