Without a solid link between the policy, patient, and data; there is no control. I want to enable the patient to control their data, for that I need to know who the patient is. The thought that healthcare organizations would never keep your data, and always transfer it to a PHR, is simply not going to happen in the USA due to many many rules including medical licensing, public health reporting, disclosure, and malpractice. We need to get over the failed attempt to change. This doesn't mean the PHR doesn't have it's place, I believe it does hold a strong role as a peer on an HIE. I just see controlling the patients data as being something that needs to be addressed Universally. For that we need strong identifiers, strong policies, and strong data management.
I have written on Patient Identity Matching, this is the process that is being used today. It is an error prone process, and worse it requires that everyone share the patient demographics in the most exacting detail they possibly can, and that centrally there is a database of all of the shared demographics. This is MORE of a privacy violation than if the central core needed to only hold Patient ID values, where a Patient ID value is an opaque string of numbers uniquely assigned to that patient by an assigning authority (binding both the identifier and the identifier of the assigning authority – results in a unique value).
The first section of the Wall Street Journal article, written by Michael Collins, hinted at this. I won’t bother hinting. The ramifications of NOT having a universal ID is that we are FORCED to expose high fidelity patient demographics. Even if we are using a PHR, even if we are using Direct Push. We MUST fully describe the patient in order to make sure we are dealing with the right patient.
We do NOT need a single Universal ID: especially not a single assigning authority. All we need to do is determine a set of assigning authorities that are considered ‘good enough’. When I say ‘good enough’ what I mean is that the assigning authority has processes in place to positively identify and prove that the human they are assigning an identity to is really that specific human. We know of some of these ‘assigning authorities’ already: Passport, and Driver’s License. Yes, these are non-healthcare identifiers; but if you have one then you should be able to use it. Many states are starting up mandatory Voter identity systems, these likely are going to be ‘good enough’ too. More likely is to simply use the identifier assigned by your GP, or Your Insurance. Fact is we don’t need to have a pre-determined list of assigning authorities, each facility can determine what is ‘good enough’ for them; yes it would be nice if there was a starter set already proofed.
How are these used? Simply, they are entered into the Patient Identity Matching as a ‘high assurance’ identity with the assigning authority value. Thus they can be matched directly, bit-for-bit.
Once this is done, we end up with a really cool thing. The patient can choose their own Voluntary Patient ID; likely their PHR address. Yes, this is enabled by recognizing the use of IDs as a binding between the unique value assigned and the identity of the assigning authority. You all see this daily, when you use an e-mail address. Globally unique, because the first part is your identity the second part is the identity of the assigning authority. In these cases, the assigning authority is likely not highly trusted, but if the patient trust them then they are likely trustworthy.