In the United States, the Health Insurance Portability and Accountability Act (HIPAA) has strict regulations governing the security and privacy of healthcare information. Electronic Health Records (EHR) cannot flow through a Health Information Exchange (HIE) unless all parties are in compliance with HIPAA regulations.
You can learn more about HIPAA by reading an article at Wikipedia: http://en.wikipedia.org/wiki/Hipaa.
Different providers within the healthcare community in the United States are not allowed to exchange electronic health records unless specific authorizations and controls are in place. The U. S. Department of Health & Human Services provides a detailed Privacy and Security Toolkit that explains the regulatory framework and operational guidance. You can download the toolkit at
Keywords: HIPAA, HIE, health information exchange, EHR, electronic health records, privacy, security, disclose, disclosure