Security and privacy laws — and patients — hold sway over NHIN

Patients get the last word on whether network uses their records

The Nationwide Health Information Network is in limited production, allowing a small but growing group of organizations to securely exchange electronic health records. Participants include the Social Security Administration, the Defense and Veterans Affairs departments, MedVirginia, and Kaiser Permanente.

The core capabilities of NHIN enable users to:

  • Search and retrieve health information and securely exchange it.
  • Apply consumer preferences for sharing information.
  • Use NHIN for other business operations, as authorized by the consumer.

Although the network is intended to widely enable the exchange of electronic health information among providers, insurers and other organizations, patients have the last word on whether and how NHIN is used. The specifications include a consumer preference profile that specifies whether information can be shared via NHIN and what access to the records is allowed. A policy engine, which is part of the gateway software that connects organizations to NHIN, enforces those preferences.

Related story

Health network is ready -- and waiting for your records

Agencies using the system must adhere to the Federal Information Security Management Act and Health Insurance Portability and Accountability Act. The network is expected to be expanded from its limited environment during the next 12 to 18 months, and nonfederal organizations can participate in the exchange only through a federally sponsored contract with a participating agency.

In February, SSA, which has been using NHIN on a limited basis for more than a year, announced that 15 health care providers and networks have received $17.4 million in NHIN contract awards through the American Recovery and Reinvestment Act.

About the Author

William Jackson is a Maryland-based freelance writer.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected