4.6 Master Patient Index Integrity

The MPI is a patient-identity control

The AHIMA RHIA Domain 2, Data and Information Governance, includes Master Patient Index integrity. A Master Patient Index (MPI) is the system or database that links patient-identity information to the correct records and encounters within a facility. An Enterprise Master Patient Index (EMPI) extends that linkage across multiple facilities or systems. Integrity means the index accurately represents the right patient, the right identifiers, and the right linked records, the foundation for every other use of health information.

MPI problems are high risk because identity errors propagate. A duplicate splits one patient's history across more than one record number in the same system. An overlay merges information from two different patients under one identifier, the most dangerous error. An overlap occurs when the same patient has different identifiers across facilities or systems that are not properly linked. Demographic errors weaken matching and cascade into registration, reporting, access, and safety problems.

Industry benchmarks help frame targets: AHIMA has long cited a goal of keeping the duplicate record rate at or below about 2%, while many unmanaged systems run far higher. Even small percentages translate to thousands of affected records in a large system.

Prevention is better than cleanup

MPI integrity starts at registration and scheduling. Staff should search before creating a new record, collect standardized demographics, verify identity per policy, avoid unapproved nicknames or abbreviations, and know when to escalate an uncertain match. System tools help, matching algorithms (deterministic and probabilistic), duplicate alerts, required fields, and work queues, but they do not replace training and governance.

A classic exam pattern is a duplicate spike after a new clinic opens, a system conversion, or a workflow change. The best answer is not merely to merge faster. The RHIA examines root cause: Are staff skipping the search step? Are required demographic fields missing? Did an interface begin sending values in a new format? Are matching thresholds too strict or too loose? Did training miss name variation or special populations such as newborns and twins?

Correction must be controlled

Merging or separating records affects care, release of information, billing, patient portals, quality reporting, and analytics. MPI correction must follow approved procedures, use trained staff, require verification evidence, preserve audit trails, and notify downstream areas. An overlay is urgent because one patient's data sits inside another patient's record, a direct patient-safety and privacy hazard; the organization must correct the identity link and assess every downstream effect, including potential HIPAA breach reporting.

Key MPI governance metrics:

• Duplicate creation rate by registration point or location.
• Potential-duplicate queue volume and aging.
• Overlay incidents and time to resolution.
• Percentage of records missing key demographic fields.
• Match accuracy after a system change or conversion.
• Staff compliance with search and verification procedures.
• Downstream report or portal issues caused by identity errors.

RHIA exam reasoning

When an MPI scenario appears, classify it as prevention, detection, or correction. For a potential-duplicate queue, prioritize review by patient-safety and data-use risk and by aging. For an overlay, treat it as urgent because records from different patients are mixed. If a trend points to registration workflow, fix training and process at the source. If a system change causes mismatches, involve informatics and the interface owners. Above all, never merge unverified matches, an incorrect merge can create the very overlay you are trying to prevent.

MPI integrity underpins documentation integrity, quality reporting, patient access, analytics, and management reporting.

Matching algorithms and why thresholds matter

MPI tools match records using two main approaches. Deterministic matching requires exact agreement on chosen fields (for example, name plus date of birth plus Social Security number). It is precise but brittle: a single typo or a missing field breaks the match and creates a duplicate. Probabilistic matching scores the likelihood that two records belong to the same person by weighting many fields, tolerating minor variation such as nicknames or transposed digits. Probabilistic matching catches more true matches but can produce false matches if thresholds are set too loose.

The RHIA governance role is to tune thresholds and route uncertain scores to a human-reviewed work queue, never to auto-merge a borderline pair.

A worked MPI scenario

A system has 500,000 active records and a measured duplicate rate of 4%, roughly 20,000 duplicate records, twice AHIMA's target of about 2% or below. After a registration-workflow change, the monthly duplicate creation rate doubles.

The wrong answer is "merge faster." The RHIA response is layered: analyze where new duplicates originate (a report shows 80% come from one registration desk that skips the search step), reinforce the search-before-create procedure and retrain that staff, tighten required demographic fields, route potential matches to a verified queue, correct existing duplicates only after evidence-based verification, preserve audit trails on every merge, and track the duplicate creation rate weekly to confirm the trend reverses.

Because an incorrect merge fuses two patients into one record, an overlay, every correction must be evidence-based and auditable. Patient safety, privacy, billing accuracy, portal access, and quality reporting all hinge on the identity link being right, which is why MPI integrity is a foundational Data and Information Governance responsibility rather than a clerical task.