Healthcare and the Universal Patient Indicator. And Some Other Ideas…

For sometime now, the discussion around UPIs (Universal Patient Indicators) and personal health data seems to rear its head every-time the topic of EHRs (Electronic Health Records), duplicate records, incorrect drugs or procedures are appropriated to the wrong patient. Whether it be by a wrong keystroke, or trying to decide which of the seven “John Halperns” that show up on screen is due in the operating room for surgery, the problem of “who’s who” has become more than a common occurrence in the medical health profession for sometime now.

This post, article, sounding board or whatever you want to call it, details my own thoughts and perspectives from a engineering, design, and usability standpoint. The current pros and cons from doctors and patient privacy advocates, respectively. And my own personal opinions and possible solutions in terms of software techniques that can help mitigate current fears and push forward with viable solutions.

The Current Landscape

As of currently, because of the lack of a UPI (a specific, algorithm based, randomly generated alphanumeric sequence), most, if not all records are awash in social security numbers. This, as we have seen not only in the past, but currently, creates a hotbed for identity theft. As documented by the U.S. Department of Health and Human Services (HHS) on their breach report page, this is something that is not going away anytime soon.

The current issue with an identifier such as a Social Security Number from a privacy standpoint, is that it is inherently tied to other sensitive information outside of healthcare. From banking to employment, insurance to automotive, the web of data that is inextricably linked and identified by that one number makes it a prime target for theft and fraud.

One of the problems that plagues the current state of medical records is the mismatch and duplication issue. Because so many people in a specific district or geographical area can have the same first and last name, often times it becomes a separate effort among itself to make sure that the paper or electronic record retrieved matches the patient who has come in for treatment. The current method for doing this, other than process of elimination, is the matching of multiple data points within the electronic record itself to whatever identification is presented to whomever is receiving the patient for treatment. The problem compounds itself when dealing with different systems that don’t communicate with one another, different matching algorithms, and when entities start communicating through Health Information Exchanges.

Calls for a UPI have been stalled by opponents who advocate for patient privacy. Not that I’m not for patient privacy, but considering that for the entire year of 2015, there occurred 266 breaches (only breaches that affect more than 500 individuals gets on the list) which accounted for more than 112 million records subject to loss, theft, improper disposal, unauthorized access, hacking or other IT incident. And considering that not only did 28% involve paper and film, but that all of these incidents occurred without the implementation or use of a UPI. The issue of security involves the implementation of BOTH human and technical safeguards. An effort which does not rest solely the implementation a unique number for identification purposes.

Another issue that crops up is, throughout the life of a patient, or any person for that matter, is, how does one go about updating their records throughout their life’s events? This includes but is not limited to, moving to a different address, change of career, childbirth, symptoms and ailments as they age, relationships, etc.

You might be thinking, “This sounds a lot like Facebook”, and you would be right, except for one crucial point. You don’t have to schedule an appointment with Mark Zuckerberg, drive to Facebook’s office, sit in the visitor area, and wait for him to see you so that you can give him or his associates all the data on the parts of your life that has changed so that they can enter it in for you. No, instead you simply log in to your profile and simply do it yourself. When it came to content distribution, and connectivity with others, Facebook created the tool, the infrastructure and the means for that explosive network effect. Then it put that tool in your hand. It was a two-way relationship.

Unfortunately in the digital-realm, this is not the case when it comes to the relationship between the patient and doctor. With the collaboration that goes on between a doctor and a patient, you would think that there would be an app or digital ecosystem that provided the seamless back and forth communication that so many of today’s prevalent messaging apps have.

A Brain Dump of Sorts

The following is just a brain dump of ideas that I have been documenting for sometime now about an EMR that solves the interoperability problem from not only a patient and provider standpoint, but also a design and usability perspective.

Others may disagree with me on this, which is fine. I welcome the criticism. But I personally think all the current efforts on interoperability , from HL7 to FHIR, and many others have been a sincere, but belabored attempt to cobble together systems that were built with the intention to silo not only data, but the providers who use them.

Ideas …

• The database design and architecture would be created around patterns that facilitate granular filtering from the ground up. (Yes, this is probably being done already.) Meaning, with the prevalence of data mining, relevant information can be gathered and shared about a subset of the population in real time without the compromise of personal identity. This would allow for faster prediction and response times to endemics and possibly the early halting of pandemics.
• Doctors/physicians and patients would operate on top of the same system, and same data set. No portal substitutes, since that would foster siloing to a single healthcare organization. The reason? Instead of spending time connecting disparate systems with the goal of just getting them to talk to one another, everyone is already in the same place with the data, so the only thing to do is build the tools for collaboration that promotes the “network effect”.
• Example: You’ve had the same doctor for the past 10 years, but a career change takes you across the country. So you search out and join a new provider. Whether it be your new employee’s health insurance or a new primary care physician, or maybe both. But instead of the taxing process of faxing, emailing, and phone tag between your insurance and previous doctor, you simply update the insurance and provider(s) sections of your online health record. Now your new doctor can view and add to your current medical history in a “Timeline” like fashion. And all of this updates and notifies you in real-time. This way, whether a patient decides to access their record via mobile or desktop, the data entry and collaboration are all being done on top of the same data set, same ecosystem.
• This would also eliminate filling out those repetitive forms at every appointment. You would simply go to your profile, choose which doctor you’d like to have an appointment with, state your problem or question, and choose an available time to come in. And instead of the doctor you’re meeting with having to be at the office in order to look at or access your previous medical history, he or she would simply look at your record/prescriptions/allergies/incidents etc. while at home or on the road, prepare a list of questions ahead of time, or converse with you over messaging before you come in. They can even collaborate with specialists on their “friends” list outside of their practice or specialty in order to fine tune your diagnosis before you come in for the physical encounter.

Fostering the Network Effect

If a patient were to see a physician not currently signed up on the platform, the patient would be able to generate a secure and temporary URL that would be emailed to the doctor. This would provide view only access to the patient’s medical record history or timeline for 24 hours. This way, instead of the majority of the patient’s visit taken up by filling out forms and discussing their medical history during the physical encounter, the receiving doctor can formulate questions to deal directly with what is currently ailing the patient. And, if the doctor later on so chooses to to join the platform, a “Sign Up” button pointing to a simple, single registration page would be provided.

For this to work …

For this to work properly, a UPI would be generated immediately upon signup. Why this you may ask? It would allow any provider to distinguish who’s record they are looking at if you and several other people have the same first and last name. A simple scenario would be, you walk into an office that may or may not be enrolled into the system I proposed. You simply pull up the app on the mobile phone, go to your settings, and in the section below your name, there is a button labeled “Show My UPI” which would bring up a modal window on the app with your unique alphanumeric serial number. Simply show this to the medical associate checking you in, they go to the “Guest Doctor” login, enter their National Provider Identification and your UPI, and now they have limited, view only access to your medical information and coverage on the fly.