Datavant is a health data technology company focused on facilitating the exchange of patient information in a privacy-preserving way. Our software de-identifies patient health data and provides a secure method of linking patient records across disparate datasets without compromising individual privacy. Datavant’s de-identification and linking software is installed at over 120 sites and serves as the foundation for an ethical data exchange network that serves clients across the healthcare industry.
Datavant submitted these comments on patient matching in response to the proposed rule to advance interoperability and patient access to health information (CMS-9115-P) drafted by the Centers for Medicare & Medicaid Services (CMS).
Datavant greatly appreciates CMS’s interest in the issue of patient matching. As CMS is aware, research has shown that a large amount of patient information gets unnecessarily misattributed, lost, or disclosed as a result of inaccurate matching of health records. This has significant implications not only for individual patient care and privacy but also for public health research and analytics. Patient matching processes that rely on identifiable information are of course critical for interoperability, portability, and patient access; however, we contend that the challenge of patient matching is even more confounding in a de-identified setting, where record elements are obfuscated or removed altogether. Despite this challenge, patient matching in the de-identified context is necessary to support clinical research, population health studies, and treatment development — all of which serve to improve patient outcomes and advance the quality of our healthcare system.
Given Datavant’s core competency in privacy-preserving patient matching, we have scoped our response specifically to address CMS’s request for comment on the topic, namely: 1) the privacy and security considerations of patient matching process versus unique patient identifiers (UPIs); 2) recommendations for CMS to promote private sector patient matching strategies; and 3) suggestions for ways in which CMS can leverage its authority to support improvements in patient matching.
Privacy & Security Considerations for Patient Matching
It is Datavant’s experience that patient matching processes, if built and managed responsibly, can serve the same purpose as UPIs — accurately linking disparate records for the same patient — at substantially lower risk to the patient’s privacy and the security of the data. This is because a UPI is inherently a fixed state method, meaning the same patient identifier must persist across the healthcare ecosystem, leaving it vulnerable to compromise. A patient matching process, however, can take a myriad of formats ranging from stateless or real-time matching to matching based on de-identified and multiple representations of an individual patient. In other words, patient matching processes optimize for consistently accurate matching, while at the same time mitigating the patient privacy and security risks that would otherwise arise out of persisting a UPI across disparate patient records.
We would like to note, however, that patient matching processes are more complex than UPIs and will consequently require greater attention to transparency standards, particularly with respect to the information used to generate a match. Also worth noting is that patient matching processes could perpetuate unintentionally incorrect matches, which could pose a risk to patient privacy and security for different reasons than a UPI. Patient matching processes, like UPIs, are also not immune to fraud and should not be considered a replacement or substitute for identity verification services.
Facilitation of Private Sector Patient Matching Strategies
Datavant encourages CMS to consider pursuing or continuing its work on the following initiatives:
- Supporting the creation of standards for acceptable patient matching algorithms and solutions
- Supporting the creation of a validation program for evaluating patient matching solutions against the criteria established in those standards
- Ensuring that the records generated by CMS-funded/related programs contain at least all of the minimum demographic elements deemed necessary for patient matching. In addition to ensuring that datasets are “matchable”, this policy would have the added benefit of ensuring that CMS programs are well positioned to make use of patient matching solutions.
- Encouraging through financial support and internal policy the use of patient matching solutions for CMS-funded/related programs
Leveraging CMS Program Authority to Support Improvements in Patient Matching
We answer each of CMS’s specific questions on how the agency can use its authority to support improvements in patient matching below.
Should CMS require Medicare FFS, MA Plans, Medicaid FFS, Medicaid managed care plans (MCOs, PIHPs, and PAHPs), CHIP FFS, CHIP managed care entities, and QHP issuers in FFEs (not including SADP issuers), use a patient matching algorithm with a proven success rate of a certain percentage where the algorithm and real world processes associated with the algorithm used are validated by HHS or a 3rd party?
Datavant supports a CMS requirement that any patient algorithms used by its programs be validated against a standard metric. CMS could also assist in various capacities with the development of that standard evaluation metric.
However, CMS should not mandate that its programs use the same algorithm. It would be most beneficial for the continued improvement of patient matching that experimentation, research, and innovation in matching algorithms be given the space and opportunity to excel.
Should CMS require Medicare FFS, the MA Plans, Medicaid FFS, Medicaid managed care plans, CHIP FFS, CHIP managed care entities, and QHP issuers in FFEs to use a particular patient matching software solution with a proven success rate of a certain percentage validated by HHS or a 3rd party?
CMS runs the risk of supporting market fragmentation and perpetuating propriety barriers to interoperability if it requires its programs to use a particular software solution. Not only should CMS programs be able to use a solution that is best suited to their needs, but a single CMS-mandated solution entrenches a single algorithm and technology provider in the market — to the likely detriment of innovation and data portability. Effective patient matching software solutions should be able to work with each other, and an open market encourages them to do so.
Datavant does agree, however, that CMS should develop a program to validate patient matching software and should require that its programs only use software solutions that have been validated. This would establish a common framework against which private sector solutions can gauge “success”. It would also ensure both that a standard baseline exists for patient matching and that all CMS programs are using software that meets those standards.
Should CMS expand the recent Medicare ID card efforts by requiring a CMS-wide identifier which is used for all beneficiaries and enrollees in health care programs under CMS administration and authority?
While the extension of a CMS-wide identifier would help improve patient matching for programs under CMS’s administration, it would not support patient matching across the larger healthcare ecosystem. In addition, a CMS-wide identifier is more similar to a UPI than a patient matching process and would increase patient privacy and security risks that might otherwise be mitigated if the alternative — a patient matching process — is used instead.
Should CMS advance more standardized data elements across all appropriate programs for matching purposes?
Datavant encourages CMS to advance a standard set of data elements. One of the primary challenges for successful and accurate patient matching is inconsistency in available patient information. Standardizing the available elements for CMS programs would go a long way toward establishing record consistency for (and improving the accuracy of) patient matching because CMS programs produce the greatest share of patient records and would quickly set a standard for the healthcare ecosystem. Even if particular patient matching solutions chose to rely on different sets of fields for their matching algorithms, a common set of required elements improves the likelihood that data could be portable across solutions.
We believe patient matching is most effective when multiple elements are available for the matching process, and unsurprisingly, when elements are unique and/or stable. A standard set of elements should optimize for capturing one or more unique values across the standard set, since the combination of elements is likely to increases the probability of achieving a correct match due to its “uniqueness”. Uniqueness notably depends on a variety of factors, including the size of the patient pool (family, small local providers, state/regional providers, US patient population) and the element itself (gender versus email address). The most valuable elements are the ones that do not or are not likely to change, such as a government issued identifier or birthdate.
A second challenge for patient matching is that fields with the same name may not lead to the same values for the same patient, either because the values are represented in a different metric or the field does not have a standard format. Without consistency in the defined format for a standard field, patient matching could lead to poor quality matches even if the matching algorithm is strong.
Once CMS has advanced a standard set of elements, Datavant would also like to encourage CMS to mandate that all standard elements be present in a record to the extent they are available for a patient. Standardizing the elements will only be effective if the standard is enforced.
To what extent should patient-generated data complement patient matching efforts?
Patient-generated data can be enormously valuable for patient matching, in large part because patients are best-equipped to provide accurate and comprehensive information. Patients should be encouraged to help identify incorrect records or incorrectly matched records and should be encouraged to provide the information necessary to complete or correct their health records.
As mentioned previously, patient matching processes can be complex, and every effort should be made to provide patients with transparency into the process. Datavant strongly believes that CMS should support initiatives to facilitate patient access to the information used in a matching process. Such access and awareness would: 1) lead to greater consumer comfort and familiarity with the process that might otherwise be unexpected or unsettling to patients; and 2) impose a social oversight function on businesses to act ethically and responsibly with the patient matching process and the underlying data that feeds it.
Datavant wholly supports CMS’s interest in patient matching as a method of increasing interoperability and access to health information, and we are in favor of CMS’s effort to promote standardization of demographic data and benchmarking of matching accuracy and scalability.