A second or additional profile created for the same patient when identity matching fails. Duplicate records fragment clinical context, complicate claims, and increase administrative work. In healthcare identity programmes, they are a direct sign that front-door assurance is too weak.
Expanded Definition
A duplicate record is a second identity profile created for the same patient when matching logic, demographic data, or front-door verification fails. In healthcare identity programmes, the term sits alongside patient identity resolution, but it is not the same as a merge queue or a temporary registration hold. Definitions vary across vendors, yet the operational meaning is consistent: two or more records point to one person, splitting clinical history across systems and workflows.
That split matters because downstream systems often treat each record as authoritative in its own context. Medication history, allergies, encounter notes, and billing status can diverge, especially when staff create a new chart to avoid delaying care. For identity teams, duplicate records are a signal that assurance at enrollment, registration, or portal onboarding is too weak. NIST’s NIST Cybersecurity Framework 2.0 is useful here because it frames identity assurance as part of a broader governance and access control discipline rather than a back-office cleanup task.
The most common misapplication is treating a duplicate record as a simple data-quality defect, which occurs when organisations ignore how failed identity proofing, inconsistent demographics, or weak stewardship create repeated patient overlays.
Examples and Use Cases
Implementing duplicate-record prevention rigorously often introduces friction at registration, requiring organisations to weigh faster throughput against stronger identity assurance and cleaner longitudinal records.
- A patient returns to a hospital under a slightly different surname spelling, and the registrar creates a new chart instead of resolving the existing one.
- An emergency department accepts incomplete demographics during triage, then later discovers the encounter was attached to a second profile.
- A merged enterprise EHR still feeds downstream applications with inconsistent identifiers, so a single person appears as multiple patients across systems.
- An onboarding workflow for portal access does not verify enough attributes, producing a duplicate profile before clinical staff can reconcile it.
These patterns mirror broader identity failures described in the Ultimate Guide to NHIs, where poor lifecycle control and weak visibility create fragmented identity estates. The same governance discipline applies here: prevention, detection, and timely remediation. For operational mapping, the identity assurance and record reconciliation steps align well with NIST Cybersecurity Framework 2.0 functions that emphasise access control and continuous improvement.
Why It Matters in NHI Security
Duplicate records are often the visible symptom of a deeper assurance failure. When identity programmes allow one person to exist in multiple profiles, the organisation loses confidence in the accuracy of consent, treatment history, and entitlement decisions. That creates clinical risk, raises claim denials, and increases administrative rework, but it also weakens the identity fabric needed for modern NHI governance. The same inability to maintain a single trusted identity is what undermines service account control, secrets stewardship, and lifecycle hygiene.
That is why the Ultimate Guide to NHIs is relevant beyond human identity operations: it shows how visibility, rotation, and offboarding failures compound when organisations do not maintain authoritative identity inventory. In parallel, NIST Cybersecurity Framework 2.0 supports the governance mindset needed to detect identity drift before it becomes operational debt. NHIMG research shows that only 5.7% of organisations have full visibility into their service accounts, a reminder that identity fragmentation is rarely limited to one domain.
Organisations typically encounter duplicate-record harm only after a claim is rejected, a clinician cannot see prior allergies, or an audit exposes conflicting patient histories, at which point identity reconciliation becomes operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST SP 800-63 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | PR.AA-01 | Identity proofing and lifecycle assurance depend on trusted identity records. |
| NIST SP 800-63 | IAL2 | Identity proofing rigor influences whether duplicate patient profiles are created. |
| OWASP Non-Human Identity Top 10 | NHI-01 | Identity sprawl and weak inventory practices create duplicated or unmanaged identities. |
Strengthen enrollment checks and reconciliation workflows so each person maps to one trusted identity.
