The Arguments For and Against a National Patient Identifier System

When the Health Insurance Portability and Accountability Act (HIPAA) became law in 1996, the Department of Health and Human Services (HHS) was required to create a national patient identifier system. With this kind of system, each individual in the U.S. would be given a unique permanent ID number that enables tracking throughout the whole U.S. health system. This was not intended to be a type of control, government intrusion in medical care, or any other nefarious reason. It was for addressing an important public health and safety concern: To make sure patients are dependably and correctly linked to their health data. 27 years later, there is still no national patient identifier in place.

The cause of the inaction started in 1998 when Representative Ron Paul (R-TX) introduced the banning of the development of a national patient identifier system by HHS by making sure that Congress does not provide funding for that purpose. Since then, every appropriation bill includes language that prevents giving any funding to the HHS for that purpose. In 2019, the son of Rep. Ron Paul, Senator Rand Paul (R-KY), attempted to further introduce a bill that wanted to take away the provision of the national patient identifier from HIPAA completely, but he was not successful. Then in 2021, House and Senate appropriators took out the language from the appropriations bill. This was greatly complimented by a lot of healthcare stakeholder groups. Finally, this long-standing matter has been addressed and HHS is permitted to begin looking at potential methods for creating a national patient identifier.

On that year, Sen. Rand Paul again requested the Senate appropriators to reintroduce the language into the appropriations bill. Then, he and Senator Marsha Blackburn (R-TN) brought in the National Patient ID Repeal Act, which called for the removal of the provision from HIPAA. This Act was not approved, but reintroducing the funding ban was successful.

Although there is no development with the national patient identifier, identifiers were created and used for health plans, employers, and healthcare companies. In 2015, Congress approved the Medicare Access and CHIP Reauthorization Act, which introduced Medicare Beneficiary Numbers (MBNs) for beneficiaries of Medicare. MBNs eliminated the use of Social Security numbers to identify Medicare cards. A national patient identifier would in the same way eliminate the use of SSNs when signing up with healthcare providers.

Mismatching of Patient Records is a Common and Serious Patient Safety Issue

The main reason behind having a national patient identifier system was to make sure patients are correctly matched with their medical data, irrespective of the country they get medical care. This kind of system would make sure a person’s medical data is not mismatched with a different person. That was a problem in 1996 and is still a major patient safety concern now. Every year, the Joint Commission puts out a listing of National Patient Safety Goals. This 2023, on top of the list is the proper identification of patients. This patient safety issue can be resolved with a national patient identifier.

Without a universal patient identifier, medical records are duplicated. When a patient goes to a hospital and their records are inaccessible, a new medical record is made, putting the patient’s records in two different files. Vital data concerning the patient will be lacking from their files, which could consist of data important to keeping the patient safe. Patient mismatching usually leads to repeated, clinical tests, which could postpone care and increase the patients’ unnecessary costs. Other more serious effects of the patient record mismatch include prescription medication mix-ups, transplant mistakes, and delayed access to care leading to loss of life. These aren’t unusual events and happen frequently all through the healthcare system.

The issue of improperly identifying patients and having mismatched records was made worse at the time of the pandemic when many duplicate files were made in a hurry to vaccinate the population. There were a lot of patients who did not get COVID vaccines because their health records were mismatched with patients with the same name who had already gotten the vaccine. Wrong identification and redundant medical records likewise resulted in disruptions to the signup process and availability of vaccines at vaccination sites, hindering efforts to quickly vaccinate the populace. If the pandemic happens, the same issues are going to be encountered once more.

The Patient ID Now Coalition, which was launched in 2020 was composed of the following founding members: the American College of Surgeons, CHIME, AHIMA, HMMS, Premier Healthcare Alliance, and Intermountain Healthcare. This advocacy group is seeking to develop bipartisan momentum to enable correct patient identification by taking away the legislative obstacles that are stopping the creation of a national patient identifier system. Patient ID Now sees the importance of having a national patient identifier in addressing patient safety issues.

Patient ID Now told about a case of the upsetting effects of mismatching patient information. A woman had a mammogram but never got the results because she was mismatched with a patient who got the same name. One year later when she knew that she had cancer as per the mammogram result, the cancer had progressed to a terminal case.

A Government Accountability Office report published in January 2019 revealed the prevalent problem of matching patients with the correct records. 45% of big hospitals reported encountering issues with correctly identifying patients. CHIME reports a low 80% rate of matching records correctly in hospitals. This means the medical records of 1 in 5 patients might not be matched with their complete medical records. Additionally, the matching rate is just 50% among organizations that have a similar EHR vendor. AHIMA states that erroneous patient ID results in $1,950 in duplicated medical care expenses per inpatient and leads to $1.5 million in rejected claims annually.

The Reason for the Continuing Funding Ban

A national patient identifier can help avert medical mistakes, save lives, and reduce expenses, plus other benefits. A national patient identifier will help medical and public health research studies and population health projects, facilitating the switch from fee-for-service to value-based health care, and that would be helpful to patients, healthcare companies, payers, and the nation in general. But why does the funding ban continue? Here are the reasons put forth by its supporters:

The number one argument against the National Patient Identifier frequently mentioned by Sen. Rand Paul is to prevent the government from being involved in a person’s healthcare. A National Patient ID system would undermine the doctor-patient relationship, which is built on trust and privacy. Stripping this provision from HIPAA is a way to stop the government from centralizing patients’ data or meddling with their medical choices. With a government-issued ID, there will be a way to access the private medical record of every person in America.

The existence of a National Patient ID is dangerous. It could possibly allow the use of individuals’ entire medical records for conducting medical research without permission, though the HIPAA Privacy Rule inhibits this sort of use and disclosure with no consent.

Another strong argument against a national patient identifier is the easier it is for nation-state actors to carry out patient data theft. Currently, big tech firms and data brokers are obtaining massive amounts of personal data on people, such as health data, and are utilizing and selling that data with no limitations. Companies like AncestryDNA and 23andMe offer very popular services to people that include sequencing DNA, and these organizations aren’t regulated by HIPAA.

It is additionally vital to note that healthcare data theft is already a problem without a national patient identifier. Just this January 31, 2023, there were over 383 million healthcare records stolen together with identifiers like Social Security numbers. In case a healthcare-only identifier will be implemented, patients don’t need to give their Social Security numbers to healthcare providers which would help avoid exposure to identity theft and fraud. Although it has been advised that patient trust can be lost because of a national patient identifier, a system can be created similar to the credit monitoring system, and patients could keep track of those who access their healthcare records and for what purpose.

Many Developed Countries are Successfully Using National Patient Identifiers

Lots of developed countries have used a national patient identifier with great success and have addressed patient misidentification. For example, in the U.K., all patients have a unique National Health System ID number, which enables the correct matching to their medical records regardless of where they get healthcare via the NHS system. Certainly, in case the NHS is hacked, all medical records can be stolen, however, in the UK, it is viewed as much more important to protect patient safety by properly matching patients with all their health records than worrying over government control.

Although a national patient identifier has certain benefits, such a system also has problems. The biggest problem is the cost. An estimated cost of $1.5 billion to $11.1 billion will be necessary to implement such a system.

Taking away the appropriations bill language will enable the HHS to begin looking at how to introduce a national standards-based system to be sure patients are correctly matched with their health records and begin getting responses from stakeholders on possible methodologies. Definitely, it will be more beneficial to actively deal with the urgent public health and safety concern of mismatched patient data, than to continue rejecting the plan because of out-of-date fears concerning the government controlling the healthcare decisions of individuals.

About the Author

Elizabeth Hernandez
Elizabeth Hernandez is the editor of HIPAA News. Elizabeth is an experienced journalist who has worked in the healthcare sector for several years. Her expertise is not limited to general healthcare reporting but extends to specialized areas of healthcare compliance and HIPAA compliance. Elizabeth's knowledge in these areas has made her a reliable source for information on the complexities of healthcare regulations. Elizabeth's contribution to the field extends to helping readers understand the importance of patient privacy and secure handling of health information. Elizabeth holds a postgraduate degree in journalism. You can follow Elizabeth on twitter at