Using Two Patient Identifiers in the Pharmacy for Safety: How to Prevent Medication Errors

Every year, thousands of patients in the U.S. receive the wrong medication-not because a pharmacist made a careless mistake, but because someone was misidentified. It sounds impossible, but it happens. A woman gets antibiotics meant for another woman with the same last name. An elderly man receives a high-dose opioid because his record was mixed up with someone else’s. These aren’t rare accidents. They’re preventable failures-and they start with skipping one simple step: using two patient identifiers.

Why Two Identifiers? The Real Risk

The Joint Commission, the main organization that accredits U.S. hospitals and pharmacies, made this rule official back in 2003. It’s called NPSG.01.01.01. And it’s not optional. You must use two pieces of information to confirm a patient’s identity before giving them any medication. Not one. Not sometimes. Always two.

Why? Because names alone are dangerously unreliable. Think about it: how many people do you know named John Smith or Maria Garcia? In a busy pharmacy, you might see three patients with the same first and last name in a single hour. Add similar birth dates or addresses, and the chances of mixing them up rise fast.

According to a 2020 study in JMIR Medical Informatics, up to 10% of serious drug interaction alerts go unnoticed simply because patient records are mismatched. That means someone could be given a drug that causes a life-threatening reaction-and the system doesn’t even blink. In 2023, the Emergency Care Research Institute ranked patient misidentification as one of the top 10 threats to patient safety. That’s not a minor concern. It’s a systemic flaw.

What Counts as a Valid Identifier?

Not every piece of information you have is acceptable. The Joint Commission is very clear: room number and location don’t count. Why? Because a patient can move rooms. A person in Bed 302 today might be in Bed 310 tomorrow. Relying on location is like trying to identify someone by the chair they’re sitting in.

Acceptable identifiers include:

• Full legal name
• Date of birth
• Assigned medical record number
• Phone number
• Address (in some cases, if unique and verified)

The key is that both identifiers must be unique to the individual and directly tied to their record. So, if you’re checking a prescription, you don’t just ask, “Are you John Smith?” You ask, “What’s your date of birth?” and cross-check it against the screen. Then you verify the medical record number on the bottle matches the one on the chart.

Manual Checks Aren’t Enough

Many pharmacies still rely on staff asking patients for their name and DOB. It sounds simple. But human memory is fallible. Fatigue, distractions, and time pressure make mistakes inevitable.

A 2023 survey by the American Society of Health-System Pharmacists found that 63% of pharmacists admitted to occasionally cutting corners on verification-especially during peak hours. In community pharmacies, 42% of staff said they often verify identity verbally without writing it down. That’s a problem. The Joint Commission requires documentation. If you don’t record that you checked both identifiers, you’re not compliant. And in a survey of non-compliant facilities in 2023, 37% failed because they didn’t document the checks.

Even double-checking by two staff members doesn’t guarantee safety. A 2020 review in BMJ Quality & Safety found no strong evidence that having two people verify a prescription reduces errors. Why? Because if both people are looking at the same wrong record, they’ll both miss the mistake.

Technology Makes the Difference

The most effective way to prevent these errors isn’t more staff. It’s better technology.

Barcode scanning systems have proven to cut medication errors by 75%, according to a 2012 study in the Journal of Patient Safety. Here’s how it works: the pharmacy prints a barcode on the medication label that includes the patient’s name, DOB, and medical record number. The pharmacist scans the label and the patient’s wristband-both must match. If they don’t, the system blocks the dispensing process.

Even better? Biometric systems. Hospitals using palm-vein scanners (like Imprivata PatientSecure) have seen a 94% accuracy rate in matching patients to their records. Compare that to the 17% accuracy rate in hospitals without a central patient index. That’s a five-fold improvement.

Enterprise Master Patient Index (EMPI) systems are the backbone of this. They link all a patient’s records-across clinics, hospitals, and pharmacies-under one unique ID. Without EMPI, duplicate records are common. One case from Altera Health in 2024 showed a woman receiving conflicting medications because her records were split between three different departments under three slightly different names. She didn’t even know she had two records. But her body paid the price.

What Happens When You Don’t Follow the Rules?

Ignoring the two-identifier rule isn’t just risky-it’s costly.

In 2023, non-compliance with this rule was the third most common violation in hospital surveys, making up 28% of all patient safety goal failures. That’s not a small footnote. It’s a major red flag. And when a facility fails accreditation, it risks losing Medicare and Medicaid reimbursement. That’s not a fine. That’s a financial crisis.

Plus, there’s the human cost. The Office of the National Coordinator for Health IT estimates that duplicate records cost large hospitals $40 million a year in wasted time, retesting, and error correction. And that’s just the money. The real cost is the patient who gets the wrong drug, the family that loses trust, the pharmacist who wakes up wondering if they caused harm.

How to Implement It Right

If you’re setting this up in your pharmacy, here’s what works:

1. Start with policy. Write down exactly which two identifiers you’ll use and when.
2. Train everyone-pharmacists, technicians, front desk staff. Don’t assume they know.
3. Use technology. Barcode scanning on dispensing and administration is the gold standard.
4. Integrate EMPI if possible. Even if you’re a small pharmacy, connect to a regional health network.
5. Document every check. If you don’t write it down, it didn’t happen.

For high-alert medications (like insulin, blood thinners, or chemotherapy), add a “timeout” step. Before handing over the drug, pause. Say the patient’s name. Say their DOB. Confirm the barcode. Look the patient in the eye. Make it a habit.

The Future Is Unique Identifiers

Right now, every patient has a different ID in every system they visit. That’s why records get mixed up. The solution? A single, national patient identifier.

The ONC launched a pilot in January 2025 to test this in five health information exchanges. Early results show it could uncover up to 9.7% more dangerous drug interactions that current systems miss. The American Medical Informatics Association supports it. But privacy concerns and high costs ($1.2-1.8 million per 100-bed hospital) are slowing adoption.

Until then, the best tool we have is still the two-identifier rule-done right, every time, with documentation, and with technology when possible.

What Patients Can Do

You’re not powerless. If you’re picking up a prescription:

• Always answer when asked for your date of birth-even if you’ve already given it.
• Check the name on the label. Is it yours?
• Ask: “Is this medication right for me?”
• If you’ve been to other clinics, make sure your records are linked.

It’s not just the pharmacist’s job. It’s everyone’s.