NC HIEA October 2023 Update

New Legislation Impacts Chiropractors' Connections, Best Practices for Data Security, Understanding the Minor Opt-Out Process

Author: Jessica Hagins

Legislative Changes Impact Who Is Required to Connect to NC HealthConnex

The North Carolina Regulatory Reform Act became law (N.C.S.L. § 2023-137) in early October 2023. This law contains updates pertaining to the N.C. Health Information Exchange Authority, which oversees and manages the state-designated health information exchange, NC HealthConnex.

The new law has expanded the list of providers who are no longer required to connect to NC HealthConnex to include chiropractors.

The HIE Act (N.C.G.S. § 90-414.4) requires that those providers who receive state funds, such as Medicaid and the State Health Plan, for the provision of health care services must initiate a connection to send data to NC HealthConnex. Previously, certain provider types were exempted from the mandatory requirement to connect and send data by N.C.S.L. § 2019-23.

The following is an expanded list of provider types that have the option to connect on a voluntary basis:

  1. Community-based long-term services and supports providers, including personal care services, private duty nursing, home health, and hospice care providers.
  2. Intellectual and developmental disability services and supports providers, such as day supports and supported living providers.
  3. Community Alternatives Program waiver services (including CAP/DA, CAP/C, and Innovations) providers.
  4. Eye and vision services providers.
  5. Speech, language, and hearing services providers.
  6. Occupational and physical therapy providers.
  7. Durable medical equipment providers.
  8. Nonemergency medical transportation service providers.
  9. Ambulance (emergency medical transportation service) providers.
  10. Local education agencies and school-based health providers.
  11. Chiropractors licensed under Article 8 of this Chapter.

If you are no longer required to connect but submitted a Submission Only Agreement:

  • The NC HIEA will reach out to you about terminating or replacing your agreement soon.
  • If your organization would like to voluntarily participate in NC HealthConnex in order to view patient records or utilize the NC HealthConnex value‐added features, your organization can complete a Full Participation Agreement, which is available at

If you are no longer required to connect but have already submitted a Full Participation Agreement:

  • You have the option to continue your relationship as an NC HealthConnex participant. No action is necessary at this time if you plan to remain a full participant of NC HealthConnex.
  • If you do not want to submit data to NC HealthConnex or access patient data, please send an email to to terminate your agreement or request that it not be processed. This will end your relationship with the NC HIEA and NC HealthConnex.
  • As a reminder, anyone with a Full Participation Agreement has access to our Suite of Services, regardless of your organization's connection status.

For more information about the benefits of participating in NC HealthConnex, visit our website or sign up for the next How to Connect Call that is hosted the last Monday of each month at noon.

Providers with questions may contact the NC HIEA at 919-754-6912 or or see the FAQ section regarding connection exemptions for chiropractors on our website.


Cybersecurity Awareness Month Highlights Importance of Security for Health Care Professionals

October is Cybersecurity Awareness Month, an annual initiative that promotes the importance of good online security practices and the need for appropriate cyber defense tactics. 

The N.C. Department of Information Technology, along with other state, local and federal agencies, works to protect the state’s government IT systems and data against cyberthreats. 

The NC HIEA maintains a high standard of privacy and security for the exchange of protected health information (PHI) over NC HealthConnex. You can read more about our privacy and security policies on our website.

The theme of this year’s cybersecurity observance is “Secure Our World,” with a focus on four simple ways to be safe. 

  • Recognize and report phishing. Avoid clicking links or opening attachments in suspicious messages. If there is any doubt, check with the sender first. You can see if a North Carolina state government website, such as the NC HIEA’s site, is legitimate by looking for the “s” after “http” in the website address and “” as the domain. An email from the NC HIEA will also have the extension.