Introduction
The CHIME National Patient ID Challenge is a global competition aimed at incentivizing new, early-stage, and experienced innovators to accelerate the creation and adoption of a solution for ensuring 100 percent accuracy in identifying patients in the U.S. Patients want the right treatment and providers want information about the right patient to provide the right treatment. Patients also want to protect their privacy and feel secure that their identity is safe.
Accurate identification can greatly reduce the risk of preventable medical errors and significantly increase quality of care. It can also drive out unnecessary costs by reducing inefficiency. First and foremost, patient identification is about patient safety, and we need to get it 100% right the first time, and every time.
We believe the CHIME National Patient ID Challenge can make this happen once and for all.
The Problem
In the past, healthcare providers kept all their patients’ records in paper files. If you went to a new provider, the only way for the information to be exchanged was through fax or regular mail. There was no hope that in an emergency, the ER doctor could see what conditions you had or what medications you were already taking. When you were sent to a specialist, sometimes they had a small amount of information sent over by your primary care physician, and often times not.
Over the last 20 years, many providers have converted their paper records to electronic records. Efforts are underway to share information between providers (hospitals, primary care practices, nursing homes, etc.) so that, if given permission, they can see your health information to provide the best care possible.
It turns out this is not easy. Consider the number of John Smiths living in the same town, sometimes even under the same roof. Now think about the number of John Smiths in a county, state or the nation. There are even many John Smiths or even John A. Smiths with the same birthday. What if John sometimes gives his name as Johnny Smith? Or perhaps his birth name is really Edward John Smith but he goes by John.
Healthcare organizations spend a lot of time using and perfecting complicated algorithms that use a lot of different pieces of information to ensure that the John A. Smith standing in front of them is the same John A. Smith found in their system. Trying to delete duplicate errors and match records from one healthcare provider to another for every patient takes an inordinate amount of time that could be spent focusing on prevention and treatment, not matching records. Because it is still so difficult to get records from other providers, patients often have x-rays and other tests repeated, which in some cases is harmful to the patient, and at the very least wastes time and money.
The information used for identification, which typically includes birthdate, Social Security Number and address, is collected by multiple people, and sent by regular and electronic mail between providers and billing companies. Theft of this personal information is much more difficult to recover from than theft of a national patient identifier. A stolen national patient identifier can simply be terminated and replaced with a new one. In contrast, a patient cannot replace their birthdate and they are likely not planning to move. Their stolen Social Security Number is tied to all sorts of financial and personal records that are now vulnerable to theft. In fact, it is technically illegal for Social Security Numbers to be used for health records, but it is done all the time. This challenge provides an opportunity to establish a more secure method of patient identification.
Unfortunately, even with all of this effort to try and match records as accurately as possible, in the absence of a national patient identifier, the current matching error rate is of great concern.
In an environmental scan in 2014, the Office of the National Coordinator for Health Information Technology found that the best error rate is around 7%. Seven out of 100 records are mismatched. Perhaps the John A. Smith record found was not the right one. This is pretty serious when you consider that the provider may unknowingly prescribe a medication that interacts poorly with a medication John is already on or cause him harm due to a condition he has. Many patients cannot tell you accurately themselves what their prescriptions are or name all of their conditions.
Worse still, the error rate is usually closer to 10 to 20 percent within a healthcare entity and it rises to 50 to 60 percent when entities exchange with each other. That’s just not good enough. It’s not safe. We need patients to be identified accurately 100 percent of the time.
We know it is equally important to protect each and every patient’s privacy. Patients are protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), but laws can only protect if they are followed, monitored and enforced; that has been very difficult to accomplish even with paper records. We think the development of a national patient identifier is actually an opportunity to enhance patient privacy.
What this challenge is not: This challenge is not directly about exchanging health information. It is not a patient portal that lets patients look at all of their data in one place. It is not a provider portal that lets providers look at all of a patient’s data in one place. It will not fix all of the duplicate records in a health center’s system. It will not find and link all the healthcare entities that have data for a patient. However, we believe that a viable and scalable solution to patient identification is an essential building block to achieving greater information exchange between providers.
What this challenge is: Simply stated, this challenge is about privately, accurately and safely confirming a patient’s identity 100 percent of the time.
Why the CHIME National Patient ID Prize?
We believe that the technology to solve this problem is already available, but hasn’t been put together in a viable and scalable solution yet. And, in order for a patient identification system to work, we need all stakeholders—patients, providers, technology companies, the government and others—to agree on a standard way to accurately and safely identify patients. Imagine if online and storefront retail stores couldn’t quickly verify your credit card. How much more important is it then for patients throughout the nation to be quickly, privately, accurately and safely identified so that the appropriate healthcare treatment can be delivered.
This challenge will enable the best solution for identifying patients to be developed and will provide all the stakeholders with the capability to start working toward implementing the solution once it is ready. This will result in a dramatic increase in safety and efficiency throughout the healthcare system.
The Challenge Breakthrough
CHIME Healthcare Innovation Trust is looking for the best plan, strategies and methodologies that will accomplish the following:
- Easily and quickly identify patients
- Achieve 100% accuracy in patient identification
- Protect patient privacy
- Protect patient identity
- Achieve adoption by the vast majority of patients, providers, insurers, and other stakeholders
- Scale to handle all patients in the U.S.
Read the Challenge Guidelines for complete rules and submission requirements.
Challenge Overview
CHIME Healthcare Innovation Trust is looking for the best plan, strategies and methodologies for the National Patient Identification solution. The leading solution will:
- Easily and quickly identify patients
- Achieve 100% accuracy in patient identification
- Protect patient privacy
- Protect patient identity
- Achieve adoption by the vast majority of patients, providers, insurers, and other stakeholders
- Scale for usage in care settings across the country, regardless of size
It is important to note that the Challenge is focused solely on finding a solution for patient identification, not a patient matching. Patient identification is the act of being able to identify the person who is seeking or in need of care. This is not as simple as asking the patient, who may be unconscious or otherwise unable to provide accurate information, or relying on a health insurance card, which may be incorrect or fraudulent.
Patient matching is the act of correctly matching a patient to his or her medical record, both within a singular healthcare entity and across entities when information needs to be shared.
Ensuring that we identify patients accurately is a critical first step towards solving the problem of patient matching. In the Challenge, while we want to know how your proposed solution will work with a record locator system or service, the goal of the Challenge is to achieve 100% accuracy in identifying a patient.
Challenge Key Dates – Final Innovation Round
The Challenge began with the Concept Blitz Round to develop ideas and designs for the final solution. Concept Blitz Round winners were announced on June 1, 2016. The Final Innovation Round enables all innovators to improve their designs from the Concept Blitz Round or to propose new designs that were not submitted in the Concept Blitz Round, and to build prototypes that demonstrate the functionality and performance of their design concept.
Anyone who is already officially registered for the Challenge by August 1, 2016, is eligible to participate in the Final Innovation Round.
Guidelines for the Final Innovation Round – Phase I were released on August 23, 2016. These guidelines include use case scenarios, submission requirements (format and contents) and important guidelines and considerations for solution proposals.
The deadline for the Final Innovation Round – Phase I submissions is March 1, 2017.
Final Innovation Round Phase I Review: Submissions will be reviewed over a period of 30 – 45 days. All of the submissions will be reviewed. Proposed solutions that are evaluated to best meet the Challenge criteria and that are able to submit a working prototype will be eligible for entry into the Final Innovation Round Phase II.
IMPORTANT: Final Innovation Round Phase II innovators will be required to produce working prototypes of their designs. Only those innovators who can produce a prototype will remain eligible to compete for the Challenge prize in Phase II. Innovators may submit solutions as individuals or as part of a team. Requirements for the prototype submission will be announced in October – as will the timeline for Phase II of the Final Innovation Round of the Challenge.
Intellectual Property
A criteria for the Challenge is to make the solution publicly available. Solutions that include newly created intellectual property are required to provide the newly created intellectual property on a royalty-free basis.
Innovators who propose a solution that incorporates pre-existing intellectual property (either owned or licensed by the innovator) should be prepared to provide the solution on either a royalty-free or fee or cost basis. If such pre-existing intellectual property is provided on a fee or cost basis, the innovator must include those fees or costs in the total cost of implementation section of the proposal.
Final Innovation Round Phase I Submissions
Submissions will be assessed on the overall proposal and the ability of the prototype to demonstrate that the solution meets the Challenge criteria. The proposal should be thorough, specific, clear, and easy to understand. While you have been provided ample room for your responses, please be as brief and succinct as possible.
Submission Content
Submissions must include the following components:
- Online Submission Form (see details for character limits)
- Use Case Template and Performance Results (10,000 characters per Use Case)
- Response to Submission Questions (10,000 characters per question)
- Images and Video of Enrollment and Identification (No more than 120 seconds for videos)
- Statement on Intellectual Property Rights (10,000 characters)
- Prototype Development Plan (10,000 characters)
- Supplemental Information (Optional – use this section if necessary)
Submission Content Details
1. Online Submission Form
- High Level Summary: Explain how your solutions works in a few sentences (500 characters)
- Executive Summary: Provide an overview of your proposed solution (1500 characters)
- Best Solution: Why should your solution be chosen for an award? (1500 characters)
2. Use Cases & Performance Results
Innovators must provide details on how their proposed solution performs for each use case. You must also submit performance results for your solution’s prototype testing against the Final Innovation Use Cases. See Use Case Scenarios and directions at the end of this Section.
You have 10,000 characters (including spaces) per Use Case.
3. Response to Submission Questions
Innovators must respond to each of the questions listed under the numbered Sections 2 – 8. You will have ample space to respond to each of the questions. Include additional information such as screen shots, videos, diagrams, images or descriptions of devices being used, early prototype designs, usability tests, etc. to help judges better understand your solution.
You have 10,000 characters (including spaces) per question.
4. Images and Video of Enrollment and Identification
The following images and videos are required for the submission.
Provide both images and a video of a patient:
- Being enrolled into using your proposed solution
- Being identified at a point of care (arrival at a healthcare provider)
- Include screenshots and description of devices being used
Video submissions may not exceed 120 seconds in length. Judges’ reserve the right to not view any videos that exceed this required length.
Videos must be uploaded to an external site, outside of your HeroX.com submission form. Please review the video uploading requirements carefully: https://chimecentral.org/npid-video-upload/.
Please note that images must be added as a URL link only.
5. Statement of Intellectual Property Rights
If pre-existing intellectual property is provided on a fee or cost basis, include a listing of those fees and costs.
You have 10,000 characters (including spaces).
6. Prototype Development Plan
List the costs to develop the prototype. Provide evidence of ability to fund the development of the prototype.
You have 10,000 characters (including spaces).
7. Supplemental Information
You should utilize the Supplemental Information section as an opportunity to expand on any submission questions, or to include additional information such as screenshots, videos, diagrams, images or descriptions of devices being used, early prototype designs, usability tests, etc. for either the Section Questions or for the Use Cases to help judges better understand your solution. The Supplemental Information section can also be used to share additional features or information about your proposed solution. Please keep in mind that brevity and clarity are two very important measures of a successful submission.
Any supplemental information is limited to 100 pages maximum, including the title page and a table of contents. Paper size must be 8.5 by 11 inches, with the exception of supporting materials. Minimum margins are one inch. Font must be minimum 12 pt, double-spaced. Place the title of your submission into the footer of every page. No logos, names, or other markings that can be used to identify the proposing team or any team members are allowed on any of the pages.
Suppemental information must be uploaded as a single unlocked PDF document, 20 MB maximum. Embedded hyperlinks are permissible for videos or animations (maximum of 120 seconds duration recommended) as supporting material. Judges are not required to view any hyperlinked content beyond what is required and outlined in the Images and Videos section.
You must follow the Supplemental information format instructions as outlined or risk elimination. Your submission should be organized by the numbered sections provided below. CHIME Healthcare Innovation Trust reserves the right to request additional information from a competitor during the judging period.
Use Cases and Submission Questions
Use Case Guidelines:
All Use Case solution descriptions must be completed in the submission. A maximum of 10,000 characters is allowed for each Use Case. The following items MUST all be defined for EACH Use Case:
- Solution description – How does your solution work for each Use Case?
- Proposed Solution’s Work Flow. (Include diagrams, pictures or any other information that will assist in helping to understand the flow of information for the solution. Include a listing of all of the steps in the process, who performs the steps in the process, what the decision points and process outputs are.)
- Use Case Performance Data
Your solution description should fit in the allotted space in the submission form (10,000 characters per use case, including spaces). You may attach the work flow items (diagrams, pictures and performance data charts) to each use case. You may also use the Supplemental Information section to include additional charts, performance data, etc. Readability is a key factor in the judging review. Ensure that any additional charts, performance data, etc. included in the Supplemental Information Section are carefully organized and tied to their specific Use Case Scenarios.
Identification and Use Case Scenarios
- Patient arrives at care location with identification
- Patient is new
- Patient is returning
- Patient arrives at care location without identification
- Patient arrives unconscious with or without identification
- Patient is a minor without legal guardian. If solution has age dependency, please describe.
- Multiple birth patients require identification
- Identical twins
- Fraternal twins
- More than 2
- Patient tries to use a card that is a stolen identity or not their own
- Patient is medically compromised (is confused, altered mental state, having seizures, cannot speak)
- Patient is a non-English speaker, including aphasic, deaf, and does not have identification
- Patient has had identity stolen, including SSN, DOB, and financial records
- Patient is not physically present to register or enrolls remotely. Describe how your solution would handle this, as well as the scenario of remote care delivered to patients
- Patient not found in system. Describe how your solution will handle misspellings, typos, character transpositions, first and last name reversals, or sound alike names.
- Patient presents with injury that disfigures eyes, face, limbs
- Patient is homeless without a permanent address
- Patient does not consent to identity verification
- Patient is a celebrity or VIP
- Patient enrolls in a health insurance exchange
- Patient enrolls in their provider's EHR or portal
- Provider receives an enrollment record from an insurance company and needs to verify patient ID
- Provider is using a mobile device. How does your solution work to identify patient?
- Providers nees to verify patient identification across provider care settings (lab, pharmacy, radiology clinic, specialists, etc). Describe how the solution works when the patient is and is not present.
- Provider needs to verify patient identity at bedside for administration of meds, testing, food delivery
- Provider searchers for patient identification and verification across a health insurance exchange
Security and Fraud Management Use Cases
- Patient tries to enroll with a stolen ID or ID is not their own
- Patient presents as someone else without ID
- Patient tries to use a different ID during middle of care process
- Enrollment site is compromised
- Enrollment data is stolen
- System access attempted without correct employee password or info
- Attempted transfer of PHI over an unencrypted line
- System access accepted remotely
- User indicates their medical record has been stolen
- Insurance company tries to verify patient identity with a provider
- Provider aware that patient record has been stolen
- Pharmacy tries to verify patient identity for controlled meds
- Activity on a deceased record
- Encryption of data during transmission and storage
- Indentity claim in distinct geographic areas at same timeframe
- Provider EHR system is breached
- Patient data hub side is breached
- Provider is using a mobile device
Use Case Additional Questions:
Responses must be provided. Include the responses to these questions in the Submission Form.
- Include any Use Case scenarios not listed that you believe will differentiate your solution.
- Consider the various care settings where the solution must work; physician office, outpatient surgical center, clinics and minute clinics (Rx settings), acute and specialty care hospitals, long term care facility, emergency department. Any unique steps required in these settings must be documented. This documentation can be included as an addendum item in your submission.
- Define in detail what type of training would be required for staff to implement the solution
- Define how the patient identification solution being proposed would change if new technology becomes available.
- If your solution is already on the market, provide blind testimonials and customer reference material specific to Use Case Scenarios. This may be included as an addendum item in your proposal submission.
- Define how the proposed solution would perform should new patient identifiers be implemented by governmental agencies.
- Define how your solution would work with a record locator service?
Submission Questions
You have 10,000 characters, including spaces, per question.
1. PATIENT ENROLLMENT & IDENTIFICATION
- Describe how your solution provides enrollment (when a patient is new to your solution) that is simple and fast for both patients and providers. Make sure to address the following:
- How are adult and child patients, including non-US citizens, enrolled to use your solution? For each of the forms of authentication used to confirm their identity, please indicate whether they are royalty-free and/or proprietary.
- How does your solution minimize errors in enrollment?
- How are updates and corrections to identification data made, including who can make them, how the corrections are validated, and how changes are communicated to relevant individuals and systems.
- What challenges or barriers could patients and providers face in using your solution? How would your solution resolve these barriers? For example, if your solution normally requires verification through text or email, but the patient doesn’t have access to either of these options.
- Describe what situations would fall outside of your standard process and how you enroll patients in these cases.
2. SECURITY AND FRAUD MANAGEMENT
- Describe how your solution ensures the security of patient information and protects against fraud. Make sure to address the following:
- How does your solution allow the patient to monitor activity?
- How is identification replaced if it has been compromised in any way?
- How does your solution protect against usage for non-health purposes?
- How does your solution prevent theft of national patient identification to receive treatment, impersonation of someone else, or theft of a patient’s financial records?
- How does the system protect data integrity and security for faults occurring during the writing and transferring of data?
3. SUPPORT FOR PRIVACY AND ANONYMITY
The patient identity must be accepted across disparate groups and technologies and integrated into the healthcare system to include providers, pharmacies, payment, health insurers, federal, state and local governments.
Solutions must be HIPAA compliant and should support privacy guidelines from NIST, CMS, ONC, HIMSS, NSTIC IDESG and PMI.
Recommended references include: Applicable HIPAA regulations, The National Strategy for Trusted Identities in Cyberspace Identity Ecosystem Steering Committee (NSTIC IDESG’s Identity Ecosystem Framework (IDEF) Baseline Functional Requirements, HIPPA Guidelines, ONC’s Nationwide Shared Interoperability Roadmap, the Precision Medicine Initiative – Data Security Policy Principles and Framework and HIMSS Identity Proofing and Authentication recommendations.
- Describe how your solution supports privacy and anonymity for patients. Make sure to address the following:
- How does your solution maintain up-to-date privacy settings based on U.S. federal and state standards?
- Which states do you consider as having unique state privacy requirements and how does the proposed solution address such requirements?
- How will your solution adapt to changes to U.S. federal and state privacy requirements? Specifically, what procedures and mechanisms do you envision as being in place to track, monitor, develop and make changes to the solution as privacy requirements at the U.S. federal and state level change?
- How does your solution go beyond U.S. national and state standards to enable individuals to set and update detailed privacy settings (e.g., which providers can see which portions of their health record)?
- How does your solution provide for audit trails and time stamping when changes are made?
- How do you protect patients’ privacy settings? (e.g., cryptographic keys or other means)
- How does your solution designate a proxy or delegation for records access?
4. SCALABILITY
- Describe how your solution can be scaled to serve the entire U.S. population and visitors to the U.S. Make sure to address the following:
- How will every user for the next 120 years have a unique identifier?
- What % of the U.S. population do you estimate can be handled by your solution?
- How is your solution able to handle the entire population, regardless of culture; gender; language spoken; physical, mental or emotional challenge; educational ability and illiteracy; socioeconomic level; and access to and familiarity with electronic devices? For any subgroups that would be challenging for your solution, please describe why and how your solution mitigates this challenge.
- How is your solution able to handle visitors to the U.S.? Describe any exceptions.
- How will your solution maintain high speed, security, and accuracy as it expands from initial implementation enrollment level to full implementation of the entire U.S. population and visitors who access healthcare?
5. ADOPTABILITY
- Describe how and why your solution will be adopted by the majority of stakeholders in the U.S. Make sure to address the following:
- How does your solution transfer data to other software platforms? How is your solution modified to meet future standards in data transfer?
- What standards does your solution use and how is the solution upgraded as standards change?
- What will state and U.S. federal entities (e.g., Medicare, Medicaid, VA) need to modify to use your solution? Note: consider ease of modification to their systems, adherence to state and U.S. federal requirements, etc.
- How do IT systems (such as electronic health records, practice management systems, regional health exchange systems, payer systems) need to be modified in order to use your solution?
- Why will your solution cause a high percentage of patients to participate compared with other possible solutions?
- Why will your solution cause a high percentage of non-patient entities (such as payers, providers, EHR vendors, etc.) to adopt your solution?
6. IMPLEMENTATION
- Describe how your solution will start and then roll out across the U.S. Make sure to address the following:
- What are the stages, milestones, and timeline for a full U.S. implementation?
- What is your estimate of the total cost for a full U.S. implementation over a five-year period? Please provide as much of a breakdown as possible, including separate line items for development, beta testing, education and training and deployment.
- Who do you envision bearing this cost, and what is the rationale for thinking that this plan will work?
7. OTHER VALUABLE FEATURES AND FUNCTIONALITY
- Describe any other value-added features or functionality that differentiate your Solution as the leading national patient identifier solution.
8. LIST OF CITED REFERENCES AND ATTACHMENTS
Final Innovation – Phase I Judging
During this phase, submissions will be evaluated and, in some cases, more information may be requested.
Proposals will be evaluated by the criteria listed below.
Final Innovation Round Criteria |
Points |
Patient Enrollment and Identification |
25 |
Security and Fraud Management |
15 |
Privacy and Anonymity |
15 |
Scalability |
15 |
Adoptability |
15 |
Implementation |
15 |
**Bonus Points for Additional Features and Functionality |
5 |
Judging Panel Presentations
A number of finalists will be selected to demonstrate their prototypes and answer questions for the judges. Innovators will demonstrate the functionality of their solution and answer any questions from the judges. Innovators must be prepared to submit their prototypes by a maximum of 30 days post selection.
Winners Announced
After judging has completed, the Finalist with the highest score from judging will be awarded the prize and declared the winner of the Challenge. All innovators that submit complete and viable solutions will be awarded a CHIME Healthcare Innovation Trust Certificate, recognizing their achievement and participation in the Challenge. The announcement will be held in a public setting TBD.
Challenge Guidelines are subject to change. Registered competitors will receive notification when changes are made, however, we highly encourage you to visit the Challenge Site often to review updates.