Security and privacy laws — and patients — hold sway over NHIN

Patients get the last word on whether network uses their records

The Nationwide Health Information Network is in limited production, allowing a small but growing group of organizations to securely exchange electronic health records. Participants include the Social Security Administration, the Defense and Veterans Affairs departments, MedVirginia, and Kaiser Permanente.

The core capabilities of NHIN enable users to:

  • Search and retrieve health information and securely exchange it.
  • Apply consumer preferences for sharing information.
  • Use NHIN for other business operations, as authorized by the consumer.

Although the network is intended to widely enable the exchange of electronic health information among providers, insurers and other organizations, patients have the last word on whether and how NHIN is used. The specifications include a consumer preference profile that specifies whether information can be shared via NHIN and what access to the records is allowed. A policy engine, which is part of the gateway software that connects organizations to NHIN, enforces those preferences.

Related story

Health network is ready -- and waiting for your records

Agencies using the system must adhere to the Federal Information Security Management Act and Health Insurance Portability and Accountability Act. The network is expected to be expanded from its limited environment during the next 12 to 18 months, and nonfederal organizations can participate in the exchange only through a federally sponsored contract with a participating agency.

In February, SSA, which has been using NHIN on a limited basis for more than a year, announced that 15 health care providers and networks have received $17.4 million in NHIN contract awards through the American Recovery and Reinvestment Act.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected