Identity Management

For Michael Smith, it all began with seemingly innocuous text messages from a PA University Hospital, indicating a wait time for an emergency room visit. A peculiar situation for someone who no longer resided in Philadelphia and hadn't used the hospital system for years. Initially dismissing it as spam, Mike's skepticism deepened when a hospital staffer named Ellen reached out to discuss diagnostic results from an ER visit, he never made.  The revelation was unsettling - someone had registered with Smith's name, and the lack of ID verification raised eyebrows. While the recorded name and date of birth were accurate, the address associated with the account was outdated. A discrepancy that hinted at a more insidious problem.  Undeterred, Smith took matters into his own hands. Following an unsatisfactory conversation with the hospital's billing department, he penned a letter to the privacy officer, expressing his concerns about potential fraud. In his words: "I think there's something going on, that someone is using my information, and the visit and the charges appear to be fraudulent."  Smith's proactive approach sheds light on a crucial aspect of dealing with medical identity theft - swift and assertive action. As cyberattacks on healthcare institutions escalate, individuals must be vigilant in protecting their personal data.   Everyone shares the burden  Whether enrolled in employer-sponsored health insurance or securing coverage through HealthCare.gov, or the individual market, instances of healthcare fraud invariably translate into heightened financial burdens for consumers. Such malfeasance results in elevated premiums and increased out-of-pocket expenses, often accompanied by diminished benefits or coverage. In the realm of employers, both private and governmental entities, healthcare fraud escalates the costs associated with providing insurance benefits to employees, consequently raising the overall operational expenses. For a significant portion of the American population, the augmented financial strain stemming from fraudulent activities could be the decisive factor in realizing or forgoing health insurance.  Yet, the financial ramifications are merely one facet of the impact wrought by healthcare fraud. Beyond monetary losses, this malpractice carries a distinctly human toll. Individual victims of healthcare fraud are distressingly prevalent, individuals who fall prey to exploitation and unnecessary or unsafe medical procedures. Their medical records may be compromised, and legitimate insurance information can be illicitly utilized to submit falsified claims.  It is crucial not to be deceived into perceiving healthcare fraud as a victimless transgression, as its repercussions extend far beyond financial considerations, undeniably inflicting devastating effects.  Healthcare fraud, like any fraud, demands that false information be represented as truth. An all-too-common healthcare fraud scheme involves perpetrators who exploit patients by entering into their medical records' false diagnoses of medical conditions they do not have, or of more severe conditions than they actually do have. This is done so that bogus insurance claims can be submitted for payment. Unless and until this discovery is made (and inevitably this occurs when circumstances are particularly challenging for a patient) these phony or inflated diagnoses become part of the patient's documented medical history, at least in the health insurer's records.  How does medical identity theft happen?  Medical identity theft involves someone using another patient's name name or insurance information to receive healthcare or filing fraudulent claims, posing significant financial and health risks. It can result in bills for procedures the patient has never had, inaccurate medical records, and potentially life-threatening care. Common ways it occurs include database breaches, improper disposal of records, phishing scams, insider theft by healthcare professionals, and theft by family members.  Data breaches in healthcare have reached alarming levels, with the Office of Civil Rights reporting 725 notifications of breaches in 2023, where more than 133 million records were exposed or impermissibly disclosed. Social engineering poses a threat to individual Medicare beneficiaries, but healthcare providers also face risks from ransomware attacks, hacking, and employee errors. Hacking constitutes the dominant threat, accounting for 75% of reportable breaches.  Regardless of how health data is exposed, be it through individual identity theft, hacking attacks, or unintended sharing, any disclosure of payment information increases the risk of healthcare fraud.  Protecting patients and improving their experience  To prevent medical fraud and ensure eligibility integrity, here are some steps healthcare organizations can take:   Implement robust verification processes: Develop and enforce strict protocols to verify patient eligibility and review supporting documents. This includes verifying insurance coverage, confirming the patient's identity, and validating their relationship to the covered individual (e.g., spouse, dependent). Stay updated with legal and regulatory requirements: Stay informed about the latest laws, regulations, and industry guidelines related to medical eligibility and fraud prevention. This could include understanding requirements for reporting changes in eligibility status and keeping up with best practices recommended by regulatory authorities. Train staff on fraud prevention: Provide comprehensive training to all staff members regarding medical fraud prevention, eligibility verification procedures, and red flags to look out for. Staff should be educated on relevant laws and regulations, as well as proper documentation practices. Conduct regular internal audits: Regularly review patient records, claims, and billing processes to identify any inconsistencies or irregularities. Internal audits can help detect potential fraud and ensure compliance with eligibility requirements. Utilize technology and automation: Implement healthcare management systems or software that incorporate automated eligibility verification processes. This can help streamline and improve accuracy in eligibility determinations, reducing the risk of fraudulent benefits being provided. Encourage patient engagement: Educate patients about their responsibilities in maintaining accurate eligibility information. Promptly notify patients about the importance of reporting changes in their circumstances (e.g., marital status, employment status) that may affect their eligibility for medical benefits. Report suspicious activity: Train staff to recognize and report any suspicious activity or potential fraud. Establish clear reporting channels within your practice and encourage a culture of transparency and accountability. Stay vigilant: Stay alert for emerging trends, schemes, and new types of medical fraud. Regularly review industry updates, attend relevant workshops or seminars, and participate in fraud prevention initiatives to stay informed about evolving threats and prevention strategies. By implementing these measures, healthcare organizations can help safeguard their medical practices against medical fraud and preserve the integrity of eligibility determinations.   Finding the right partner  Healthcare fraud is a serious crime that affects everyone and should concern everyone—government officials and taxpayers, insurers and premium-payers, healthcare providers and patients—and it is a costly reality that can't be overlooked. By taking steps to find the right partner along the way, providers are helping to protect the integrity of the nation's healthcare system. Experian Health works across the healthcare journey to improve the patient experience, make providers more effective and efficient, and enhance and simplify the overall healthcare ecosystem.   Learn more or contact us to see how Experian Health's patient identity solutions can help healthcare organizations prevent medical ID theft. 

New data reveals that the number of healthcare data breaches continues to climb, causing financial and reputational damage to healthcare providers. HIPAA Journal reported 692 large healthcare data breaches between July 2021 and June 2022 that exposed the records of over 42 million individuals. The number of records breached in June 2022 was more than 65% higher than the monthly average over the previous year, highlighting the need for providers to stay on top of their game when it comes to protecting patient data. In a recent conversation with PYMNTS, Chris Wild, Experian Health’s Vice President of Adjacent Markets and Consumer Engagement, discussed the consequences of healthcare data breaches and set out the key steps providers should take to prevent and resolve security incidents. Compromised patient records send financial and reputational costs soaring IBM reports that financial damages resulting from data breaches have reached a 12-year high, with the average breach in healthcare costing $10.1 million, up nearly $1 million since 2020. Wild notes that this includes a huge range of costs, from HIPAA fines to operational costs to curb and resolve breaches: “The cost of dealing with a breach is enormous. There’s anything from penalties of $100 per incident to $1.5 million per year. You’ve got reconciliation costs – trying to patch the holes in technology stacks and things like that. You’ve also got inbound phone calls from concerned patients who’ve just heard about a breach and want to know if it impacts them.” But Wild says that beyond HIPAA fines and operational expenses, the greatest cost is repairing the reputational damage of breaching patient trust: “the reputational cost is enormous because once you lose a patient, you lose a patient.” Wild suggests a two-pronged approach to mitigate the risk and impact of a healthcare data breach that focuses on prevention and preparation. Protecting patient identities to deliver a satisfying and secure consumer experience  An unfortunate side effect of the accelerated adoption of digital health solutions during the pandemic was that it opened the door to new methods of medical crime and fraud. Patients interact with their data electronically more often, thus increasing their vulnerability to cyber-criminal attacks. Preventing infiltration by bad actors before they occur should be the priority. In the past, efforts to secure a patient’s identity have relied on personal security questions, considered unanswerable by anyone but the patient. However, Wild says that asking for past addresses and details of previous living arrangements may no longer be the gold standard: “We’re finding that this is a little bit passé now. There’s a lot more that goes into identifying somebody, and that goes along with improving security, but it also improves the patient experience. There’s always been a balance between trying to make sure that data is secure on the one hand, but also make sure that it’s easy to access on the other.” To this end, providers should look for patient engagement solutions that deliver a flexible, convenient and consumer-friendly patient experience, while ensuring that patient data is secure. Wild suggests a few specific strategies, such as monitoring device ID and validating the identification documents used during patient registration: “When you have your cell phone or your tablet or your laptop, or your computer, or even your voice assistant devices, they all have a device ID. We keep track of those and see which ones are being naughty, which ones are being nice. We can start to ramp up when we see a naughty device acting naughty. But also think about things like document verification, validating that a driver’s license being shown to a registrar is actually a real driver’s license, or things of that nature.” A multi-layered approach to securing patient portals and other digital patient access tools will ensure there is no single point of vulnerability. Experian Health’s patient portal security solutions with Precise ID include a range of protections, including two-factor sign-in authentication, device intelligence and additional checks on risky requests to proactively secure patient identities. Each element protects against a specific type of threat, building up defensive depth to thwart attempts to breach patient data. Responding quickly in the event of a healthcare data breach Prevention only goes so far, though. Evidence suggests that most healthcare providers will be hit by a data breach at some point. Wild suggests that regular “fire drills” can help ensure that everyone in the organization knows how to respond, should the worst happen: “For a healthcare data breach or any sort of misappropriation of patient or member data, you want to make sure you’re keeping things safe, keeping things secure, and make sure that all of the associated people know what to do.” Wild says this must include front desk staff who will be answering phones from worried patients, through to marketing teams who will need to put out proactive messages about what happened and how it will be dealt with. How a provider responds may have an even greater impact on their reputation and patient loyalty than the breach itself. All of this can be pulled together in a data breach response plan, which sets out exactly what needs to be done and by whom, to help organizations avoid missteps in the aftermath of a breach. Experian Health’s Reserved ResponseTM program can help healthcare organizations put together a data breach preparedness plan in as little as three days. The program is based on 17 years of real-world experience dealing with data breaches and has evolved as security threats and consequences have increased. The program offers providers guides, templates, checklists and service-level agreements to guarantee manpower, infrastructure and response readiness at the most crucial moments. As the uptake of patient portals and other digital patient access solutions accelerates, finding the right data security partner to help navigate the unprecedented threats and consequences will be essential. Watch the full interview with Chris Wild and find out more about how Experian Health helps healthcare providers protect patient identities to prevent healthcare data breaches.

With support from Experian Health, the Council of State and Territorial Epidemiologists (CSTE) assisted state health departments with tracking and managing COVID-19 infection rates. Universal Identity Manager (UIM) complemented existing data tools by closing gaps in patient identities, so public health officials could efficiently identify and contact those who might be infected or at risk of infection. In Massachusetts, this data underpinned hyper-localized dashboards to inform community-level public health decisions. Related reading: Learn how the Tennessee Department of Health used UIM to improve contact tracing and patient outreach during the pandemic. In Massachusetts, responsibility for providing COVID-19 data to local governments fell to the public health department’s Division of Surveillance, Analytics and Informatics (DSAI). Local officials relied on this data to make swift and effective decisions about school closures and restrictions on public events. One particular challenge was tracking the spread of COVID-19 among transitory populations. Records for incarcerated individuals, university students and nursing home staff often showed the address linked with the person’s health insurance, rather than where they were currently living. Inaccurate contact details could skew data, resulting in unreliable data reports. In addition, this new initiative had to meet the Massachusetts Department of Public Health’s existing data privacy standards. Universal Identity Manager helped the DSAI team fill in missing patient information with current demographic data, using the Experian Single Best Record. UIM combines best-in-class probabilistic and referential matching technology to accurately match records across multiple healthcare organizations. A Universal Patient Identifier is assigned to each patient, which allows instant updates to demographic data for a single, accurate and complete view of each person. To address concerns about maintaining patient privacy, an expiration date was applied to the data usage rights, defining and limiting the time period in which the team could use patient identity data derived from UIM for this initiative. With these complete records, hyper-localized COVID-19 dashboards provided data-driven support to allow 351 local health boards to make fast and effective public health decisions. Find out more about how Universal Identity Manager can support improved community outreach and decision-making with accurate and secure patient identities.

During the COVID-19 pandemic, national and state health departments needed timely and accurate patient data to communicate quickly with citizens and make decisions about the local public health response. With support from Experian Health, the Council of State and Territorial Epidemiologists (CSTE) utilized Universal Identity Manager to provide members with reliable and accessible data tools to help slow the spread of disease. Here’s how the Tennessee Department of Health (TDH) used those resources to improve contact tracing and patient outreach amid mass relocations. According to Pew Research Center, more than a fifth of US adults changed their residence in 2020 because of the pandemic, or knew someone who did. In Tennessee, Epidemiologist and COVID-19 Team Lead David Fields identified mass relocation as a major obstacle to patient outreach during the pandemic. Job losses caused residential displacement, meaning that a patient’s health record didn’t always show the most current address. Because of the nature of their work, migrant farmworkers often have fluid living situations. This means that they rarely have a continuous home address and will share the same address or phone number with others, which hinders effective communication. And the private laboratories that expanded into COVID-19 testing often relied on stale contact data. These are some of the primary challenges that confronted the team in Tennessee working to verify data they were receiving. Experian Health helped TDH close the gaps in patient records using the Universal Identity Manager (UIM) platform. With UIM, records are matched using a unique patient identifier that combines industry-leading demographic information with the highest quality reference data to create the Experian Single Best Record. This accurately identifies separate records that belong to one person, creating a “golden thread” that follows the patient throughout their healthcare journey. TDH was fielding around 150 demographic data requests from community health departments per day. Before the pandemic, David’s team responded to these requests using proprietary and third-party databases that aggregated data held in public records. UIM complemented this approach with faster records matching, which allowed the team to provide quicker and more reliable patient contact information. In particular, UIM supported more efficient contact tracing during mass relocations by providing accurate phone numbers for citizens with positive COVID-19 test results and data for "hard-to-contact" cases. This solution also helped TDH create statistical analyses for the spread of COVID in the local populace by providing demographic data – such as gender and race. Find out more about how Universal Identity Manager accurately matches and protects patient data across multiple data sources, to create a single, longitudinal view of each patient and real-time insights to improve public health decision making and patient outreach.

Solving the patient identity problem and ensuring that each patient record is accurate and airtight is a top priority. Healthcare providers want to be 100% confident in answering “yes” to the following questions: Is the patient who they say they are? Is the right medication being administered to the right person? Is the correct bill being sent to the patient’s current address? By validating patient identities, providers can secure patient trust, deliver high-quality care, and avoid losing revenue to identity errors and fraud. Unfortunately, patient identity management is only becoming more complex. While telehealth and remote patient access are opening healthcare’s digital front door to meet changing consumer needs and expectations, a mountain of sensitive patient data is piling up. This data is a gold mine for fraudsters who steal and sell patients’ personal information or use it to access services and prescriptions without paying. It’s distressing for patients and creates a major financial and administrative burden for healthcare staff. A nationwide patient identification system may still be some way off. However, providers can optimize patient matching in their own health systems by working to reduce vulnerabilities and adopting cutting-edge interoperable patient matching technology. Better patient matching means better patient care and protected profits The human cost of incorrect, incomplete or outdated patient medical records is significant. Patients could be given the wrong medication or diagnostic procedures. Allergy information can be missed. Patient test results can be mislabeled or mixed up. In Experian Health’s State of Patient Access 2.0 survey, almost half of providers said inaccurate and incomplete patient data was an obstacle to proactive follow-up, which could cause gaps in care and avoidable complications – which are critical to value-based care compensation. Duplicate and mismatched patient records also create massive inefficiencies that can threaten an organization’s financial health too. With telehealth claim lines climbing by 2817% between December 2019 and December 2020, reliably authenticating patient identities in both existing and new services will be critical to future financial performance. Resolve, protect and enrich patient identities with universal identifiers Having the right technology to resolve and secure a patient’s information when they log on to patient portals and telehealth systems is the first step. Automating patient enrollment with Experian Health’s PreciseID® ensures the patient is who they say they are. This solution utilizes best practices in identity-proofing, fraud management and device recognition. But this system only works if the records being matched are accurate. A universal patient identifier provides a single, accurate, 360° view of each patient throughout their healthcare journey. An interoperable format allows systems to talk to each other and protects against duplicates, errors, inefficiencies and fraudulent activity. Universal identifiers aren’t available nationwide yet, though there has been some encouraging movement. Congress is working to remove the ban on funding for such measures, while the Centers for Medicare and Medicaid Services are taking steps to promote data standardization. For health systems that want to maintain a golden record for each patient within the bounds of their own operations, Experian Health’s Universal Patient Identifier allows staff to connect, verify and protect patient information. Choosing the right patient matching technology Traditional matching technology relies on demographic data and uses deterministic or probabilistic methods to link records with identical identification information. However, relying on a single source of data means that previous errors are inherited by new versions of a patient’s record. Demographic data isn’t unique to individual patients, which can lead to mismatched records and create extra manual work to fix. Experian Health uses referential matching technology to build a complete view of patients from reliable health, credit, and consumer data sources. The universal patient identifier connects disparate datasets and instantly updates the master index of patient records with new data points. Referential matching can only ever be as good as the data that is being matched and Experian is a global leader in data accuracy, across numerous sources, and is continually updated. Victoria Dames, VP of Product Management at Experian Health, says, "With Experian’s reference data, we’re able to create a longitudinal record of each individual and reconcile their data as they change names, addresses and see different providers. You need to know that it’s the same person, especially with the pandemic acting as a catalyst for digital technologies such as telehealth. It also helps organizations bring data together and ensure data integrity through mergers and acquisitions. Dealing with large volumes of data is a big hill to climb, but with the right technologies it can be that much faster.” As telehealth and digital patient access services gain traction, solving the patient identity problem becomes increasingly urgent. Universal Identity Manager combines industry-leading consumer demographic information with the highest quality reference data and powerful unique patient identifiers to create a single view of each patient. With better patient identity management, providers can protect against errors and fraud, and reassure patients that their personal information is safe. Find out more about Experian Health’s identity management solutions.

QR codes made an unexpected comeback during the pandemic. They offered a contactless gateway for individuals to check in to venues, log COVID-19 test results, help trace the virus spread and more. Restaurants and retailers embraced the technology as a way to welcome back consumers with touch-free access to online menus and digital payments. Previously seen as gimmicky and hindered by dependence on specific apps, these scannable squares can now be read using most smartphone cameras. With new use cases emerging during the pandemic, “quick response” codes are suddenly relevant again. However, the growing popularity of QR code technology opened the door to new cybersecurity risks, so providers must remain proactive with protecting patient identities. A 2020 survey found that almost half of consumers said they’d noticed an increase in QR codes since the first shelter-in-place orders. Online payment provider PayPal reported that a new merchant was added to its QR code payment option every 28 seconds in the first quarter of 2021.  Cybercriminals are capitalizing on consumer trust in QR codes to harvest personal data or install malware on devices. This leaves healthcare organizations and their patients vulnerable to fraud, especially given the increased adoption of digital healthcare technology during the pandemic. Providers must remain vigilant with protecting patient identities from QR code cybersecurity risks. How do QR codes threaten patient identities? QR codes hold far more data than traditional barcodes. They can be easily generated and fixed to any surface, ready for users to scan with their smartphones. They are primarily used to store URLs, which take the user directly to a website. But while savvy consumers are aware of the risks associated with clicking on a suspicious link in an email, QR codes are intrinsically trusted. It’s much harder to tell if a QR code is legitimate or not. Scanning a QR code is essentially the same as clicking on an unknown link. A study by MobileIron found that while 67% of consumers say they can identify a suspicious URL, less than 30% can identify a malicious QR code. Mike Bruemmer, VP of Experian Data Breach Resolution and Consumer Protection, says that "QR codes are the new stealth threat vector. Regardless of their application, no one can tell a fake code that launches malware on your device from a legitimate one." There are two main risks for patients. Firstly, they may click on a QR code that takes them to a web page that appears legitimate, prompting them to share personal data or log-in details. This information is then harvested by cybercriminals. This form of QR code phishing, known as “quishing,” puts the user at risk for spam, adware and identity theft. Secondly, the user may scan a QR code that takes them to a malicious site that installs malware on their device, which will then steal and package the user’s personal and financial data. The QR code can even be used to generate actions that appear to come from the user, such as making payments, sending emails, sharing locations or following social media accounts. In January 2022, the FBI issued a warning about cybercriminals using QR codes to redirect victims to malicious sites that steal login and financial information. Users are urged to practice caution when entering personal information after scanning a QR code. How can healthcare organizations help with protecting patient identities against QR code cybersecurity threats? For healthcare organizations, the concern is that if patients fall victim to a QR code scam, bad actors can steal personal identification data to access patient portals and other digital services. This information can be used to access medical services without paying, obtain medications illegally, or submit false health insurance claims, creating ongoing financial and administrative stress for patients. Or, if cybercriminals use captured information to log on as staff members there’s an added risk of further data breaches from inside the provider’s network. Healthcare organizations have a few options to help patients protect themselves from QR code scams: Targeted awareness-raising campaigns are a simple way to encourage patients to make sure their devices are updated with the latest security patches. Patients can be warned to watch out for suspicious activity, such as when a QR code redirects to a page that asks for personal details. They might also choose to ask for a direct URL, instead of using the QR code. Securing access to patient portals and verifying patient identities are practical measures to ensure that the person accessing the account is who they say they are. Another best practice in patient portal security is to take a multi-layered approach. This includes two-factor authentication, device recognition and additional checks on risky requests. By securing patient portals, providers can be proactive at protecting patient identities and reduce the risk of fraud during enrollment. Integrating patient identity management tools can also help verify the patient’s identity from the very first registration touchpoint all the way through their healthcare journey. Automated identity checks and algorithmic matching based on Experian Health’s unrivaled reference data can help ensure that the patient’s record is accurate and complete. Offering alternative secure methods for contactless patient payments and patient access are other options to make the patient experience more secure. For example, providing patients with their own mobile payment option means they can pay bills securely and access payment plans right from their phone. Experian Health also offers various safe and secure registration and scheduling solutions that will give patients a seamless patient access experience and help protect them from identity theft. Victoria Dames, VP of Product Management at Experian Health, says that patients have come to expect a smooth and secure digital experience: "Providers are focused on patient data security in adherence to multiple health policies, like HIPAA, but also to maintain confidence with patients. They [patients] are embracing digital solutions and expecting appropriate security measures are in place." Find out more about how Experian Health can help healthcare providers with protecting patient identities and close the door to QR code scammers. Experian Health can also help prevent other identity theft and fraud, verify that patients are who they say are, and provide safe, secure and convenient ways for patients to get the care they need.

No healthcare organization is immune to the problem of bad data. One in five patients has found errors when looking at their electronic health record (EHR). This includes incorrect information about their diagnosis, medications, test results and more. If the data held in patient records is incomplete, inconsistent, or inaccurate, this can lead to poor clinical decision-making, substandard patient experiences, and gaps in treatment or follow-up. In Experian Health’s State of Patient Access 2.0 survey, patient identity management emerged as a major challenge for healthcare providers, with almost half of the respondents saying that inaccurate and incomplete patient data hindered follow-up contacts and patient outreach. “Dirty” data also presents a major financial risk, costing healthcare organizations millions of dollars per year. Many providers have stepped up their digital offerings in the last few years, particularly in response to the pandemic. While digitalization offers huge advantages, it does have an unfortunate side effect. As more data is created, shared and accessed, there are more opportunities for mistakes. Some industries may accept a certain amount of rogue data as inevitable, but in healthcare, it mustn’t become the norm. Patient data needs to be consistent, complete and standardized to ensure the highest standards of care. The Centers for Medicare and Medicaid Services (CMS) recognizes the need for an easier and more secure exchange of healthcare data, and are taking steps to facilitate interoperability. As these provisions are finalized, providers can act now to embed data standardization in their digital services. Better data means better decisions, better care and lower costs. As the digital transformation continues, providers must implement strategies to eliminate inaccuracies, enable consistent identity management, and ensure data is standardized across all their systems and networks. In this article, we share three steps to help your organization ensure that patient data remains complete and consistent for better patient identity management. 1. Start with the right patient data As the saying goes: garbage in, garbage out. Reliable patient records require the right information to be added from the start, or errors will follow the patient throughout their healthcare journey. This will only continue compounding over time. A 2021 survey of Experian Health clients revealed that incomplete data arises for a variety of reasons. This ranges from patients not filling out forms correctly prior to their visit or forgetting their insurance cards, to staff having limited time to complete documentation. Typos, misspellings, duplicate data and missing information can also cause identity errors.* Providers should reduce the risk of inaccurate data from being added to a patient’s record in the first place. A standardized approach to data formatting is a good place to start. For example, if a patient is accustomed to writing their date of birth in a European format, with the day before the month, they may enter this incorrectly when filling out online patient access forms. Configuring calendar drop-down menus in such a way that prevents this will avoid these basic but costly errors. With a Universal Identity Manager (UIM), each patient’s record can be maintained in a standardized format. Probabilistic and referential matching techniques are used to check the patient’s identification information against existing databases, for a more complete view of the patient regardless of any data gaps. 2. Solve patient matching challenges with robust identity verification It doesn’t matter if patient records are accurate if staff pull up the wrong record when they speak to a patient. Providers should prioritize consistent identity management to ensure clinical and non-clinical staff see the same and correct information, regardless of where or when a patient interacts with their organization. Identity Verification validates the patient’s identification information during pre-registration and check-in by instantly accessing demographic information. This includes the patient’s name, address, Social Security number, date of birth, phone number and insurance coverage data. If there’s a mistake, it’s easily found and corrected. 3. Standardize data to maintain clean patient databases Victoria Dames, Vice President Identity Management at Experian Health explains why standardization is so important: “The increasing use of digital services means that more healthcare data is being exchanged within and between health systems than ever before. However, in order to leverage the opportunities that come with a more connected healthcare system, we need that data to be as reliable as possible. Preventing inaccuracies before they occur will be much more cost-effective than scrambling to fix them after the damage is done. With a standardized approach to data collection and management, healthcare organizations can maintain reliable records for every individual patient and stay ahead of the game as more data is generated and shared.” Unique Patient Identifier (UPI) helps providers eliminate duplicate records so there’s a “single source of truth” for each patient. After the UIM matches the patient’s information within a single and accurate patient file, a UPI is assigned to that record and maintained in a master index. This is far more secure than a traditional matching algorithm based on Social Security numbers, which can be vulnerable to errors. Together, these tools help healthcare providers create and maintain a “golden record” for each patient. Data quality will always be a challenge. However, with the right data standardization strategies, providers can make better decisions. This will create better patient experiences and better health outcomes while limiting the financial impact of dirty data. Contact Experian Health today to find opportunities to clean up your healthcare data for better patient identity management. *Survey of Experian Health clients, October 2021 Are you an Experian Health client? Then we invite you to join our Innovation Studio research community. Your ongoing input is key to driving improvements to our tools and products! Sign up here!

COVID-19 transformed the patient journey, and it's clear when we evaluate every step. Data and technology gave patients the convenience, flexibility, and control to get care on their terms, and these changes will be here to stay. From marketing to scheduling to payments and more - providers and payers have ample opportunities to respond to these changes and will need to adapt their future strategies accordingly. Self-scheduling, mobile registrations, and automated authorizations are a few examples of tools and technologies that are more than likely to remain prominent in healthcare. What other changes are here to stay? In this new infographic, we take a dive into each of the 7 steps to see how data and technology has impacted the patient journey, and provide strategic recommendations on how providers and payers can adjust post-pandemic: The use of data and digital tools opened up new doors for greater patient access, engagement, transparency, and control. The post-COVID-19 patient journey is going to continue to evolve - payers and providers will need to adapt to keep up with the changes, to ensure that patients experience the best outcomes. To get a deep dive into all of the changes to the patient journey, download our white paper.

Patchy patient data has plagued the healthcare industry for decades, but the pandemic opened the door to a whole new set of identity management challenges. As patients rushed to register for patient portals and book vaccines, many unwittingly created multiple accounts, having forgotten they’d already signed up. Fluctuating unemployment levels meant many individuals were forced to jump health plans, which meant their records were moved between various organizations. As a result, data errors crept in, and identity updates were omitted. Incomplete and inaccurate patient identification data leads to suboptimal clinical decision-making, poor patient experiences, and higher costs for patients and providers. A 2020 study found that one in five patients had spotted an error in their electronic health record (EHR). Many clinicians have also witnessed medical errors that stem from patient misidentification. Hospitals lose millions of dollars every year in denied claims arising from identity errors, which can easily be avoided with a standardized approach to identity management. In a recent survey conducted by Experian Health, we found that identity management emerged as a major challenge for healthcare providers. Almost half of the respondents said that having inaccurate and incomplete patient data hindered follow-up contacts and patient outreach. It matters to patients too – a 2020 survey for the Pew Charitable Trusts found that four in ten were more supportive of data-sharing efforts among providers because of the pandemic, and twice as many were open to the idea of biometric identity verification. "Patients still welcome proactive outreach by providers, but more say their providers fail to do this, and 45% of providers say inaccurate or incomplete patient data gets in the way." - Experian Health's State of Patient Access, June 2021 Providers know that a 360-view of their patients is essential for improving patient outcomes and delivering positive patient experiences; however, duplicate and incomplete data continues to thwart their efforts. With a unique patient identifier (UPI) and a robust identity verification solution, providers can achieve single, accurate, and current records, and solve for these data standardization challenges. Data standardization creates a single source of truth for each patient Despite bipartisan recognition of the need for a national standard for patient identities, statutory barriers have hampered the adoption of a nationwide UPI. In the absence of a national approach, providers must take the lead to ensure high-quality patient records and prevent duplication, gaps and errors. The first step towards data standardization is identifying the type of patient information your organization needs. What data must be collected from patients? Which form fields are required and which are optional? How should data fields be formatted when updating patient records? Standardizing data collection and ensuring content and format consistency will help create reliable records for every individual patient. Next, a Universal Identity Manager (UIM) can hold and protect that single view of each patient, creating a standardized approach when new data is added. The software assigns a unique identifier to each patient, which follows them throughout their entire healthcare journey. By drawing on referential and probabilistic matching techniques with Experian data and patient rosters, the UIM uses the unique identifier to accurately match the patient’s identification and medical history, to help both clinical and non-clinical staff offer optimal care and support. Confirming the patient is who they say they are Having an accurate picture of each patient is only the first step. Next, providers must feel confident that each record can be correctly matched to the individual who is trying to log on to the portal or sitting in the waiting room. A complete and current record is useless if clinicians are matching it to the wrong person. To solve patient matching challenges, most healthcare organizations assign employees or contractors to fix and clean up data records. Without a software-driven identity management engine, these teams are forced to rely on manual processes, which are time-consuming, costly, and still vulnerable to errors. Alongside the consistent approach to content and format mentioned above, providers should have a reliable way of checking and amending the patient’s records at every touchpoint in the healthcare journey, using cutting-edge identity proofing techniques, risk-based authentication, and knowledge-based questions. A tool like Identity Verification can easily identify every patient and help maintain a clean and accurate patient database. Each patient’s demographic data can be validated and corrected during pre-registration, so providers know that the person is who they say there. This is even more crucial as the pandemic leads more patients to opt for remote and virtual services alongside in-person care. Future-proofing patient identities as the pandemic prompts long-term change Since March 2020, many Americans have gone through major life changes. Whether it’s the loss of a loved one or loss of a job, a change of address or a change in attitude towards their health, patients’ lives are changing. The healthcare system must adapt to follow suit. Many more players are involved in delivering healthcare, with digital apps and tools growing in popularity. These developments mean more patient data is being generated and shared, and by more diverse and distributed sources. A robust identity verification system built on standardized data can help smooth out the bumps in patient records and offer better patient experiences and improved health outcomes. Providers don’t need to completely overhaul their records system, but by investing in incremental changes to improve the quality and governance of their data, they can accelerate the move towards data standardization. Talk to Experian Health about how our proven tools can help your organization deliver better patient data quality today, and build a universal identity management system fit for the future.