SafeTeam Academy
>
Blog
Published on
May 7, 2026

Identity vigilance: the new framework

Patient identification is essential to ensure the security of patient information and the quality of care pathways.

Patient Identification Vigilance: The Key to Health Data Security and Quality of Care

In the digital age, where health data is increasingly accessible and shared, patient identification vigilance has become a fundamental pillar for ensuring the security of patient information and the quality of care pathways. Ensuring that each piece of data is correctly linked to the right patient is an ethical, legal, and clinical imperative. This article explores in depth the concept of patient identification vigilance, its regulatory framework in France regarding the National Health Identity (INS), the key procedures to implement, the role of the various stakeholders, the essential security measures, and the expected benefits for the healthcare system.

What Is Patient Identification Vigilance? Definition and Challenges

identity vigilance is the set of procedures and measures implemented to ensure the unique and reliable identification of a person throughout their healthcare journey. It aims to prevent identification errors, such as duplicate records, identity clashes, or data assignment errors, which can have serious consequences for patient care.

In a context where digital health services are developing rapidly, the challenge of ensuring data privacy has become crucial. The ability to securely and permanently link personal health data to the individual to whom it pertains is essential for several reasons:

  • Patient Safety: Incorrect identification can lead to errors in diagnosis, treatment, medication administration, or even surgical procedures performed on the wrong patient. Vigilance regarding patient identification helps minimize these risks and ensure patient safety.
  • Data Quality: By ensuring that data is correctly linked, patient identification oversight helps create reliable and complete patient records, thereby facilitating continuity and coordination of care.
  • System Interoperability: The use of a unique and verified identity facilitates the secure exchange and sharing of health data among the various stakeholders in the care pathway, thereby improving the efficiency of the system.
  • Respect for Patient Rights: Careful patient identification ensures that patients have access to their own health data and respects their right to confidentiality and privacy.
  • Risk Management: Identification errors can have significant legal and financial consequences for healthcare facilities and professionals. Vigilance regarding patient identification helps manage these risks.

In response to these challenges, France has implemented a regulatory framework and specific tools, notably the National Health Identity (INS), to strengthen patient identification safeguards within the healthcare system.

The National Health Identity (INS): The Foundation of Patient Identification Surveillance in France

The National Health Identity (INS) is the reference identifier for individuals receiving healthcare and social care in France. It relies on the use of the National Identification Number (NIR), more commonly known as the social security number, or the pending registration number (NIA) for individuals whose NIR is being assigned. It is crucial to distinguish the National Health Service (INS) identification number—which is the same as the NIR or NIA used to reference health data for healthcare or social care monitoring purposes—from the NIR used for other administrative purposes. The use of the NIR as an INS identification number is strictly regulated and limited to the health and social care sectors. The main objective of the INS is to enable reliable and unambiguous referencing of users’ health data throughout the country. It consists of several elements:

  • The INS registration number (NIR or NIA).
  • The INS attributes, which are the reference identity elements associated with the NIR/NIA in the national reference databases (surname at birth, list of given names at birth, sex, date of birth, and official geographical code of the place of birth).
  • The organization that assigned the INS, in the form of an OID (Object Identifier).

The use of the INS has become mandatory for professionals, facilities, services, and organizations involved in the health or medical-social care of individuals. Any other identifier may only be used if access to the INS is impossible, in order to avoid disrupting patient care.

The INS, combined with identity attributes, has emerged as the most suitable solution for identifying users of the healthcare system, linking their data, and facilitating its secure sharing among healthcare providers, while ensuring compliance with confidentiality rules.

The National Identity Vigilance Reference Framework (RNIV): The Normative Framework and Best Practices

The National Identity Vigilance Reference Framework (RNIV), annexed to the INS reference framework, is an essential document that specifies all the rules and procedures to be implemented by the organizations responsible for referencing health data with the INS in the field of identity vigilance. It was developed in close collaboration with the association of regional identity vigilance coordinators (3RIV), healthcare professionals, and digital health companies. The RNIV aims to ensure the quality of user identification through the implementation of rigorous procedures. In particular, it defines the rules for determining the status of the INS, distinguishing between an unqualified INS and a qualified INS (with the status "qualified identity").

An INS is considered qualified if it meets two conditions:

  • The person's identity has been verified in accordance with the identity verification procedures described in the RNIV.
  • The INS (INS registration number and associated identity details) has been retrieved from the national reference databases (RNIPP or certified copy) via the INSi online service or the Carte Vitale app.

The RNIV describes the identity verification procedures to be implemented during primary (initial) and secondary (subsequent) identification interactions with the user. It also addresses the management of homonyms, the correction of identification errors, and the measures to be taken in the event of suspected identity fraud. The INS reference document, in its version 2.1 dated December 2024, supersedes the previous version and specifies the rules for integrating and "qualifying" the INS in professional software, particularly in the private sector. The changes made take into account feedback from healthcare professionals and aim to simplify qualification procedures in certain situations.

Key Steps and Procedures for Patient Identification Vigilance

Implementing patient identification safeguards involves a series of key steps and procedures, ranging from the initial identification of patients to managing errors and updates to their identity.

1. Initial Identification: During the initial care of a patient, it is essential to conduct a thorough identification process to create a unique digital identity in the health information system. This step generally includes:

  • Collecting the user's personal information (last name, first names, date and place of birth, gender).
  • Verifying this information using supporting documents (ID card, passport, etc.).
  • Searching the information system to verify whether the user has already been identified (to avoid duplicates).
  • If a valid INS number is not available, you must attempt to retrieve the INS number via the INSi online service (by scanning your health insurance card or entering your personal information) or the Carte Vitale app as soon as possible.
  • Assigning a confidence level to the registered identity, in accordance with the procedures defined in the RNIV.

2. Secondary Identification: During subsequent contact with the user, it is necessary to verify their identity before providing any consultation or treatment. This can be done through various methods (asking the user questions, checking their health insurance card, etc.) and must ensure that it is indeed the person in question.

3. Qualification of the National Health Identifier (INS): The INS must be qualified as soon as possible to ensure its reliability. This qualification involves verifying the user’s identity through identity verification procedures and retrieving the INS from the reference databases via the INSi online service or the health insurance card app. An unqualified INS must not be shared internally or externally.

4. Use of the qualified INS: As soon as a user’s INS has been qualified, the INS number and identifying features from the reference databases must be used for identification purposes, particularly during health data exchanges. The retrieved identifying features must replace the local strict features in the corresponding fields.

5. Error and update management: Procedures must be in place to detect and correct identification errors. In the event of an INS correction, measures must be in place to ensure that the information is disseminated to the parties and systems to which the data has been transmitted. The history of a person’s INS numbers must be retained.

6. Periodic Verification of the INS: After a configurable period (approximately 5 years), a verification of the INS must be requested via the online service to ensure its validity. This verification can be performed during a patient care episode or an interaction with the user.

Stakeholders in Patient Identification Vigilance: Roles and Responsibilities

The effective implementation of patient identification safeguards is a shared responsibility among the various stakeholders in the healthcare system.

  • Healthcare Professionals, Healthcare Facilities, and Social Care Services: They are required to use the INS to reference the health data of the individuals in their care. They must implement the identity verification procedures defined in the RNIV and ensure that the INS is valid. They are responsible for complying with legal requirements and security measures related to data referencing using the INS within their organizations.
  • Health data referencing managers: They are responsible for ensuring compliance with rules regarding the INS and identity governance within their organization. In particular, they must ensure that authorized users of the INS are part of the "circle of trust," define the INS retention period, inform the individuals concerned about the use of the INS, and implement appropriate security measures.
  • Service providers and software publishers: They play a key role in integrating the INS and identity vigilance functionalities into health information systems. They may act as data processors on behalf of the data controller and must comply with the requirements of the INS framework. Their software solutions must facilitate the retrieval, validation, and use of the INS, as well as the implementation of patient identification vigilance procedures. The French Digital Health Agency (ANS) and the National Health Insurance Fund (Cnam): They are jointly responsible for the INSi online service. Cnam is responsible for the operational implementation of the online service and the Carte Vitale app, which enable the retrieval and verification of the INS. The ANS maintains the IGC-Santé certification authority, which issues electronic identification credentials for accessing the online service.
  • Regional Identity Vigilance Coordinators (3RIV): They play a vital role in supporting and promoting best practices in identity vigilance at the regional level.

Raising awareness and providing training to all staff involved in user identity verification are essential to ensure the effectiveness of identity monitoring. Particular attention must be paid to the distinction between the INS registration number and other potential uses of the NIR.

Security and Identity Protection: Safeguarding INS and Health Data

Linking health data to the INS introduces an additional risk that must be mitigated by implementing appropriate security measures. These measures must be incorporated into the risk analysis and data protection impact assessment (DPIA) conducted by data controllers. The main risk categories to consider following the integration of the National Health Identifier (INS) are the loss of availability, the loss of integrity, and the loss of confidentiality of data (health data and INS), as well as the loss of auditability of actions performed. The minimum security measures to be implemented for the INS include: Identity Management: Definition and application of identity vigilance procedures compliant with the National Health Insurance Information System (RNIV). Prohibition of the transmission of unqualified INS. Prohibition of local modification of the INS number and reference identity features. Use of the qualified INS for data exchanges. Mandatory sending of reference identity details with the INS registration number during exchanges. Traceability of exchange partners. Procedures for disseminating INS corrections. User awareness.

  • Access Control: Review of the access control policy to integrate the INS and access to the INSi online service. Strict management of authorizations. Strong electronic identification for access to the INSi online service via IGC-Santé certification products (CPx cards, Pro Santé Connect, organizational certificates). Traceability of all access to the INS, including access to the INSi online service, with logs retained for the period recommended by the CNIL (currently 6 months) and regular analysis of these logs.
  • Traceability: Implementation of an intrusion detection system. Traceability of access (modification, consultation) to the qualified INS within the organization. Regular security audits are conducted. Communication security: Securing communication channels used to exchange health data containing the INS. INSi teleservice self-approval: Mandatory internal procedure for legal entities using an organizational software certificate to access the teleservice. This procedure aims to certify the implementation of the required security measures.

    • The person responsible for managing health data must demonstrate compliance with these measures, which may be included in the information system's security certification.

    The Benefits of Patient Identification Vigilance and Future Prospects

    The rigorous implementation of patient identification safeguards and the widespread use of standardized National Health Identifiers (NHIs) bring numerous benefits to the healthcare system:

    • Significant reduction in medical errors related to identification issues.
    • Improved quality and reliability of health data, leading to more informed and personalized care.
    • Facilitated coordination and continuity of care through the smooth and secure exchange of information among professionals.
    • Strengthening the security of health data and ensuring respect for patient privacy.
    • Optimizing the efficiency of the healthcare system by reducing duplication and administrative errors.
    • Contributing to the creation of reliable health databases for research and practice evaluation.

    The Digital Health Roadmap aims to promote widespread use of the National Health Identifier (INS) in digital health services, with a key goal of achieving 90% verified identities among the active patient roster at healthcare facilities.

    The launch of the Vitale Card App significantly simplifies the management of the National Health Identity (INS) for healthcare professionals by enabling the direct retrieval of the patient’s (or their legal representative’s) verified identity upon opening the app. This development helps facilitate the verification of the INS and achieve the established objectives.

    In conclusion, patient identification vigilance, supported by the National Health Identity Framework and the National Patient Identification Vigilance Reference Framework, is a key issue for the digital transformation of the healthcare system. It is the cornerstone of data security and quality of care, ensuring that each patient is correctly identified and that their health information is protected throughout their care pathway. The mobilization and commitment of all stakeholders are essential to achieving robust and widespread patient identification vigilance for the benefit of all users of the healthcare system.

    photo of the author of the safeteam academy blog article
    Frédéric MARTIN
    SafeTeam Academy
    Back to the blog
    safeteam logo

    Our teams are committed to assessing your needs and providing you with a response in less than 48 hours

    Schedule an appointmentSchedule a CALL
    Navigation
    Welcome
    Trainings
    Resources
    About
    Trainings
    Catalog
    CPD Training
    Support & FAQ
    Resources
    Blog
    Use cases
    Recruitment
    Contact us
    Request a quote
    Make an appointment
    By email
    Legal
    Legal Notice
    Privacy Policy
    Terms of Service
    Download certificate
    contact@safeteam.academy
    ASN © 2025
    Designed and developed by Elias Studio