Patient Authentication can help healthcare reclaim billions from fraud

The Centers for Medicare and Medicaid Services (CMS) estimate that improper payments from fraud, waste or abuse cost those programs $95bn in 2016 alone.

Unfortunately, patients, healthcare providers, and insurers are vulnerable to fraud.  Even after CMS’ electronic health record mandates and incentive programs were implemented, the healthcare system as a whole remains vulnerable to abuse due to archaic identity verification and records-keeping practices.

Technologies that can collect, read and verify patient information in a secure manner could do a lot to make Electronic Health Record (EHR) bookkeeping simpler and more accurate, and to make records more accessible between providers. Ultimately, these benefits support the core goal of EHRs: increasing the quality of care delivered and the transparency of billing and payments.

If the patient data collection processes used to populate EHRs were updated with identity authentication and verification technologies, patients would have more control over their personal information and the healthcare system as a whole would enjoy more robust fraud protection from patient registration to discharge.

Better records equal better care.

The focus of CMS’ mandate for meaningful use of EHRs tightened around interoperability and data sharing in 2017. This is great news for patients, who don’t want to jump through hoops to ensure their data is properly transferred between providers but who also want to trust that doctors have all the information they need when recommending treatments.

Unfortunately, interoperability in practice has yet to catch up with CMS’ ideal. In 2017, about a third of Americans who went to a doctor reported issues (like missing test results) due to a gap in information exchange, according to a study by the National Coordinator for Health Information Technology.

Many providers simply aren’t using EHR systems to send data outside of their organisation or integrate outside data with their own, as the National Center for Health Statistics found, but the issue is compounded by different organisations holding different, sometimes mismatched health records for the same patient. Reconciling all those records would be costly and time-consuming but failing to do so could result in negative outcomes for patients.

Automating parts of the patient documentation process could alleviate some of the pain of mismatched records while making certain administrative processes more efficient.

See also

• Fortune 500 startup Fortive Corporation acquires a Johnson & Johnson division for $2.8bn
• Tackling the demands of a digital world in an analogue healthcare industry
• Optimising hospital patient flow - a key step towards high quality and sustainable healthcare?

Using document readers at registration can improve patient authentication and reduce the potential for human error by electronically verifying names, DOBs and health insurance information against the ID’s being presented and the records already within the EHRs. This would make it easier to keep records accurate and complete and would also further reduce errors in treatment.

However, EHRs’ credibility would be much stronger if tied to a unique patient identifier.

Reducing fraud with fingerprints or face ID

Today, the primary line of defense against healthcare fraud occurs when healthcare employees manually verify patient IDs at registration. Replacing that manual verification process with two-factor authentication, using a combination of government-issued ID authentication and biometrics, would provide a much more powerful protection against fraud.

When registering with a healthcare provider, patients could authorise data access for themselves and their providers using a thumbprint (or a smile, as facial recognition would likely be a more sanitary option). This would give patients more control over how their data was shared and used, and confidence that their identity couldn’t be stolen and used for fraudulent healthcare.

As they move through care facilities, patients could even be asked to authorise individual doctors’ access to their EHRs or confirm stages of treatment using a biometric “signature.” This could help to improve the accuracy of care tracking that is today done with paper and printed barcodes.

Biometric identifiers for doctors could be a useful fraud prevention tool, as well. Rather than tracking treatment with the familiar paper-and-barcodes system, doctors could use their own thumbprint to digitally sign instructions, prescriptions and patient records, helping increase transparency of treatments and the associated costs between patient, provider, and insurer.

A foundation for healthcare’s future

These sound like (and are) relatively simple changes to familiar processes, but increasing the use of authentication in records-keeping and introducing biometrics as a two-factor unique ID could have a huge impact on reducing fraud. 

While two states – Nevada and Minnesota – already use unique patient identifiers, healthcare providers and insurers should push for two-factor authentication to prepare for a future of decentralised care. Tele-health options and remote medical tools are growing in popularity and present new avenues for bad actors to commit fraud or abuse the healthcare system.

Working today to ensure the accuracy of health records and develop a way to keep them secure will help innovators build tele-health and remote medical tools. These are key for making accurate health assessments, delivering care instructions clearly, and recording outcomes for the future of healthcare