The Futility of Patient Matching

By | October 29, 2018


The original sin of health records interoperability was the loss of consent in HIPAA. In 2000, when HIPAA (Health Insurance Portability and Accountability Act) first became law, the Internet was hardly a thing in healthcare. The Nationwide Health Information Network (NHIN) was not a thing until 2004. 2009 brought us the HITECH Act and Meaningful Use and 2016 brought the 21st Century Cures Act with “information blocking” as clear evidence of bipartisan frustration. Cures,  in 2018, begat TEFCA, the draft Trusted Exchange Framework and Common Agreement. The next update to the draft TEFCA is expected before 2019 which is also the year that Meaningful Use Stage 3 goes into effect.

Over nearly two decades of intense computing growth, the one thing that has remained constant in healthcare interoperability is a strategy built on keeping patient consent out of the solution space. The 2018 TEFCA draft is still designed around HIPAA and ongoing legislative activity in Washington seeks further erosion of patient consent through the elimination of the 42CFR Part 2 protections that currently apply to sensitive health data like behavioral health.

The futility of patient matching without consent parallels the futility of large-scale interoperability without consent. The lack of progress in patient matching was most recently chronicled by Pew through a survey and a Pew-funded RAND report. The Pew survey was extensive and the references cite the significant prior efforts including a 100-expert review by ONC in 2014 and the $ 1 million CHIME challenge in 2017 that was suspended – clear evidence of futility.

Pew’s chronicle of futility is capped by a 2-hour panel discussion designed to highlight innovations in patient matching. Pew’s experts did not include privacy experts. Nobody was there to call patient matching what it really is: involuntary surveillance. The new idea in the Pew reports is “referential matching” where the surveillance system is enhanced with information about us from data brokers and credit bureaus. What could possibly go wrong, especially as we add artificial intelligence into the surveillance toolkit?

Why is healthcare the only industry with a person matching problem? The reason is partly historical. In the days before HITECH incentives and BIG EHRs, each hospital had dozens of proprietary software vendors, many of them with their own patient ID. Within a single hospital, patient consent was not an issue and probabilistic patient matching can work when the patient universe is a single hospital. As hospitals and practices began consolidating, probabilistic patient matching still made some sense because the governance was effectively a single entity and the number of patients was in the few millions. But regional or national interoperability is a very different ballgame. Governance is now spread across competitors and the universe of patients to match within is hundreds of millions.

The solution to patient matching and to interoperability is the same: patient-directed exchange. With the patient-directed exchange, patient matching is trivial and non-proprietary, consent is automatic by definition, and the costs of data brokerage are eliminated. Furthermore, the patient-directed exchange allows interoperability across 42CFR Part 2 behavioral health practices and includes community organizations and social services that are typically not covered by HIPAA. The quantity and the quality of patient data are both improved.

The next round of regulations from ONC will be a definition of information blocking and an updated version of TEFCA. Will this ONC continue to promote a strategy of involuntary surveillance by ever more powerful incumbents or will they finally allow patients to say: “Nothing about me without me”?

Adrian Gropper, MD is CTO of Patient Privacy Rights and leads the HIE of One project for patient-directed health information exchange.