Skip to Main Content

A California hospital misidentified a patient and harvested his organs, though he had never agreed to donate them.

A Rhode Island hospital misidentified a suspect police brought to its emergency room complaining of chest pains. It billed another man with the same name — who also got a call from the suspect’s lawyer asking why he’d been arrested.

A new mother requested her placenta to take home, then learned it had been given to another patient when a nurse mixed up labels.


Identifying patients correctly is one of a health provider’s most basic functions. Get it wrong, and anything from a billing mistake to a catastrophic medical error may follow. Yet in the United States, hospitals and medical practices routinely mix up identities — or, more generally, fail to match all the right records with a patient. Nationally, according to a study from the RAND Corporation, health providers mismatch patients and records 8 percent of the time on average.

Read more: Experts argue benefits, pitfalls of a unique patient identifier

There’s a straightforward fix for this problem: It’s called a unique (or national) patient identifier. Typically, each patient gets a single sequence of characters appended to every medical record, virtually bundling them together. If all, or most, health records systems used such an ID, it would reduce errors, streamline a clunky process, and save money.


But in the messy, contentious US health care system, there are no straightforward solutions. Even as health providers are demanding better identification technology to manage their expanding electronic records, and some are pushing the idea in Washington, the identifier idea faces many obstacles, including strong political resistance.

Many Americans are skeptical about the privacy implications of government ID programs, and privacy advocates say a unique identifier could be exploited by companies that trade in personal data — or worse, by hackers.

“We have no idea where all our data goes — particularly our health information,” said Deborah Peel, the founder of the organization Patient Privacy Rights. “If you don’t know where all your data is, who’s using it or what for, how can we weigh the benefits of doing anything online, using electronic health records or an identifier?”

Unique IDs, sometimes called universal IDs, are becoming more common in other developed nations — at least, in those with government-run national health systems. In Britain’s program, for example, every patient gets a National Health Service Number. Singapore and Australia recently started their own health ID programs.

The United States faces a challenge. American health care isn’t a unitary system but a bunch of them, some public, some private, each with its own methods for handling medical records. Sometime mistakes can be traced to human error: a name or Social Security number incorrectly recorded or the wrong file pulled. Computer systems, riddled with such mistakes, compound them, matching the wrong records with a patient.

Finally, few of these health systems seamlessly overlap. Many can barely talk to one another. So when they have to exchange information — such as when a patient shows up in an emergency room — mix-ups also occur.

Most of the time, this creates small bureaucratic problems: lost time, more work, patient aggravation. But in rare cases, such errors lead to major problems. Though records of such mistakes aren’t well-kept, a 2010 study of a database of medical errors in Colorado found that doctors operated on the wrong patient 25 times over five and a half years. Most of those mistakes were caused by written errors in charts or other records. (The “wrong patient” surgeries accounted for 0.1 percent of all problems reported.)

All told, cases of patient misidentification cost US health providers more than $8 billion annually, according to the RAND Corporation study.

“We have no idea where all our data goes — particularly our health information.”

Deborah Peel, founder of Patient Privacy Rights

How we got to this point is a tangled story. In 1996, Congress passed and President Bill Clinton signed the Health Insurance Portability and Accountability Act. One of its purposes was to smooth the transition, then just underway, from paper to electronic records. HIPAA called for the development of a unique identifier.

Instantly, the idea hit an obstacle: suspicion of big government. Then-Representative Ron Paul (R-Texas), Congress’ leading libertarian, inserted language in the HIPAA legislation that barred the government from spending any money to develop a unique identifier. The law set a goal — and blocked any progress toward it.

Nearly 20 years later, that prohibition still stands. And the American system is messier than ever.

Most health providers use specialized algorithms to match patients with their records, which can be in either paper or electronic form. The algorithms take standard bits of personal information — names, Social Security Numbers, dates of birth — then statistically estimate the likelihood that the patient matches the records database. In other words, hospitals and doctors make a statistical guesstimate about who you are before treating you.

Most of the time, this works. If you arrive at a hospital and your information matches the records in their databases, the algorithm clears you. But in the sprawling mishmash of written and electronic health forms, there are many errors: misspellings, wrong digits, or middle initials. These boost the odds of mix-ups. Matching algorithms prevent some, but not all, of those.

Ironically, evolving technology has made some patient ID problems worse. The bigger and more sophisticated the system, the more data it processes, and the more likely that duplicate names and other common errors will cause problems. When two or more systems share data, problems multiply.

“The challenge now is how those different identification elements are collected among the different providers trying to share the data,” said Irv Lichtenwald, the CEO of Medsphere Systems, an electronic medical records company. “If you’re sharing data and end up with the incorrect patient, the error propagates.”

These ongoing problems have generated a new push for a unique ID. The College of Healthcare Information Management Executives, an Ann Arbor, Mich.-based association, announced recently it would sponsor a $1 million competition to devise a new patient identifier system.

“We’re trying not to be overly definitive on what it might be,” said Russell Branzell, the CEO of the group, known as CHIME. “It could be a number, a complex software/algorithmic system, it could be biometric, using handprints or some other characteristic.”

Since the federal government can’t get directly involved, CHIME hopes to create technology that any health provider can adopt. Over time, if enough use it, Branzell hopes the idea will snowball.

Privacy issues remain a big obstacle. People are very private about their health records. Supporters say that a unique identifier confers more control over data, and ultimately allows more security safeguards to be built into a chaotic system. “I cannot protect and ensure the privacy of your information if I don’t know it’s your information,” Branzell said.

But it’s still a given that technology that makes it easier to identify people could also be used for nefarious purposes — such as re-identifying anonymous records in databases. That’s a huge, separate problem.

“It is a legitimate concern,” said Nicolas Terry, a professor at the Indiana University Robert H. McKinney School of Law in Indianapolis. “But it’s important to keep an eye on what the problem is. The problem with data brokers buying and selling information is not a patient ID issue — it’s that we have inadequate regulations of data brokers.”

Peel, the privacy advocate, has a different solution: a card that holds an encrypted health record, giving the holder, not health care institutions, ultimate control of personal data. “The current systems are so open and leaky they can’t be fixed,” she said.