Needle stick injuries: occupational hazards and prevention

Patient Identifiers

The Importance of Patient Identifiers

Adverse events as a consequence of medical treatment are now recognized to be a significant source of morbidity and mortality around the world (World Health Organization [WHO], 2005). Somewhere between 3 and 5% of all hospital admissions in the United States result in an adverse event, and in 1999 it was estimated that the majority of the 44,000 to 98,000 deaths caused annually by medical mistakes could have been prevented (reviewed by Leape, 2000, and WHO, 2005).

The sources of adverse events can be divided into clinical practice, defective or poorly maintained products, improper procedures, or an organizational system. The World Health Organization (2005) concluded that systemic failures are the primary source of adverse events, and can be attributed to a particular organization's patient care strategy, culture, attitudes toward managing quality of care and risk prevention, and the ability to learn from mistakes. In other words, the work environment plays a dominant role in determining the prevalence of adverse events for a particular organization. For example, if an organization punishes employees for reporting mistakes, then mistakes won't be reported and corrective actions can't be taken to prevent future mistakes. Negligence or a lack of proper training was found to be relatively minor causes of adverse events when compared to an organization's system of operation, but negligence is still responsible for approximately 30% of all adverse events in U.S. hospitals (reviewed by Brady et al., 2009). One of the primary concerns regarding negligent practice is patient misidentification, which can potentially result in a number of catastrophic outcomes for the patient.

The Recognized Importance of Correct Patient Identification

The first goal listed in the Hospital National Patient Safety Goals for hospital accreditation by The Joint Commission, the primary hospital accrediting agency in the United States, is correct patient identification (The Joint Commission, 2010). The Joint Commission recommends using at least two patient identifiers at the bedside, which can include the following:

Patient Identifiers March 17, 2011

12

Medical record number

Telephone number

Or another form of identification specific to the patient.

A patient's bed or room number should not be used to identify a patient for purposes of administering medications or transfusions, taking laboratory specimens, processing patient admission and discharge, transporting to surgery, another clinic, or hospital, or any other procedure that could potentially harm a misidentified patient. Whenever possible, a patient should be positively identified with at least two identifiers in the patient's presence. This procedure applies to the labeling of laboratory specimen containers.

The Association of Surgical Technologists (2006) published a white paper recently, elaborating further the proper procedures for correctly identifying patients. In addition to the two or more identifiers recommended above, the following can also be used to establish the patient's identity:

Date of birth

Social security number

Address

Photo ID

The recommended times for confirming the patient's identification are during the scheduling of surgery, when transferring a patient to another location, prior to sedation, and prior to entry into the operating room. Wrist band information should match the patient's chart and transfer slip, and when possible a verbal confirmation should be received from the patient or authorized representative regarding the surgical procedure(s) to be performed.

Two perioperative 'time outs' are also recommended (Association of Surgical Technologists, 2006). The first should occur immediately prior to bringing the patient into the operating room, for the purpose of having the patient state their name, social security number or date of birth, and site of surgical procedure. This information should be matched to the patient's wristband, informed consent, and operating room schedule. The second time out should occur in the operating room just prior to the start of the surgical procedure, and involves a verbal confirmation of patient identity, procedure, location, and when applicable, implants.

In situations where the patient is unable to provide verbal confirmations of identity, a family member or designated representative can confirm the patient's name, the procedure(s) to be performed, and the location of the surgery (Association of Surgical Technologists, 2006). If the patient is a minor, the patient's identity and surgical procedure should be confirmed with both the child and parent or legal guardian. All patients should wear a wristband or bracelet that provides positive identification, and hospital wristbands, if removed during surgery, should be kept with the patient's chart and placed back on the patient immediately after surgery. It should also be emphasized that wristbands shouldn't be considered an acceptable substitute, under normal circumstances, for the two or more patient identifiers recommended by The Joint Commission (2010).

Special Care is Emphasized for Transfusions

The Joint Commission provides additional instructions for positively identifying a patient prior to initiating a blood transfusion (The Joint Commission, 2010). A two person team is recommended and at least one member should be the person that will conduct the transfusion. The second member should be qualified to conduct a blood transfusion. When an automated patient identification system is available, this can substitute for the second team member.

Both members of the team should positively identify the patient using at least two identifiers. The blood to be transfused should be matched to the order and the patient should be matched to the blood component. A similar approach has been used by nursing staff when administering medications in hospitals in England (Duxbury et al., 2010).

The Prevalence of Patient Identification Errors and Associated Adverse Events

Obtaining accurate measures of the prevalence of patient misidentification is difficult. People in general are typically unwilling to admit to having made a mistake, and in some hospitals, doing so could elicit sanctions. In spite of this limitation, researchers have attempted to determine how often patients are misidentified, and how often this results in an adverse event, by examining specific services or procedures that take place in a hospital setting.

Misidentification of Laboratory Specimens

In a study of venous blood specimen collection procedures in Sweden, 9.6% of the nurses, psychiatric orderlies, and laboratory technicians failed to ask the patient their name or identification number (Wallin et al., 2010). Another 17% failed to check patient identity because they personally knew the patient, 43% relied on the patient's ID card, and 79% failed to check patient wristbands.

In a study of laboratory specimen identification errors conducted within the United States (Valenstein, Raab, and Walsh, 2006), 0.0324% of samples were found to be misidentified prior to sample verification, and 0.0055% of misidentified samples made it through the verification process and were released to the patient's physician. Of the misidentified laboratory results released, 1 in 18 resulted in an adverse event. Based on these results, the authors estimated that close to 160,000 adverse events are caused by misidentification of patient laboratory specimens each year.

Valenstein, Raab, and Walsh (2006) found a significant inverse relationship between the number of preverification and postverification errors (p < 0.001) for a subset of the laboratories included in their study of specimen misidentification. This result was interpreted as being symptomatic of stringent patient safety protocols that resulted in higher rates of catching specimen misidentification errors early in the process. The variability in laboratory quality based on this measure was considerable, ranging between 30 and 95% of misidentified samples being caught before release. Over 50% of misidentification error was due to mislabeling of the primary specimen, and 22% was due to computer registration and order entry errors.

Another study examining the prevalence of laboratory specimen errors, found that approximately 0.1% of laboratory samples were either mislabeled (8.4%), unlabeled (38.6%; missing one or more of the two required patient identifiers), or represented a mismatched requisition (52.9%; Wagar, Tamashiro, Yasin, Hilborne, and Bruckner, 2006). Intensive care units generated twice as many specimen errors as other clinics, which the authors suggested was the result of working in a more complex care environment. Patient safety initiatives were introduced during the two-year period of the study and the category of labeling errors that improved the most was mislabeling (p < 0.001), from an average of about 21 errors per month to less than 1. The authors of this study believed mislabeling errors represented the greatest threat to patient safety because they are the hardest to detect and because the actual prevalence for this type of error is unknown.

Misidentification during Blood Transfusions

The prevalence of labeling error identified by a blood transfusion service in Scotland was examined by researchers (Ibojie and Urbaniak, 2000), but instead of counting only incidences resulting in mistransfusions, the researchers also counted the number of labeling errors that were detected before any harm could be done to the patient (near misses). The rate of mistransfusions was 1 out of 27,007 units of blood supplied, but when near misses were also counted the rate was four times as high at 1 out of 6,752 units. Notably, 23 out of 28 errors recorded during the study period were related to improper identification of the blood donor or recipient (n = 16) or mistakes in labeling the specimen (n = 7). Only 5 errors occurred at the blood blank laboratory despite processing 189,046 units of blood. Non-compliance with existing patient safety guidelines represented 95.2% of all errors found, which suggests the vast majority of errors were preventable.

Misidentification during Medication Administration

During a study observing nurse-patient interactions in three hospitals in England, close to 7% of nurses failed to ask the patient's name when administering medication in an acute mental health care setting (Duxbury et al., 2010). The failure to positively identify the patient before administering medication violated the patient care guidelines set forth by the Nursing Midwifery Council. This was particularly troubling since two nurses made the medication rounds, with one acting as an observer. Medication errors are the most common source of preventable adverse events, and are believed to have led to the deaths of 1200 patients in England and Wales in 2001 (reviewed by Brady, Malone, and Fleming, (2009).

The Role of Automated Patient Information Systems

The implementation of barcodes to help lower error in identifying the correct medication to administer has reportedly reduced medication errors by 65 to 74% (reviewed by Marini, Hasman, Huijer, and Dimassi, 2010). The use of automated patient information tools lowers medication administration errors by helping to confirm the 8Rs:

Right medication

Right dose

Right patient

Right route

Right time

Right assessment

Right reason

Right documentation

The implementation of computerized physician order entry systems lowered the rates of medication administration errors by another 81%, due in large part to the elimination of handwritten prescriptions, and in some organizations by forcing physicians to provide more complete prescribing information (reviewed by Marini, Hasman, Huijer, and Dimassi, 2010). The use of patient ID wrist bands is also believed to have helped reduce patient identification errors (reviewed by Evans, 2009). Unfortunately, a one year study conducted at an Australian metropolitan hospital found the rate of patient misidentification approached 3% because in many cases patient ID bands were not being replaced after the completion of procedures (Tran and Johnson, 2010). The primary outcome of patient misidentification in this study was patients receiving unnecessary or inappropriate tests, thereby putting the health of the patients at risk, delaying appropriate treatment, and increasing the cost of providing care.

Although implementation of automated patient information tools have helped reduce errors dramatically, new concerns have arisen because some health care workers may be becoming complacent by relying too heavily on these tools to catch errors. The importance of combining the automated information tools with health care worker diligence was revealed when it was discovered in one hospital that patient wrist band barcodes were being misread by scanners at a rate greater than 1 in 84,000 scans (Snyder, Carter, Jenkins, and Frantz, 2010). Misread barcodes were attributed to faulty printers and scanners with unexpectedly high error rates. In addition, scanning error was found to be increased by poor scanning angles and damaged or wrinkled wristbands.

The better approximation of the true prevalence of patient misidentification was provided by an ingenious intervention program instituted at a major academic medical institution. Administrators at the UCLA Medical Center came up with a plan to employ student observers to record health care worker habits during the checking of patient identity before medication administration and handoffs to hospital escorts (Rosenthal, Erbeznik, Padilla, Zaroda, Nguyen, and Rodriquez, 2009). During the 2-1/2-year study period the frequency of checking two patient identifiers during medication administration went from about 60% to over 90%. The frequency of bedside verification of patient name and medical record number during handoffs to escorts went from about 20% to almost 90% during the same period. The use of student observers, and providing end-of-the-day feedback to charge nurses, was believed to be the primary factors contributing to improved patient safety policy compliance. The authors of this study pointed out that it took close to 14 months of observation and feedback to cause a noticeable shift in health care worker habits, which hints at the intractable nature of the old habits.

Legal Restrictions on the Use of Patient Identifiers

The Privacy Rule

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) established a mandate to protect the personal health information of individuals, and the task of developing the rules to fulfill this mandate fell to the Department of Health & Human Services. The final version of the Privacy Rule (Standards for Privacy of Individually Identifiable Health Information) was published in 2002 and has effectively changed not only how protected health information (PHI) is handled and controlled, but established a viable means for enforcement (Office of Civil Rights [OCR], 2003).

The Privacy Rule defines who must protect personal information generated, retained, and utilized as a result of providing health care. These 'covered entities' include health care providers, health plans, health care clearinghouses, and any contractors who are required to handle PHI (OCR, 2003). PHI personal identifiers, demographic information, health history, health condition, prognoses, treatments and services rendered, and financial transactions related to health services and care. Personal identifiers that fall under the Privacy Rule's protection include name, address, birth date, social security number, etc.…, the same information that's crucial to ensuring patient safety.

HIPAA lists 18 patient identifiers that should be protected:

2. Geographic location information smaller than a state, i.e., patient's address

3. Any date related to the patient, such as birth date, admission date, discharge date, date of death, and any ages over 89

4. Phone numbers

5. Fax numbers

6. Email addresses

7. SSN

8. Medical record numbers

9. Health plan beneficiary numbers

10. Account numbers

11. Certificate/license numbers

12. Vehicle identification numbers

13. Device identifiers and serial numbers

14. URL addresses

15. IP addresses

16. Biometric identifiers, including fingerprints or voice prints

17. Full face photographic images and any comparable images

18. Any other unique identifying number, characteristic, or code (excludes unique codes assigned by an investigator to code the data)

The information protected under the Privacy Rule can be used and released by covered entities under the following conditions (OCR, 2003):

To the patient

To treat and provide services to the patient

By verbal permission from the patient or patient representative, typically as part of efforts to provide care

Incident to a permitted use or disclosure, as long as reasonable safeguards were observed

When required by:

Law: judicial proceedings, law enforcement investigations, as evidence of criminal activity (abuse, neglect, or violence), when handling the corpse of a patient, military missions, and intelligence and national security activities authorized by law

Public health activities/emergencies

Oversight agencies

Tissue and organ donation procedures

Research purposes

Worker's compensation programs

Health information can be de-identified, or stripped of any personal information that could link health-related information to a specific individual (OCR, 2003). This can be done by passing the information through a covered statistician who converts protected health information into numerical quantities, or by stripping personal identifiers from the remaining health information. Information that's been de-identified is no longer PHI under the Privacy Rule.

Covered entities are also required to adhere to a principle of the 'minimum necessary'. This principle requires covered entities to only request and store the minimum amount of protected health information required to provide health care to the patient. Covered entities must also establish reasonable safeguards and procedures to protect personal health information (OCR, 2003).

Security Rule

HIPAA also explicitly mandated that covered entities that handle protected health information electronically take all necessary and reasonable precautions to protect and control this information (National Institutes for Standards and Technology, 2008). For health care workers, this will mean being given only the minimum level of access to electronic protected health information (EPHI) required to perform their duties and facing sanctions should violations of this rule occur.

Patient Safety and Quality Improvement Act of 2005

In continued pursuit of improving patient safety and privacy concerns in the health care setting, Congress passed the Patient Safety and Quality Improvement Act (PSQIA) in 2005. The final rule was published by the Department of Health & Human Services (DHHS) in 2008. This Act establishes a legal framework that provides a confidential and privileged route for care providers to report patient safety concerns to Patient Safety Organizations (PSOs). The purpose is to provide a way to track, assess, and institute policy changes to improve patient safety, without fear of legal liability.

Area of Greatest Learning

If the research literature can be used as a guide, patient misidentification threatens patient safety primarily during medication administration, transfusions, laboratory specimen gathering, and invasive procedures. Patient misidentification during these procedures risks the health and lives of patients, and costs hospitals billions of dollars a year in unnecessary or incorrect procedures, and liability settlements (WHO, 2005).

For patient safety to improve significantly though (Who, 2005), hospitals will have to institute and standardize the use of individual-specific identifiers as required for hospital accreditation by The Joint Commission (2010). Remedial interventions targeting individual health care workers because of their poor performance will only have a minimal impact on reducing patient misidentification error rates, when compared to instituting system-wide policy changes.

Recommendations for Change

Of the studies mentioned that directly or indirectly investigated the prevalence of patient misidentification and related adverse events, the one that seems to be the most revealing is the use of student observers at the UCLA Medical Center (Rosenthal, Erbeznik, Padilla, Zaroda, Nguyen, and Rodriquez, 2009). This study and several others commented on the difficulty of obtaining objective, empirical evidence for the true prevalence of patient misidentification. Although the authors of the UCLA study admitted their method could not be considered scientifically rigorous, one fact was made clear: at the beginning of the study the frequency of using two identifiers at bedside before administering medications or handing off patients to hospital escorts was 60% and 20%, respectively. It's unlikely that these rates would have been higher in the absence of the observers, so the low rate of compliance with hospital patient safety guidelines should be a wakeup call for hospital administrators nationwide.

In addition, the UCLA study revealed that it took over a year to improve health care worker habits despite the presence of student observers and updating charger nurses daily about violations. Other than employing student observers, repetitive training might be sufficient to send the message that patient safety is a priority. If this initial training session is followed by additional training sessions periodically over the course of a year or more, maybe this message will be reinforced enough times that health care worker habits will begin to change for the better. Spot checks by supervisors and confederates, together with patient follow-up evaluations, could be used to promote and track compliance.

Only a decade has passed since the release of the Institute of Medicine's report on patient safety issues in American hospitals (reviewed by Leape, 2000). Improving patient safety by changing health care worker habits is a relatively new concern and therefore this area of research is underdeveloped. Empirical studies concerning the best methods for improving patient safety are essentially non-existent and should therefore be aggressively funded.

Recommended Course on Patient Identifiers

Goals and Framework

The use of patient identifiers is critical to patient safety, but at the same time patient identifiers must be safeguarded against inappropriate disclosure to non-covered entities as defined by HIPAA. Since patient safety is the primary concern, this class will focus on training nursing students and nurses in the proper use of patient identifiers. Only after these principles have been taught, will the regulations covering the handling and release of protected health information be presented.