When you click on a sponsoring school or program advertised on our site, or fill out a form to request information from a sponsoring school, we may earn a commission. View our advertising disclosure for more details.
“We hope the future includes a national strategy for patient identification. This is an issue that affects everyone from small clinics to large hospitals to the public health system.”
– Kate McFadyen, Senior Director of Government Affairs, American Health Information Management Association (AHIMA)
Patient identification is the process of correctly matching a patient to their health information. It’s not as simple as it might sound. Today’s patient creates an enormous constellation of data across different medical venues—clinics, hospitals, laboratories, pharmacies, and insurers—that grows across the lifespan. Data variability, human error, and disjointed health IT systems increase the risk of a breakdown in patient identification, leading to fragmented, duplicated, and misattributed records.
The cost of inaccurate patient identification is, in some ways, quantifiable. The cost of repeated care due to duplicate records averages almost $2,000 per inpatient stay and around $1,700 per emergency department visit. Approximately 35 percent of all denied claims result from inaccurate patient identification, costing the average healthcare facility $2.5 million per year and the US healthcare system over $6.7 billion annually.
But the starker cost of patient misidentification is its impact on patient safety. The 2016 National Patient Misidentification Report found 86 percent of respondents had witnessed or knew of a medical error that was a result of patient misidentification. At one hospital, 25 percent of clinicians surveyed indicated that duplicate records affected the quality of care their patients received. Starker still: with more patients misidentified every day, the total scope of the problem is larger than we can know.
Meet the Expert: Kate McFadyen
Kate McFadyen is the senior director of government affairs at the American Health Information Management Association (AHIMA), where she focuses on the congressional and policy work for the association.
Previously, McFadyen was the director of government affairs for the American College of Preventive Medicine (ACPM), where she worked on public health and preventive medicine issues within the medical specialty. She also served as director of government affairs at QGA Public Affairs, where she handled healthcare issues, including Medicare, funding for biomedical research, and access to medicines.
McFadyen was interviewed for this article in both 2023 and 2026.
The Missing Link: A Unique Patient Identifier
“When we talk about patient misidentification, it generally happens in two different ways,” McFadyen says. “One is with overlaid records, where two or more patients’ information is combined into the same record because of similar demographic information. The other is with duplicate records, where one patient may visit several different healthcare settings and have a separate record at each.”
Both kinds of patient misidentification could be vastly reduced with the introduction of a unique patient identifier: a numeric or alphanumeric string of characters that functions like a medical-specific Social Security number.
Matching purely based on demographic data is tricky because a patient’s demographic data can change (Jane Doe marries John Smith and becomes Jane Smith). It can overlap across patients (John Smith is the most common name in America). It can be entered inconsistently (J. Smith) or entered incorrectly (Jhon Smith).
But the unique patient identifier would remain stable and easily machine-readable. This would reduce false matches (John Smith and Jon Smith) and improve data integrity: while John and Jon might share some demographic data (white, male), unique patients A1001 and A1002 would be far less likely to have such similarities.
The unique patient identifier is not a purely theoretical idea. The UK issues patients a number through its National Health Service (NHS). Denmark’s CPR number is used to access healthcare and other public services. And, in 1996, in the US, when the Health Insurance Portability and Accountability Act (HIPAA) was enacted, it required the US Department of Health and Human Services (HHS) to adopt a standard unique identifier for health plans, employers, providers, and patients.
However, in 1998, concerns around patient privacy and government surveillance led to language included in an annual appropriations bill that prohibited the use of federal funds to adopt a unique patient identifier. The prohibition has remained in every appropriations bill since.
Moving Towards a National Strategy for Patient Identification
“We don’t currently have a national strategy for patient identification and matching,” McFadyen says. “That’s largely because of Section 510 in the Labor HHS appropriations bill. But we have been making strides in education on the Hill over the last few years. This is a bipartisan issue.”
For now, the fears around government medical surveillance remain largely hypothetical—Denmark and the UK, if they are using their unique patient identifiers to spy on their own citizens, have managed to keep the conspiracy a dark secret for decades. There are also privacy safeguards in place: HIPAA’s existing protections and standards for encryption, access control, and penalties for misuse would still apply to any unique patient identifier. The lack of a unique patient identifier might even increase privacy risks: reliance on probabilistic record matching broadens the surface area for errors and accidental disclosures.
“Overlaid records are definitely a privacy issue,” McFadyen says. “If you’ve got somebody else’s information intermingled with yours, or you are billed for somebody else’s procedure, those are privacy issues. We’ve seen that happen. And the way it works now, with patients having to give so much information at registration, that can be a privacy issue itself, versus if we had a unique patient identifier.”
The Patient ID Now Coalition, representing more than 50 leading healthcare organizations, has advocated for the removal of Section 510. Earlier efforts in the House successfully secured votes to remove the unique patient identifier ban, but the changes were not retained in the final enacted language. A unique patient identifier remains a main goal of advocates for a national strategy of patient identification. But it’s not the only path forward.
The MATCH IT Act
“In 2024, for the first time, the Patient ID Now Coalition and AHIMA worked with our champions on the Hill, Reps. Mike Kelly (PA) and Bill Foster (IL), to introduce the MATCH IT Act (HR 2002),” McFadyen says. “This was a bill where we really looked and said, if Section 510 is going to remain, are there ways we can improve patient matching without touching the issue of a unique patient identifier?”
The MATCH IT Act would do a few different things. First, it would establish a uniform definition of patient match rate: how does one arrive at the conclusion that a patient and their record are accurately matched? Today, vendors and organizations often use different formulas (or only report partial measures), such as focusing on successful links while ignoring false positives, which makes results incomparable and potentially misleading.
Second, the Act would direct the federal health IT coordinator to standardize core demographic data elements, so data is collected and formatted the same way in different places. Right now, some fields of demographic data — address, phone number, previous names—may be optional, structured differently, or allow variation in how they’re entered (e.g., 123 Apple St. versus 123 Apple Street; or all nines versus all zeros for a missing Social Security number). A standardized core would create a uniform set of identity-related data elements with consistent formatting and validation rules, and include those in certification and interoperability requirements.
Finally, additional provisions in the MATCH IT Act would support voluntary reporting and incentives for high match rate performance to track improvements over time. That would create feedback loops and accountability around patient matching that largely don’t exist today.
“So far, we have 11 cosponsors on the bipartisan bill,” McFadyen says. “We’re continuing to push. It’s not been introduced in the Senate yet, but we’re hoping to see that this year as well.”
As the healthcare system continues to become more digital, health data will proliferate reflexively. Without changes to the status quo, accurately matching patients to their health data is going to become an even greater problem, making healthcare more costly, more dangerous, and less secure. The diagnosis isn’t terminal, but the treatment should start today.
“We hope the future includes a national strategy for patient identification,” McFadyen says. “This is an issue that affects everyone from small clinics to large hospitals to the public health system. It needs to be addressed, so we can protect patients’ safety and patients’ privacy, and we can reduce the cost of the healthcare system.”
