Preventing Patient Identification Errors

By Patricia Hughes, RN, MS, CPHRM, FASHRM; Robert J. Latino; and Timothy Kelly, MS, MBA

Too often, patient identification errors only receive their due attention after a serious mistake occurs, such as one that results in patient harm. These “sentinel events,” as termed by The Joint Commission, persist despite numerous technological advances and initiatives to focus attention on the issue.

Furthermore, although commonly associated with surgeries, identification errors are not limited to surgical workflows, or to events that cause permanent harm or prompt a life-sustaining intervention; they can occur in any healthcare setting, including inpatient, outpatient, long-term, and ancillary locations. The ECRI Institute notes that more than 7,000 patient identification events, many with serious consequences, were found in its database over a period of about 2.5 years (ECRI Institute, 2016).

Another analysis of more than 1 million medication orders found that 0.064% of those orders were associated with a misidentified patient (Levin, Levin, & Docimo, 2012). While this is a very small percentage, it still means 640 medications were—or could have been—given to the wrong patient. No healthcare organization desires that level of risk, considering the potential consequences to its finances, reputation, and patient trust.

The good news is that patient identification errors are highly preventable with the right identification analyses, workflows, and safeguards in place. Deterrence requires instilling a culture—from the top down—that encourages and rewards proactive assessment of misidentification risk across the continuum of care.

Here are three ways to diagnose the causes (and potential causes) of patient misidentification, and to prevent such errors so that a safety-focused culture can thrive:

  1. Analyze your identification processes

Healthcare is an analytical, outcomes-oriented profession. Yet because providers face tremendous time pressures, assessing the root causes behind any given problem often is put on the back burner. Before organizations can find solutions to patient identification errors, however, a root cause analysis (RCA) based on past misidentifications should be conducted.

Pinpointing root causes can help provider organizations understand the reasons or contributing factors behind noncompliance. Sometimes, for example, staff fail to follow existing and correct protocols. In other instances, staff might follow the protocols, but the protocols themselves are inadequate. An RCA will often identify multiple causal factors that, when addressed, can go a long way toward preventing the recurrence of the error.

Some personnel may feel that RCA exercises are too time-consuming. Yet with a skilled analytics partner, the right staff members, and adequate data, a formal RCA should not take longer than a few meetings with a properly prepared team—and it will bring benefits that are much longer lasting.

Similarly, consider conducting a Failure Modes & Effects Analysis (FMEA). In an FMEA, each potential failure mode in a system is analyzed to determine what might happen. Each failure mode is then rated based on its probability to occur, as well as the severity should it occur. For example, a hospital could conduct an FMEA on its patient identification system and identify potential failure modes at each step in that system. Each potential failure mode’s impact on the organization would be rated on a scale from minor to catastrophic. This allows stakeholders to conceptualize how specific errors might affect the entire health system, instead of viewing patient identification as just a task (Latino, 2017).

  1. Add safeguards to clinical workflows

Once an RCA and/or FMEA are conducted, healthcare organizations often realize that it is insufficient to verify patient identity solely through name and date of birth. Case in point: A database analysis conducted of 3.5 million patients in the Harris County, Texas, hospital district found 231 patients named Maria Garcia who shared the same date of birth (Harris Health System, 2011).

With that thought in mind, one risk mitigation strategy is to adopt wristbands that include patient photographs as well as barcodes to be scanned before care occurs. Some organizations, such as the Harris County Hospital District, are implementing biometric identification methods such as fingerprint, retina, or palm print scans.

To support identification safeguards within the electronic health record (EHR), organizations can also follow recommendations in the SAFER checklist created by the Office of the National Coordinator for Health Information Technology (, 2014). This 14-point self-assessment helps organizations ensure EHR tools are leveraged to prevent patient identification errors. Such methods include warning when multiple patients have the same first and last name, as well as limiting the number of open and active records of patients on any given workstation. (To ensure compliance, some EHR safeguards should include “hard stops” that prevent override capability.)

  1. Empower patients and staff

Another prudent patient identification step is to involve the patient before a procedure as much and as early as possible. For example, have patients review and sign their consent forms—with particular attention to the listed procedure and surgical site—during their pre-procedure office visits, not shortly before the procedure occurs when they may be worried, distracted, or even under sedation. Then review the contents of the consent during the pre-procedure verification and/or the preoperative timeout. Verification employing the detailed consent is the best mechanism for preventing wrong-patient/wrong-procedure/wrong-site surgery (Clarke, Johnston, & Finley, 2007).

Similarly, empower your staff and patients with education, a script, and a process for spoken identification. Staff need to prepare patients by setting the expectation that identity verification is a serious safety measure—not provider confusion or an impersonal exercise—so patients will be required to state their names, dates of birth, or other identifiers multiple times. Staff and clinicians should also feel empowered to voice concerns when they believe a patient identification step is ineffective, or if they have new verification ideas.

Creating a proactive
safety culture

Earning provider and staff buy-in by actively seeking input can help organizations instill a culture where proper patient identification compliance is embraced, rather than simply endured. The resulting error elimination can yield immeasurable care quality, financial, and satisfaction benefits for all stakeholders—but especially for providers and patients.

About the Authors:

Patricia Hughes, RN, MS, CPHRM, FASHRM, is senior vice president of healthcare risk management at OneBeacon Healthcare Group. 

Robert J. Latino is CEO of Reliability Center, Inc.

Timothy Kelly, MS, MBA, is director at Taylor Healthcare.



Clarke, J. R., Johnston, J., & Finley, E. D. (2007). Getting surgery right. Ann Surg, 246(3), 395–403.

ECRI Institute (2016, April 13). Top 10 patient safety concerns for healthcare organizations: 2016. Retrieved from

Harris Health System (2011, April 5). Harris County Hospital District puts patient safety in the palm of your hand [Press release]. Retrieved from (2014, January 29). Patient identification. SAFER Guides. Retrieved from

Latino, R. (2017, April 12). FMEA analysis. System analyzed: Patient identification process. SMARTworks iMedConsent™ Solution website. Retrieved from

Levin, H. I., Levin, J. E., & Docimo, S. G. (2012). “I meant that med for Baylee not Bailey!”: A mixed method study to identify incidence and risk factors for CPOE patient misidentification. AMIA Annu Symp Proc, 2012, 1294–1301.