NC HIEA Policies

The N.C. Health Information Exchange Authority takes its role as a steward of patient data very seriously and abides by the highest security standards set by federal and state law. Additionally, NC HIEA performs regular audits to ensure compliance, follows data specifications standards set by the eHealth Exchange and strives to minimize the amount of data shared to what is required to provide safe, quality, affordable care to patients. In collaboration with its Advisory Board, legal counsel and other interested stakeholders, NC HIEA has developed the following policies to assist the governance of NC HealthConnex.


Policy Effective Date
Privacy and Security Policy Dec. 16, 2021
User Access Policy April 5, 2021
Behavioral Health Sensitive Data Policy Nov. 15, 2018
Opt-Out Information Oct. 2, 2019