If you think a data breach somewhere else won’t affect you,


Data breaches are an extraordinary threat to healthcare and patient safety, regardless of where they occur.

The breaches suffered by any organization impact healthcare because the algorithms currently used for patient matching rely on the same data that’s targeted in a breach. The consequences for patient safety and the exchange of electronic health records are frightening.

When a breach occurs, the information is sold and resold, and streams into EHR systems in the form of synthetic identities and fraud. Synthetics are created out of thin air by pairing a valid Social Security number with false name and address – or any combination of the information used today for patient matching. The existence of a synthetic identity anywhere in the nation’s health system means the information used for record exchange is shared; destroying the integrity of nationwide exchange and placing patients at great risk.

Drug seekers, criminals, individuals without insurance, undocumented immigrants and others use synthetic identities to receive care. They may never come back, but their health record – containing the identifying information they’ve ‘borrowed’ from another patient – never leaves.

Those who do return won’t use the identity they presented before. They’ll build a new identity to obtain narcotics or commit fraud, creating a new medical record with phony information. Existing patient verification and matching processes cannot stop them.

Today an estimated 40 million Social Security numbers are used by more than one person, leaving patients with a one in seven chance that their number is shared. The personal information of nearly every consumer has been compromised in breaches. Unimaginable zero day threats exist that will undermine the goals of EHR exchange.

The unique patient identifier solves the threats to patient matching and safety from data breaches that happen anywhere. Through a standardized identification process the UPI prevents the use of synthetics and multiple identities across any provider, ensuring correct and secure nationwide exchange of EHRs and protecting patients.