NHSN Stated Purposes

The National Healthcare Safety Network (NHSN) Stated Purposes (NHSN Stated Purposes) details the specific scenarios in which CDC may share voluntarily-reported¹ data with federal agencies or state, tribal, local, or territorial health departments, as well as the specific provisions unique to such situations. CDC maintains and updates the NHSN Stated Purposes. The purposes listed below are solely public health purposes such as public health surveillance, outbreak control, and healthcare preparedness. Healthcare facilities with a signed Agreement to Participate and Consent (“Agreement”) will be notified of any updates to the NHSN Stated Purposes. CDC reserves the right to make updates outside of a maintenance schedule in the event of a declared public health emergency, other emergency event, or as may otherwise be required. The NHSN Stated Purposes have been agreed to by all healthcare facilities participating in NHSN via a signed Agreement to Participate and Consent. 

The purposes of NHSN are to:

• Collect data from healthcare facilities in the United States, including patient-level claims data, to permit valid estimation of adverse events among patients or residents and healthcare personnel.

• Collect data from a sample of healthcare facilities in the United States to permit valid estimation of the adherence to practices known to be associated with prevention of these adverse events. 

• Analyze and report collected data to permit recognition of trends at the local, state, and national levels.  

• Provide facilities with risk-adjusted metrics that can be used for inter-facility comparisons and local quality improvement activities. 

• Assist facilities in developing surveillance and analysis methods that permit timely recognition of patient or resident and healthcare worker safety problems and prompt intervention with appropriate measures. 

• Conduct collaborative research studies with NHSN member facilities (e.g., describe the epidemiology of emerging healthcare-associated infections [HAIs] and pathogens, assess the importance of potential risk factors, further characterize HAI pathogens and their mechanisms of resistance, and evaluate alternative surveillance and prevention strategies).  

• Facilitate recruitment of facilities into collaborative evaluations that seek to identify new ways to prevent or control antimicrobial resistance or prevent healthcare-associated infections and adverse drug events by providing facility identifiers to federal agencies and peer-reviewed, CDC-approved research projects for potential participation in studies, including comparative effectiveness assessments. 

• Enable healthcare facilities to comply with legal requirements – including but not limited to state or federal laws, regulations, or other requirements – for mandatory reporting of facility-specific adverse event, prevention practice adherence, and other public health data.  

• Enable healthcare facilities to report data via NHSN to the Centers for Medicare & Medicaid Services (CMS) of the U.S. Department of Health and Human Services (HHS) in fulfillment of CMS’s quality measurement reporting requirements for those data. 

• Provide healthcare facility-level data and annual facility survey data to CMS that are deemed required data in CMS rulemaking and that are used by CMS for its program administration, monitoring and evaluation activities, including validation, appeals review, program impact evaluation, and development of quality measure specifications.  

• Provide healthcare facility-level data, including annual facility survey data, to CMS for use by CMS programs in the design, operation, and evaluation of quality improvement programs in which healthcare facilities participate voluntarily. 

• Provide state, tribal, local, and territorial health departments with information that identifies the facilities in their state and/or jurisdiction that participate in NHSN. 

• Provide to state, tribal, local, and territorial health departments patient- and facility-level data for surveillance, prevention, or a reporting mandate.² 

• Provide to state, tribal, local, or territorial health departments facility-level information to facilitate HAI prevention efforts (e.g., identifying facilities to target for prevention activities), and provide patient- and healthcare facility-level data to state, local, or territorial health departments during an outbreak investigation to assist their case-finding or outbreak control. This provision does not replace the requirement for facilities to adhere to state, local, and territorial public health reporting requirements, including reporting outbreaks to public health authorities where mandated.  

• Provide facility-level data to the HHS Administration for Strategic Preparedness and Response to support public health preparedness and emergency management and to aid emergency response efforts. 

“The voluntarily provided information obtained in this surveillance system that would permit identification of any individual or institution is collected with a guarantee that it will be held in strict confidence, will be used only for the purposes stated, and will not otherwise be disclosed or released without the consent of the individual, or the institution in accordance with Section 304, 306, and 308(d) of the Public Health Service Act (42 USC 242b, 242k, and 242m(d)).” 

¹ The terminology “voluntarily-reported” is used here to describe reporting not associated with a state mandate or CMS regulation. 

² Health department access to certain facility data not covered by a reporting mandate is governed by a data use agreement between CDC and the health department.