By Emery Niemiec, Director Government Partners & Alliance and Jason Meyer, VP Government at HealthVerity
Within the government, healthcare data is stored in silos across agencies and continues to become more disparate with the proliferation of new health programs, policies and partnerships. For almost two decades, federal agencies have invested billions of dollars trying to make this public health data interoperable, or able to be viewed and used by different systems and agencies; however, the challenge is maintaining patient privacy with the continued evolution of healthcare and data security guidelines.
To protect patient privacy, a single patient record may be assigned multiple identity tokens by different healthcare providers and there needs to be a way to reconcile these differences across systems while avoiding a fragmented client record. If patient records are not accurately linked, it can result in false negatives (inaccurately categorizing the same person as different individuals) or false positives (inaccurately identifying different people as the same individual), providing a skewed view of the patient journey.
While some significant strides have been made with initiatives such as the Centers for Medicare and Medicaid Services (CMS) launch of the Integrated Data Repository in 2005 that integrated Parts A, B, C, D and DME claims data and the 2016 passage of the 21st Century Cures Act, much still needs to be done. The COVID-19 pandemic brought this fact to light, demonstrating the true detriment a lack of access to timely and accurate health data has on our country. With no way to connect all elements of care, ranging from hospitalizations, clinical presentation, testing, vaccine administration and prescribed treatments to an understanding of where supply chain efforts should be targeted, our ability to respond proactively was impossible.
Novel initiatives are underway, such as the Center for Disease Control and Prevention’s (CDC’s) Data Modernization Initiative and the Food and Drug Administration’s (FDA’s) Enterprise Modernization Action Plan, but the ability to link fragmented datasets while protecting security and patient privacy has yet to be solved. Additionally, progress to standardize data through initiatives like HL7 and FHIR continue to lay a foundation for interoperability, but come at a time intensive, resource-heavy cost to those applicable patient care organizations. Privacy-enhancing technologies (PETs), including Privacy-Preserving Record Linkage, are critical in helping tackle these challenges.
Privacy-Preserving Record Linkage, a critical privacy enhancing technology
Privacy-Preserving Record Linkage (PPRL) describes technologies that enable data sharing and interoperability across disparate sources while maintaining confidentiality, and is a key component to how our nation can more proactively respond to public health crises. PPRL can also help promote continued innovation in emerging technologies in a manner that supports national research and development prioriorities and addresses wide-sweeping public health concerns ranging across epidemics, spend and care quality.
While a few PPRL solutions have emerged in the market, there are certain gold standards that enable accurate patient mastering and de-identification capabilities and also provide the ability to unify disparate data isolated in silos into a completely interoperable and HIPAA-compliant view of a patient's healthcare journey. For example, the HealthVerity PPRL solution, which was recently granted Federal Risk and Authorization Management Program (FedRAMP) authorization, is being deployed by a number of government agencies to make their data interoperable. For instance, the CDC is using HealthVerity PPRL to combine multiple data sources to gain a longitudinal and interoperable real-world data (RWD) view of patients to provide insights into new and emerging research questions related to COVID, including variants, vaccination, testing, re-infection, health impact, natural history and long-term effects. HealthVerity is also using advanced privacy-preserving techniques to enable researchers to use longitudinal clinical data to follow mothers and their babies in tandem throughout their pregnancy journey. The mom-baby linked data preserves critical data elements, such as race, ethnicity, maternal age, birth events and pregnancy outcomes to enable novel pregnancy studies. Additionally, HealthVerity is providing the ability to connect genomic sequencing data to RWD to better understand demographic and clinical characteristics and outcomes associated with different variants.
With the HealthVerity PPRL solution, patient records are de-identified behind the data owner’s firewall and assigned a universal patient identifier across multiple datasets in lieu of personally identifiable information (PII). After de-identification, records are linked across datasets and duplicates are flagged to create an accurate, interoperable and HIPAA-compliant patient master list that can then be linked to the nation’s largest healthcare and consumer data ecosystem for further research.
One of the challenges in matching patient records is the inherent inconsistencies, such as nicknames, misspellings or missing fields. One of the ways HealthVerity helps ensure accuracy is by leveraging probabilistic matching instead of deterministic, which requires an exact match of fields. Additionally, HealthVerity compares several field values to determine an accurate match. Many other PPRL solutions rely on social security numbers (SSNs) for matching, however, SSNs are rarely used in healthcare records and if they are, sometimes only an insurance policy holder’s SSN is used, which would apply to all dependents, creating inaccurate matches. Therefore, HealthVerity does not rely on social security numbers. HealthVerity also compares patient records to a centralized referential database of over 330 million patients, rather than dataset to dataset matching. This approach has resulted in 10 times greater accuracy than industry benchmarks.
As organizations and federal agencies look to PPRL technologies for supporting data sharing and interoperability, vendors who can demonstrate HIPAA compliance, deploy sophisticated patient matching algorithms that result in the least amount of incorrect matches, and go beyond tokenization to unite disparate records across entities remain critical to government public health and safety efforts.
Reply to this post...