National learning report: Positive patient identification

This national learning report (NLR) draws on findings from investigation reports completed by the Healthcare Safety Investigation Branch (HSIB) that considered the risks associated with patient identification. ‘Positive patient identification’ is correctly identifying a patient to ensure that the right person receives their intended care. To support patient identification in England, the patient’s NHS number should be used alongside other identifiers, such as their name, date of birth and address.

Patient misidentification is where a patient is identified as someone else. This may mean that a patient does not receive the care meant for them, or that they receive the care meant for someone else. Patient misidentification was highlighted as a risk to patient safety by the National Patient Safety Agency in the early 2000s. Despite the time that has passed, patient misidentification remains a persistent risk to patient safety that can result in significant harm.

The aim of this NLR was to combine and analyse HSIB’s previous investigations and relevant international research literature, with the goal of informing national learning and influencing national actions to help reduce the risk of patient misidentification.

This NLR has used the following approaches and has combined the findings to make safety recommendations and safety observations.

• Secondary analysis: six previous HSIB investigation reports were analysed to identify themes around the factors that lead to patient misidentification.
• Review of HSIB’s safety interventions: safety recommendations and safety observations from the HSIB investigation reports were categorised to explore how they aimed to reduce the risk of patient misidentification.
• Review of the literature: 12 review articles around new and developing opportunities to reduce the risk of patient misidentification were identified and their findings collated.

• Patient misidentification is challenging to address and previous efforts to reduce the risk have not been as successful as hoped. There may be a benefit in proactively ensuring that processes for identifying patients are safe, rather than reacting to incidents of harm.
• Positive patient identification is seen as a routine task, but is common, complex and critical for patient safety. It relies on staff following instructions described in policies and procedures, which might not always be fully appropriate to the circumstances within which staff are identifying patients.
• Patients are at higher risk of being misidentified in certain situations and settings. Examples include handovers and when care is transferred between different healthcare organisations.
• The risk of patient misidentification is underestimated and patient misidentification can result in significant harm to patients. Under-recognition of the risk is preventing allocation of already limited safety resources to further mitigate the risk.
• The main control in preventing patient misidentification in England is the NHS number. However, there is sometimes no, varied or limited use of the NHS number in clinical practice due to various factors.
• Technology alone is unlikely to reduce the risk of patient misidentification. Work systems involving people, technology and tools need to be designed to improve identification processes.
• The designs of current software and identification processes may be disadvantaging some patient groups (for example, patients with a disability or of certain cultural backgrounds) due to limited consideration of their needs.
• It is not yet possible to eliminate the risk of patient misidentification. However, a series of interventions – including using new technologies and optimising workplaces – may help to reduce the risk.
• When a patient is misidentified, it is difficult to correct the misidentification and ensure their records are made accurate.

HSSIB makes the following safety recommendations

HSSIB makes the following safety observations

HSSIB suggests the following safety actions for integrated care boards

1.1.1 ‘Positive patient identification’ is correctly identifying a patient to ensure that the right patient receives their intended care. Care may include tests for diagnosing health problems and routine or emergency treatments.

1.1.2 Patient identification is a process undertaken every time a patient is in contact with healthcare staff. This means it is a frequent necessity to identify patients, sometimes over long periods of care. The process involves an initial identification of the patient, and then repeated verifications of their identity as care progresses. For each identification and verification, national bodies and local organisations describe the steps required in policy documents, such as in figure 1.

1.1.3 To support identification, the patient’s NHS number should be used as a unique identifier (National Patient Safety Agency, 2009), alongside other identifiers such as the person’s name, date of birth and address. In some healthcare settings, patients will be given an identity wristband with information including their name, date of birth and NHS number.

Figure 1 Example process for patient identification where a patient does not have a wristband (adapted from, Healthcare Safety Investigation Branch, 2021a)

NHS number

1.1.4 The NHS number is a 10-digit number that is unique to a person. It is assigned at birth or the first time a person receives NHS care in England. The number is also used in Wales and the Isle of Man. The number remains with the person for life, but a new number may be assigned for reasons such as adoption or gender reassignment (NHS, 2019).

1.1.5 An NHS number is documented on most NHS documents that are specific to a person, such as prescriptions, test results and appointment letters. A person can also find their NHS number using the NHS App (NHS, n.d.a) and through the NHS’s online services (NHS, n.d.b).

1.2.1 ‘Patient misidentification’ is where a patient is identified as someone else. Misidentifications can result in a patient not receiving the care meant for them, or receiving the care meant for someone else. Patient misidentification has long been recognised as a safety risk in the NHS (National Patient Safety Agency, 2004) and is a persistent issue internationally (Emergency Care Research Institute, 2022).

1.2.2 In England, guidance and national alerts published between 2004 and 2018 have encouraged healthcare organisations to consider their processes for reducing the risk of patient misidentification (see table 1). The guidance includes mandating the use of the NHS number to identify patients. However, cases of misidentification continue to occur.

Table 1 Guidance and national alerts around the misidentification of patients published 2004 to 2018

Risk of patient misidentification

1.2.3 HSIB received several referrals relating to patient misidentification (for an example, see section 2). HSIB also undertook investigations into patient misidentifications, as outlined in appendix 6.1.

1.2.4 HSIB’s previous investigations showed the actual and potential harms that can result from a patient being misidentified, such as a patient undergoing a procedure not meant for them (Healthcare Safety Investigation Branch, 2021a). Other national publications have also highlighted the harms that can occur (for example, Serious Hazards of Transfusion, 2021). Patients have suffered and continue to suffer significant physical and psychological harm as a result of being misidentified as someone else.

1.2.5 While the potential for harm from patient misidentification is recognised, the likelihood of it occurring – and therefore the risk to patients – is underestimated by healthcare services (Ferguson et al, 2019). The reasons the risk is underestimated include: under-reporting of safety events; reporting of misidentifications as something else, such as ‘medication administration incidents’; and limited understanding about why misidentifications occur (Bártlová et al, 2015; Ferguson et al, 2019; Levin et al, 2012). In addition, the risk to patients will vary depending on the healthcare settings and situation within which identification is undertaken. Two HSIB investigations found that patient misidentification was a hidden risk in the organisations involved, the extent of which was unknown (Healthcare Safety Investigation Branch, 2021b, 2022).

1.2.6 It is difficult to evaluate the risk of patient misidentification as there is no single comprehensive source of information, and not all misidentifications are reported. However, during the development of this NLR, HSSIB identified the following:

• Several studies in the research literature have considered the risk of misidentification. For example, one study reported that misidentifications accounted for around 70% of adverse outcomes, including reactions to wrong blood, unnecessary surgery and delayed cancer diagnoses (Dunn and Moga, 2010). Another study reported that adverse events resulted from one in every 18 misidentifications in a laboratory (Valenstein et al, 2006), while another found that up to 20% of misidentifications in laboratories translate into harm (Lippi et al, 2017).
• Policy publications include examples exploring the risks of patient misidentification, including that misidentification during transfusion is a challenge and causes harm (Bolton-Maggs et al, 2013). An investigation of around 8000 wrong-patient events between 2013 and 2015 included events that resulted in patient deaths (Emergency Care Research Institute, 2016).
• A review of the Strategic Executive Information System (StEIS) for incidents relating to misidentification found 171 reported as occurring between 1 April 2017 and 1 January 2023. These are ‘serious incidents’ that have resulted in actual or potential significant harm to patients.
• Several HSIB maternity investigations involved misidentifications of women and babies. These included misidentifications while using software and other technologies, and when labelling samples such as blood and urine.

1.3.1 HSIB investigations showed that patient misidentification occurs in different healthcare settings and that the likelihood of it occurring may be greater than recognised. HSIB undertook four national investigations (Healthcare Safety Investigation Branch, 2019, 2020, 2021a, 2023) and two local investigations (Healthcare Safety Investigation Branch, 2021b, 2022) that considered events where a patient was misidentified appendix 6.2.

1.3.2 The investigations identified factors that contributed to misidentifying patients across different healthcare settings and situations. It was proposed that the findings should be combined for national learning and the development of safety recommendations. As the proposal met HSSIB’s criteria for the launch of an NLR (see appendix 6.1), the Chief Investigator authorised this publication.

Aim of this report

1.3.3 The approach taken to develop this NLR is described in appendix 6.1. This NLR combined and analysed previous HSIB investigations and relevant international research literature, with the goal of informing national learning and influencing national actions to help reduce the future risk of patient misidentification.

This section describes the findings of HSSIB’s secondary analysis of HSIB’s relevant investigations (see appendix 6.2). Coding was based around the Systems Engineering Initiative for Patient Safety (Holden et al, 2013). Investigation reports and quotes from the reports are cited in this section, and the coding is available in appendix 6.3.

HSIB also received several other referrals related to the risk of patient misidentification that have not been included in this analysis. One such referral is shared in box 1. HSIB did not investigate the referral, but heard about the events from the patient’s wife.

Box 1 HSIB referral of a patient misidentification, based on a narrative from the patient’s wife

2.1.1 The HSIB investigations included in this report considered events in a variety of inpatient and outpatient settings. In each, there was an initial misidentification of a patient and then ongoing misidentifications when the patient’s identification was verified.

2.1.2 The term ‘initial misidentification’ relates to the first point at which a patient is misidentified as someone else. In the investigations, these misidentifications occurred when the patient was initially admitted to hospital or transferred between organisations, or when tests or administrative tasks were undertaken. Processes to identify patients were found to vary between individual healthcare providers and were inconsistently followed. Staff knew of the existence of local processes, but in some cases the local processes could not be followed as they were written, and so were adapted by staff as needed.

2.1.3 The following paragraphs describe the interactions between staff and their surrounding work systems, and how this affected patient identification.

Local policy and workload

2.1.4 Factors that contributed to patient misidentifications included local policies and their implementation, a high workload, demand on services, and limited management of safety risks.

2.1.5 Local policies varied in their descriptions of how patient identification should be undertaken – for example, what identifiers should be used and the role of the NHS number.

‘The Trust’s patient identification policy did not include use of the patient’s NHS number.’ Healthcare Safety Investigation Branch, 2021b

2.1.6 Policies did not always consider the complexity of the identification process or guide staff on how to deal with particular circumstances. For example, there was limited direction on what to do when two patients on a ward had a similar name (Healthcare Safety Investigation Branch, 2023).

2.1.7 Staff were not supported to ensure they had knowledge of local identification policies.

‘… it was “assumed” that [staff] would know what to do, and any patient identification training was part of “packages” such as medication administration.’ Healthcare Safety Investigation Branch, 2023

2.1.8 There was also limited awareness of the ability of electronic systems to support patient identification, such as where systems matched patients to records and ‘flagged’ patients with similar names (Healthcare Safety Investigation Branch, 2022, 2023). Staff were not educated on these elements when they were trained on these systems.

2.1.9 Increasing workloads led to staff attempting to be more efficient (Healthcare Safety Investigation Branch, 2021a, 2022). This was found to reduce thoroughness – known as the efficiency–thoroughness trade-off (Hollnagel, 2009). There was also an example of where procedures called for reduced thoroughness when the clinical workload was increasing.

‘… at the time of the safety event, because of the number of 999 calls waiting, the Ambulance Trust [emergency operations centre] was using “emergency rules apply” procedures [where 999 call handlers did not need to obtain patients’ names for ambulance crews].’ Healthcare Safety Investigation Branch, 2022

2.1.10 Some organisations knew that the demand on their services had been increasing over time, but there was limited evidence that the organisations had made plans to mitigate the associated potential risks (Healthcare Safety Investigation Branch, 2021a). This was found to be contributed to by under-recognition of the associated risks and limited understanding of the implications.

Local working conditions

2.1.11 The design of the environments within which staff worked and the technologies used were found to contribute to patient misidentification.

2.1.12 ‘The environment’ refers to the physical workspace in which staff undertake patient identification. The design of workspaces had introduced challenges that led to variations in how healthcare workers undertook patient identification. Examples included the visibility of patient information at the bedside (Healthcare Safety Investigation Branch, 2023) and the risk of mixing up information at workstations.

‘… there was a period when nursing and pharmacy records were stored loosely on the nurses’ station and in the red medical record folder, where additional paperwork could easily become attached.’ Healthcare Safety Investigation Branch, 2020

2.1.13 The layout of workspaces was found to affect the space at bedsides for safety-critical tasks, such as labelling blood samples (Healthcare Safety Investigation Branch, 2019). There was also evidence of distractions and interruptions (Healthcare Safety Investigation Branch, 2020).

2.1.14 ‘Technology’ refers to the hardware, software and paper documentation used by staff. Accessibility, availability, usability and functionality issues with software and hardware were found to limit their role in supporting patient identification. Problems with the information displayed on user interfaces were noted.

‘The risk of misidentification within IT systems is influenced by the design of the user interface and how or which information is presented at any one time to support identification.’ Healthcare Safety Investigation Branch, 2021a

2.1.15 Few of the software systems examined offered alerts, prompts or forced stops to minimise the entry of incorrect patient information (Healthcare Safety Investigation Branch, 2022, 2023). Staff were also found to face challenges when accessing software because of limited availability of computers or handheld devices, limited battery life and log-in problems (Healthcare Safety Investigation Branch, 2019, 2023).

2.1.16 The interoperability of technology was also an issue. Software systems did not always communicate in ways that ensured consistent, accurate information was available across systems (Healthcare Safety Investigation Branch, 2021b). The risk of patient misidentification was also increased when paper and digital systems were used alongside each other (Healthcare Safety Investigation Branch, 2020, 2023).

Meeting people’s needs

2.1.17 Each investigation found further factors that contributed to patient misidentification. A potential theme was noted around the design of software and processes that did not account for the diversity of patient populations. Examples included limited consideration of the needs of patients who were unable to self-identify because of memory, reasoning or communication difficulties (Healthcare Safety Investigation Branch, 2022) and with respect to naming and date-of-birth conventions among specific populations.

‘… [The] first names and surnames of patients in South Asian communities could be used interchangeably. In relation to Patient 1, three names were recorded on the NHS Spine, while the Granddaughter gave the Patient’s first two names to the call assessor.’ Healthcare Safety Investigation Branch, 2021b

2.2.1 Several investigations involved patients who went on to receive care under the wrong identifiers. Processes to verify a patient’s identity – for example, at handovers of care, referrals, or when undertaking tests or initiating treatment – did not detect the initial misidentification. At each of these points of care there was an associated local policy that required the patient’s identity to be verified. In practice, however, there was limited formal ongoing verification once the patient’s initial identification had been made.

2.2.2 In some cases, verifications did not occur because staff believed that other colleagues had already identified the patient (Healthcare Safety Investigation Branch, 2020, 2023). Other factors that contributed to ongoing misidentification were the same as for the initial misidentification.

2.2.3 Misidentifications were ultimately recognised by the patients themselves or their families (Healthcare Safety Investigation Branch, 2021a, 2021b), and in two investigations by hospital laboratories when samples were received for blood transfusion requests (Healthcare Safety Investigation Branch, 2019, 2022). The laboratory recognition of the misidentifications demonstrates the scrutiny in those processes.

2.2.4 The investigations in which patients or family members identified misidentifications highlights the role a person plays in their own safety. However, a person may not always be able to recognise that they have been misidentified and, where an issue was raised, it was not always acted on by staff (Healthcare Safety Investigation Branch, 2021b).

‘The Granddaughter noticed that the Patient’s demographic details, which had been printed in the [emergency department], had the wrong address and GP practice ... The nurse crossed out the incorrect address and GP practice and wrote the correct details. It was documented … that they had been “changed on the front sheet for the ward clerk to change [on the IT system] in the day”. This did not occur.’ Healthcare Safety Investigation Branch, 2021b

2.3.1 Multiple investigations noted no or limited use of the NHS number (see section 1.1.4) in clinical practice to support patient identification (Healthcare Safety Investigation Branch, 2021a, 2021b, 2022, 2023). Examples of instances when the NHS number was not asked for included identification at the bedside, in outpatient clinics, and when first attending or admitting emergency patients.

‘Staff told the investigation that the NHS number was not commonly used at the bedside.’ Healthcare Safety Investigation Branch, 2023

2.3.2 The investigations explored factors that contributed to underuse of the NHS number. Factors noted included: limited or no direction in local policies for when staff should use NHS numbers; a normalised reliance on names for identification to speed up processes; wanting to avoid asking patients for their NHS number; and software systems that did not prompt or force the use of the NHS number.

2.3.3 There was also evidence that where the NHS number was used, staff relied on part of the number rather than matching the entire 10-digit number to patient records.

‘Typically, [staff] adopted a shortcut in using the last four digits of the NHS number to complete the matching task.’ Healthcare Safety Investigation Branch, 2021a

2.4.1 Each investigation considered the controls in place to prevent patient misidentification. Controls protect against threats/hazards (Chartered Institute of Ergonomics and Human Factors, 2016).

2.4.2 The investigations found that person (encouragement of individuals to act in a particular way), administrative (safety policies and procedures dictating how staff should undertake processes) and potentially engineered (designed to reduce the chance of an incorrect identifier being selected for a patient) controls were in place. The aim of the controls was to minimise the risk of patient misidentification (figure 2 (a)) and to capture misidentifications during subsequent verifications (figure 2 (b)). These controls were not always effective because additional factors (termed ‘degradation factors’) (see table 2) could undermine their reliability.

Figure 2 The threats and controls (grey boxes) found in HSIB investigations to (a) minimise the risk of patient misidentification and (b) minimise subsequent harm following patient misidentification

(a)

(b)

Table 2 Summary of the degradation factors of the controls in figures 2 (a) and (b), as identified by HSIB investigations

2.5.1 HSIB investigations identified a complicated array of interacting factors in different healthcare systems that contribute to misidentifying patients. Despite national direction to use the NHS number as the unique patient identifier, this does not always happen. Current controls to prevent misidentification rely on the people involved, including the patients themselves. These controls cannot be consistently depended upon to prevent patient misidentification or to identify where a misidentification has occurred.

3.1.1 Relevant HSIB safety interventions from previous investigations were considered in relation to how they aimed to manage the risk of patient misidentification. Safety interventions were categorised using the framework in figure 3.

Figure 3 Categorisation of HSIB safety interventions for reducing the risk of patient misidentification

3.2.1 The aim of reviewing the literature was to identify new and developing opportunities to reduce the risk of patient misidentification. Searches identified 12 review articles (cited in appendix 6.5), published between 2009 and 2022, that were considered in this national learning report. The articles included systematic reviews such as from De Rezende et al (2021).

3.2.2 In summary, the literature review found the following:

• Correctly confirming a patient’s identity depends on the accuracy, availability and usability of identifying information.
• Identifying information may be in physical and/or electronic formats. Physical formats include identity wristbands and laboratory sample labels. Electronic formats include the electronic patient record.
• Many healthcare settings rely on patients identifying themselves through a verbal communication process, such as in figure 1.
• The reliability of different patient identification procedures has not been widely studied.
• There is evidence that new technologies and ways of working can have a significant positive impact on patient identification.

Role of technology in identification

3.2.3 There is much focus in the literature on technology and its role in supporting patient identification. The term ‘technology’ encompasses the physical design of patient identifiers, the functionality and usability of electronic patient identifiers, the use of devices to support patient identification, and implementing information standards.

3.2.4 The use of technology designed to help staff identify patients has shown significant reductions in misidentification incidents in research. As per De Rezende et al’s (2021) systematic review, examples of technology include functionality of test ordering systems, patient photographs in electronic records, and barcode patient identification. However, the systematic review also described the quality of evidence to be ‘very low’ due to limitations in study designs.

3.2.5 Not all the technologies that have been studied have been able to demonstrate sustainable changes to the practice of patient identification, and some have led to the loss of earlier improvements in safety. Staff adaptations (where staff bypass a problem or limitation found in the technology) continue to pose problems for implementing and sustaining the use of many technologies, including barcode/QR code systems. Those adaptations are required because the design of the technology has not considered the system within which it is to be implemented. Adaptations were found in the research literature in system-level patient matching, order entry and charting, medication management, point-of-care testing, radiology and laboratory medicine, including transfusion and pathology (see appendix 6.5).

3.2.6 The need for staff adaptations suggests that technology has been introduced without recognising what staff need to do their jobs effectively. This highlights how technology alone cannot remove the risk of patient misidentification. Work systems – involving people, technology and tools – need to be designed to support improvements in the reliability of identification processes.

3.3.1 This review of HSIB’s safety recommendations and safety observations using an aggregated approach suggests that it is not yet possible to eliminate the risk of patient misidentification. Rather, a series of safety interventions are needed to attempt to control the risk. For those interventions to succeed, the workplaces within which they are implemented need to be fully understood and optimised to support effective implementation.

3.3.2 The research literature describes opportunities for the increased use of technology to support patient identification. Workplaces need to be designed to support the use of technology, but it must be recognised that technology alone is unlikely to be solve the problem of patient misidentification.

4.1.1 The process of patient identification is complex and safety-critical. It requires staff to adapt to varying and often changing circumstances, and there is potential for significant harm if a patient is misidentified. Multiple interacting factors influence the performance of staff (see section 2.1), and it is therefore unlikely that each patient identification and verification will be accurate.

4.1.2 However, the risk of misidentification is likely under-recognised and potentially unknown (see section 1.2), and this restricts the resources allocated by local and national bodies to further mitigate the risk. This is demonstrated by a response from NHS England and NHS Improvement to a safety recommendation made in one HSIB investigation, which said: ‘Our assessment is that this work would require determination of the true scale and impact of the risks identified … At this time, there is insufficient evidence that the scale of this risk would justify such a reallocation of the available resources’ (Healthcare Safety Investigation Branch, 2021a).

4.1.3 The finding of the current NLR, which has drawn together learning from several HSIB investigations, is that the risk of patient misidentification is currently not controlled. Controls depend on healthcare staff following policies and using a patient’s NHS number (see section 4.1.5), but it is not known what a ‘good’ check of a patient’s identity looks like. Staff are responsible for correctly identifying patients and are held accountable when misidentifications occur. While staff are supported by some safeguards, such as barcode technology, they are not reliably present, used or effective in practice.

4.1.4 In the future, organisations may seek to automate patient identification and remove the need for staff to undertake the process. In the meantime, there should be continued efforts to understand and reduce the risk of misidentification. During the development of this NLR, it became apparent that allocating already limited safety resources to the challenge of patient misidentification would mean removing resources from elsewhere, and this would have to be justified. As such, further research is needed to understand the risks of patient misidentification and where efforts to mitigate that risk can be best aimed for maximal impact. The degradation factors identified in table 2 may help inform this research.

HSSIB makes the following safety recommendation

4.2.1 This NLR has identified several high-risk settings/situations for patient misidentification, and potential opportunities to further mitigate the risk. The following sections explore these high-risk settings/situations and the role of technology in supporting patient identification.

High-risk settings and situations

4.2.2 The risk of patient misidentification is greater during certain activities. HSIB investigations found handovers and transfer of patient care to be high-risk activities, while the research literature describes patient transfers, emergency care, laboratory investigations, medication processes, invasive procedures and diagnostic imaging as high-risk activities (Abraham et al, 2021; Bolton-Maggs et al, 2015; Emergency Care Research Institute, 2016; Levin et al, 2012; Mannos, 2003; Suclupe et al, 2022; Tozbikian et al, 2017).

4.2.3 The process of handing over patient care between staff is frequent and safety-critical. In the investigation into access to critical patient information at the bedside, it was noted that information could be lost at handover and that there was significant variability in how handovers are undertaken, including in how patients are identified (Healthcare Safety Investigation Branch, 2023). The research literature also describes how hospital handovers are often not performed in line with the expectations of a policy (Suclupe et al, 2022). HSIB made a safety recommendation to the Royal College of Nursing to help create the conditions for more effective handovers (Healthcare Safety Investigation Branch, 2023).

4.2.4 HSIB investigations also found a risk of patient misidentification when patient care is transferred between community healthcare organisations, ambulance trusts and hospital trusts (Healthcare Safety Investigation Branch, 2021b, 2022). The investigations made safety observations around the benefits of reducing the variability in identification processes across regions. With the now statutory duties of integrated care boards, they have a role in supporting standardisation and assuring the safety of processes across their geographical footprints.

HSSIB suggests the following safety action for integrated care boards

4.3.1 This NLR predominantly focusses on preventing patient misidentification. However, as it is not currently possible to fully eliminate the risk, misidentifications will continue to occur. This means that processes are required to address misidentifications after they have been detected, and to ensure that a patient’s records are reviewed and made accurate.

4.3.2 HSIB investigations found challenges when attempting to rectify misidentifications (Healthcare Safety Investigation Branch, 2020, 2021b, 2022). Particular problems are encountered where patients have been cared for across multiple organisations, care pathways and episodes of care, and where hybrid (electronic and paper) systems are used to manage patient care.

4.3.3 The patient narrative in section 2 highlights the challenge of rectifying misidentifications and the lost opportunities to learn from misidentifications. HSSIB was told by the organisations involved that it can be difficult to identify inaccuracies when patients have similar names, ages and medical conditions. The functionality of digital systems and lack of interoperability between systems means that information may become stored in different places, rather than in a central location. This can create a continuing safety risk if incorrect information is not identified or addressed, and further highlights the need for interoperable digital systems.

HSSIB suggests the following safety action for integrated care boards

4.4.1 Positive patient identification is a fundamental healthcare process. However, it is unreliable, and the risk of misidentification has been recognised for many years. Despite this, it is hard to understand the risk (see section 1.2.6) and national resources are being prioritised to manage incidents which are perceived to represent the greatest harm (see section 4.1.1).

4.4.2 The need to see evidence of harm before a safety risk is addressed suggests a reactive approach to safety management. The reactive approach, which seeks to build a case for safety improvements based on quantifying harm, contrasts with modern views of safety and its improvement.

Proactive approach to safety management

4.4.3 Patient misidentification has been described as a ‘wicked problem’ (Ferguson et al, 2019), and the concept of a wicked problem is defined in the research literature (Lönngren and van Poeck, 2021). Patient misidentification is a wicked problem because it is not fully understood, the various factors that contribute to it are complex, there are many people involved in its occurrence and attempting to prevent it, solutions have potential ramifications for the wider healthcare system, and proposed solutions to date have been ineffective.

4.4.4 To address wicked problems, it may be necessary to think differently about how a safety risk is understood and mitigated. This may include moving away from reacting to incidents to proactively looking to understand systems and assure the safety of processes. HSSIB previously discussed the potential role of proactive approaches to safety in healthcare through a safety management system (Health Services Safety Investigations Body, 2023). A safety management system offers an organised and proactive way of understanding the risk of misidentification. It would focus on improving systems for patient identification, and then proving that those systems can consistently assure the correct patient is identified.

HSSIB makes the following safety observation

Addressing the risk further

4.4.5 Because current controls to prevent patient misidentification have limited effectiveness, misidentifications will continue to occur. The risk of patient misidentification, while not fully understood, will be mitigated to a certain level by the current controls. The level of mitigation will depend upon the situation and setting within which patient identification is being undertaken.

4.4.6 Non-healthcare industries talk about controlling risks to be ‘as low as reasonably practicable.’ The concept of ‘reasonably practicable’ involves ‘weighing a risk against the trouble, time and money needed to control it’ (Health and Safety Executive, n.d.). This concept is not well recognised in healthcare. It is also contentious, because it acknowledges that there will be a point where it is not practicable to attempt to mitigate a risk further and at which it is accepted that some incidents will still occur.

4.4.7 At present, it remains possible to further reduce the risk of patient misidentification, such as through the safety interventions suggested by HSIB (see section 3.1) and by monitoring research publications in this area (see section 3.2). However, national bodies are currently unable to allocate further resources to addressing the risk (see section 4.1). It is therefore unknown whether it is practicable to further address the risk of patient misidentification. When a better understanding has been gained of the risk (as per safety recommendation R/2024/017) and the resources available to address it have been considered, practicability may need to be considered nationally.

Decision to launch this report

Outcome impact – what is the impact of the safety issue on people and services across the healthcare system?

HSIB investigations demonstrated the physical and psychological harm that can result from patient misidentification. Examples included a patient who received an invasive procedure not meant for them; a patient who bled after receiving anticoagulation medication not meant for them; and a patient who did not undergo a resuscitation attempt because it was thought he was a different patient.

Systemic risk – how widespread and how common a safety issue is this across the healthcare system?

HSIB investigated patient misidentification in secondary care (outpatients, medical wards, operating theatres and emergency departments), the ambulance service and care homes. Intelligence from HSIB referrals and national incident databases shows that misidentifications continue to occur across healthcare. The continuing occurrence of misidentification incidents across all areas of healthcare, despite national efforts to improve safety, suggests a common and ongoing risk.

Learning potential – what is the potential for an HSSIB investigation to lead to improvements to patient safety across the healthcare system?

Efforts to address patient misidentification have not always been successful. Internationally, patient misidentification is a persistent problem. This national learning report has the potential to influence safety improvements through safety recommendations informed by HSSIB’s human factors based, system-focussed approach and a review of the research literature.

Objectives of this report

The objectives of this national learning report were to:

• describe previous relevant HSIB investigations
• combine the findings from HSIB investigations to summarise the factors that have contributed to patient misidentifications
• review HSIB safety recommendations and safety observations to explore their role in reducing the risk of patient misidentification
• conduct a review of the international research literature to identify additional opportunities to reduce patient misidentification
• synthesise and summarise the findings, and develop safety recommendations and safety observations to aid in further reducing the risk of patient misidentification.

Evidence sources

This report reviewed previous HSIB investigations that, fully or in part, considered events where a patient was misidentified. Summaries of those investigations are provided in appendix 6.2 and the individual reports are available via the HSSIB website.

Further evidence included additional referrals to HSIB that involved patient misidentifications, the Strategic Executive Information System (StEIS), national patient safety policy and safer practice alerts, and the international research literature.

Secondary analysis

Secondary analysis refers to analysing evidence that has been collected by someone else. In this report, the evidence included previous HSIB investigations. Investigation reports were analysed using qualitative analysis software (NVivo 12; QSR International, n.d.) to identify themes in the factors that contribute to patient misidentification. Analysis followed a recognised methodology (Braun and Clarke, 2006) using HSSIB’s framework, which is based around the Systems Engineering Initiative for Patient Safety (Carayon et al, 2006, 2014, 2020). Theming was undertaken by one national investigator and one intelligence analyst, both with experience in qualitative research.

The analysis also considered the availability of controls (Chartered Institute for Ergonomics and Human Factors, 2016) and their effectiveness in preventing patient misidentification or identifying where a patient misidentification has occurred. Findings are summarised in section 2.

Analysing HSIB’s contribution to risk management

Safety recommendations and safety observations (termed together as ‘safety interventions’) made in the HSIB investigations were reviewed. These safety interventions represent HSIB’s contribution to managing and reducing the risk of patient misidentification.

The analysis involved describing how the interventions aimed to manage the risk of patient misidentification. To do this, HSSIB adapted the hierarchy of controls (The National Institute for Occupational Safety and Health, 2023) to use as a framework (see figure 3). HSSIB acknowledges that the hierarchy does not originate in healthcare and is therefore of limited applicability. However, it was used to help categorise and exemplify the levels of the system at which the interventions are aimed. Findings are summarised in section 3.

Review of the literature

A search of the literature was undertaken using the Scopus and PubMed databases. Relevant articles, published between 2009 and to 2022, were identified using keyword and subject heading searches. The following were searched for: wrong-patient incidents (including medication incidents), positive patient identification processes and technologies, and misidentification associated with healthcare processes.

Searches identified 12 review articles (cited in appendix 6.5). Findings are summarised in section 3.

Developing safety recommendations

The findings of the above analyses were combined to draw conclusions about: 1) why patient misidentifications continue to occur, and 2) potential opportunities to further reduce the risk of misidentification. The findings were shared with NHS England and the Care Quality Commission in support of developing safety recommendations and safety observations.

Local integrated investigation pilot 1: incorrect patient identification (Healthcare Safety Investigation Branch, 2021b)

Factors contributing to misidentification of patients

Factors contributing to verification processes not identifying an initial misidentification

Review articles included in the literature review

• Boyd et al, 2018
• Brenner et al, 2016
• De Rezende et al, 2021
• Emergency Care Research Institute (ECRI), 2016
• Ferguson et al, 2019
• Hutton et al, 2021
• Lichtner et al, 2010
• Lippi et al, 2017
• Riplinger et al, 2020
• Sevdalis et al, 2009
• Shah et al, 2016
• Waruhari et al, 2017.

Themes Identified from the review articles, including cited key studies