On July 13, 2019, the U.S. House of Representatives passed an HHS Appropriations bill including an amendment lifting a decades-long moratorium on the development of a national patient identifier.  While HHS and lawmakers should be applauded for recognizing the breadth and strain patient identity matching puts on the delivery of healthcare; they must recognize, however, that a government-mandated universal health identity puts patients privacy at unnecessary risk by putting all our identities in one shiny, proverbial basket.   The problem is, a single patient identifier for all of healthcare, if compromised, would unlock a patient’s entire medical history. 

Since the passage of HIPPA in the mid-nineties, Congress has prohibited HHS from funding the development of any patient identification system which would assign patients a unique, persisting identifier.  While HIPPA, in fact, called for the creation of such a national patient identifier; lawmakers were quick to include provisions preventing HHS from adopting standards related to unique health identifiers for patients. 

Healthcare providers and insurers claimed a universal health identifier could help them match patients with correct medical information better.  This, in turn, would significantly lower barriers to electronic health record interoperability.

In response, lawmakers and privacy advocates argued such an identity system would put patients’ private health information at unacceptable risk for theft and over-commercialization.  If compromised, a universal health identity would unlock a patient’s entire medical history. Privacy advocates made it clear; a single national patient identifier would be too valuable, too vulnerable, and too tempting a target for attack or corruption. 

The situation has not changed much in the interim decades.  In fact, it has worsened. Cyber attacks have proliferated the world over – as well as the means and methods of hackers and data thieves.  Reports of costly, high-level data theft and accidental disclosures of private data are common and routinely makes the nightly news. This rise in personal data theft coincides with the rise of social media and cloud computing.  As more and more of our lives become dependant on networks of electronic devices, more and more we are exposed to both the threat, and large potential negative impacts, of personal identity theft.

In this world, the notion of a single universally recognized patient identifier seems even more perilous than it did in the mid-nineties.  Today, patient identities are matched between distinct medical and financial institutions at least half a dozen times every episode of care.  Using the same patient identifier to bind patient identities across all healthcare transactions would expose these patients’ identities to identity theft during every single one of these transactions.  Moreover, the use of a universal health identity would prove even more vulnerable today than in the 90s. Since then, electronic medical records, and interoperability between them, have proliferated, due in part to efforts spearheaded by HHS. While this has brought about better medical outcomes and reduced our patients’ burden of tracking health information, it has also made patients more vulnerable to the potential impacts of identity theft.  If all of their private health information were linked to a single identifier, their entire, interconnected medical history would be at risk if this identity were ever compromised or stolen.