U.S. lawmakers look to improve patient privacy, safety with MATCH IT Act

The introduction of the Patient Matching and Transparency in Certified Health IT Act of 2025 (MATCH IT) marks a significant step toward improving patient safety and privacy within the U.S. healthcare system. Spearheaded by Representatives Mike Kelly and Bill Foster, their bipartisan legislation aims to reduce patient misidentification while promoting interoperability between healthcare systems.

With provisions designed to standardize and protect patient demographic elements in certified health IT products and creation of an anonymous, voluntary system for measuring patient match rates, the act would enhance efficiency and better ensure privacy without placing additional burdens on providers and health systems.

The MATCH IT Act’s introduction aligns with broader congressional discussions on digital identity verification. Foster, a long-time advocate for digital identity solutions, has noted that Congress is gradually embracing the concept despite past resistance due to concerns about a national ID system. At the 2025 Gov Identity Summit, Foster highlighted the importance of secure digital IDs in safeguarding privacy and preventing identity theft. He argued that without a reliable method of digital identity verification, privacy protection remains unachievable.

Foster also pointed out that digital IDs could play a crucial role in reducing fraud, particularly in government benefit programs. During the COVID-19 pandemic, an estimated $191 billion in unemployment insurance funds were lost to fraudulent claims, underscoring the need for improved verification measures.

“I have been, with increasing success, convincing members of Congress that you actually cannot solve privacy until you solve digital identity,” Foster said, adding, “The key government role is to issue that credential, and I think also probably to specify – from a hardware point of view and a software point of view – what’s necessary [and] what’s good enough to present a digital driver’s license.”

Foster went on to say that “there’s well-documented tens – probably hundreds of billions of dollars – of fraud against theft, against the federal taxpayer, and a huge number of man hours lost just making sure that everyone who presents themselves to the government is actually not a fraudster.” He called on the so-called Department of Government Efficiency to prioritize identity verification, saying, “if you’re looking for waste, fraud, and abuse, this should be the very top of your list.”

The potential benefits of digital identity verification extend far beyond healthcare. Secure digital IDs could enhance financial security, streamline regulatory compliance, and help prevent artificial intelligence-driven fraud. The emergence of deepfake technology has heightened concerns about impersonation and misinformation, further emphasizing the need for verifiable identity systems.

Foster argued that while technology alone cannot eliminate deepfakes, a robust digital identity framework would enable individuals to verify their authenticity and prevent AI-generated identity fraud.

“When people hear about deep fakes, the first reaction is, ‘let’s come up with some magic software that will determine the difference between deep fakes’ and you know that’s not going to happen,” Foster said. “The next best thing you can do is to be able to have people prove who they say they are, and not some AI deep fake of themselves.”

Congress for several years has tried to move the needle toward implementing digital identity solutions. Legislation has been proposed that would have required federal agencies to digitally verify citizens’ identities when claiming benefits or accessing government services.

Last year, the American Privacy Rights Act was introduced which sought to limit the types of data companies can collect about their users, establish processes for users to access or remove data about them, and allow users to opt out from having their data sold by data brokers. The bill underwent controversial revisions in June 2024 under pressure from House Republicans which led many privacy and civil rights organizations to withdraw their support. The bill never made it out of committee.

Earlier, the bipartisan Improving Digital Identity Act of 2023 aimed to establish a government-wide approach to enhancing digital identity verification processes by creating a task force within the Executive Office of the President to coordinate efforts across federal, state, local, tribal, and territorial agencies to develop secure methods for digital identity verification.

Additionally, lawmakers have been exploring a regulatory sandbox for digital identity within the banking and financial technology industries. This initiative, which has garnered strong support from financial institutions and fintech startups, could significantly reduce Know Your Customer compliance costs.

Under the proposed framework, customers presenting a real ID-compliant digital driver’s license would undergo automated verification through an API managed by the Treasury Department’s Financial Crimes Enforcement Network (FinCEN), ensuring a legal safe harbor for institutions onboarding new clients.

“[If] you want to onboard a customer, they would have to present a Real ID compliant digital driver’s license, and then you would go and check that with some API that the FinCEN would set up to say is this person you know on the known list of bad actors,” Foster explained. “And if it comes back clear, you would have a legal safe harbor for onboarding that customer.”

For years, patient misidentification has also been a persistent challenge within the U.S. healthcare system and has led to severe consequences such as medical errors, unnecessary costs, and even patient fatalities. The inability to accurately match patients with their medical records has resulted in repeated medical tests, increased hospital expenses, and a lack of continuity in patient care.

Kelly emphasized the urgency of addressing this issue, stating that the MATCH IT Act is designed to improve interoperability between healthcare systems, minimize errors, and protect patient privacy. “For too long, patient misidentification has put Americans within the U.S. health care system at risk. Patient matching errors has led to unnecessary expenses, medical mistakes, and even patient deaths,” Kelly said, adding, “This bipartisan legislation works to improve interoperability between health care systems and decrease these fixable matching errors, all while protecting patient privacy.”

Foster echoed these sentiments, pointing out that patient misidentification contributes to thousands of preventable deaths annually and that the legislation will help reduce these occurrences by improving the interoperability of patient matching systems.

“This legislation would promote the interoperability of patient matching systems, which would protect patients and decrease burdens on health care providers,” Foster said. “I look forward to continuing to work with Congressman Kelly to eliminate barriers to unique patient identifiers so we can prevent medical errors and ensure patients receive the correct treatment.”

The bill has received strong support from key industry organizations. The American Health Information Management Association (AHIMA) commended Kelly and Foster for leading efforts to enhance patient safety through improved patient matching. AHIMA President Maria Caban Alizondo said, “The MATCH IT Act would decrease rates of patient misidentification, improve patient privacy and care, and bring down costs within the healthcare ecosystem associated with mismatched patient records.”

The College of Healthcare Information Management Executives (CHIME) also recognized the bill as a crucial step toward establishing patient matching standards, highlighting its role in improving healthcare efficiency and maintaining data integrity. “The MATCH IT Act will provide a much-needed framework to improve interoperability, reduce errors, and uphold the integrity of the American healthcare system. We stand in strong support of this bipartisan effort to drive meaningful progress in patient care and health IT,” said CHIME President and CEO Russ Branzell.

Intermountain Health has also backed the bill, stressing that accurate patient identification is fundamental to patient safety, privacy, and the successful implementation of a value-based care system.

The impact of patient misidentification extends beyond medical errors. It presents significant financial costs to both patients and healthcare providers. Studies indicate that duplicate records and repeated medical tests result in an average additional expense of $1,950 per inpatient stay and over $1,700 per emergency department visit. Furthermore, 35 percent of all denied insurance claims are linked to inaccurate patient identification, costing hospitals an estimated $2.5 million annually and leading to a nationwide loss of over $6.7 billion.

In addition to financial inefficiencies, the merging of multiple patients’ data into a single medical record – known as overlaid records – poses serious privacy risks. Such errors can lead to unauthorized disclosures under the Health Insurance Portability and Accountability Act and result in patients receiving incorrect treatment. The MATCH IT Act aims to address these issues by creating a standardized industry definition for the term “patient match rate,” thereby enhancing consistency and reliability across healthcare systems.

The MATCH IT Act represents an important step toward improving patient safety, privacy, the longstanding challenges associated with patient misidentification, and healthcare interoperability. By standardizing demographic data entry, establishing a voluntary patient match rate measurement system, and fostering bipartisan support for digital identity verification, the legislation aims to create a more secure, efficient, and patient-centric healthcare ecosystem. And with growing support from industry and policymakers, the legislation has the potential to transform how patient data is managed, ultimately leading to better health outcomes and reduced costs for both patients and providers.

Article Topics

digital ID  |  healthcare  |  identity verification  |  legislation  |  MATCH IT Act  |  patient identification  |  U.S. Government