Skip directly to local search Skip directly to A to Z list Skip directly to navigation Skip directly to site content Skip directly to page options
CDC Home
Share
Compartir
Frequently Asked Questions

About NHSN Security

 

What has to be installed on workstations ("Active-X or Java Controls")?

Neither. The NHSN was developed using Java J2EE on the server side and HTML and Java Script on the client browser. The NHSN does not use Active-X or Java Controls.

Top

Why does the system/computer need 500 MB of disk space?

At least 500 MB of disk space is recommend in order to save user files such as reports, exported data, PDF files, etc. We also envision in the future the development of multimedia training materials that may be downloaded.

Top

What ports need to be opened to allow the system to work?

HTTP port 80

Top

What security controls are present?

CDC Secure Data Network (SDN) requires use of a secure 128-bit encryption digital certificate for authentication into the National Healthcare Safety Network.

Top

Is patient name a required field?

No. Patient name is only included for the healthcare facility’s benefit. It allows a facility to identify individual patients. This information is stored in the database at CDC but not used in any CDC analysis. The only required patient identity fields are Patient ID #, Gender, and Date of Birth.

Top

What electronic import interfaces are supported (e.g., HL7)?

Currently, the NHSN only accepts comma separated value (CSV) files for the importation of procedure data, surgeon data, and patient demographic data. Healthcare worker demographic data will be imported in the same manner in future releases. Electronic messaging using HL7 3.x messages is under construction for antimicrobial use and resistance data, but is not yet available.

Top

Are all processor-intensive functions handled on the server side vs. the client side (data analysis, reporting, etc.)?

Yes, all data analysis and reporting is handled on the server side by SAS Intranetware.

Top

Will there be audit logs generated for each log in? (i.e., who logged in, when, how many times, etc.)

Yes, CDC Secure Data Network logs user authentication into the NHSN system.

Top

Will the Facility Administrator have access to the audit logs for the purposes of monitoring login activity?

No, but if a security breach is suspected we can request access to the audit logs from the CDC Secure Data Network group.

Top

What security risk assessments has the NHSN undergone?

The NHSN has undergone and passed an extensive Certification and Accreditation (C&A) security risk assessment required for federal IT systems. The NHSN software has been scanned for software vulnerabilities and has passed. New releases of the software will be scanned if new content affects the security posture of the system.

Top

Can previously uploaded data be downloaded?

Data manually entered or imported into the NHSN can be downloaded at any time by the facility. A variety of popular file formats are available for storage of these data (e.g., Excel, dbase).

Top

Are the NHSN data backed up? If so, how and how often?

Yes. Data from the NHSN are stored in SQL databases and an incremental nightly back up is performed, at minimum, each night. The back ups, log, incremental and full are stored on a separate disk/server. The back up files are in turn backed up to tape on a nightly basis and ultimately stored off site. Weeks worth of back ups are maintained. We have a number of SQL servers available to use should one fail.

Top

 

CMS requirements click here for more information

CDA
Contact NHSN:
  • Centers for Disease Control and Prevention
    National Healthcare Safety Network
    MS-A24
    1600 Clifton Rd
    Atlanta, GA 30333
  • Contact NHSN@cdc.gov
     
Contact Us:
  • Centers for Disease Control and Prevention
    1600 Clifton Rd
    Atlanta, GA 30333
  • 800-CDC-INFO
    (800-232-4636)
    TTY: (888) 232-6348
  • New Hours of Operation
    8am-8pm ET/Monday-Friday
    Closed Holidays
  • Contact CDC–INFO
USA.gov: The U.S. Government's Official Web PortalDepartment of Health and Human Services
Centers for Disease Control and Prevention   1600 Clifton Rd. Atlanta, GA 30333, USA
800-CDC-INFO (800-232-4636) TTY: (888) 232-6348 - Contact CDC–INFO
A-Z Index
  1. A
  2. B
  3. C
  4. D
  5. E
  6. F
  7. G
  8. H
  9. I
  10. J
  11. K
  12. L
  13. M
  14. N
  15. O
  16. P
  17. Q
  18. R
  19. S
  20. T
  21. U
  22. V
  23. W
  24. X
  25. Y
  26. Z
  27. #