CDC review reveals patchwork of US vaccine record policies in 2024
The US maintains 64 immunization information systems (IISs) across all states, territories, and major metropolitan areas. These systems track vaccine records and operate under a mix of federal, local, and jurisdictional rules. A recent review by the CDC in 2024 examined how each area manages its policies. Each IIS is funded through the CDC's 317/Vaccines for Children (VFC) cooperative agreement. Public health bodies oversee the systems, ensuring they comply with regulations in four main areas: legal authorisation, consent requirements, provider reporting, and data sharing.
Legal authorisation policies allow jurisdictions to collect and store vaccine administration data. Consent rules vary—some require explicit permission from recipients, others allow implicit consent, while a few mandate inclusion without choice. Provider reporting policies differ as well. Some jurisdictions demand records for all immunisations, while others focus only on specific vaccines or certain conditions. Data sharing rules also set limits on how information can be passed to other health agencies. The CDC's Informatics and Data Analytics Branch (IDAB) will now review these policies every year to monitor compliance and updates.
The 2024 review confirms that IIS policies remain varied across the 64 jurisdictions. Future annual checks by the CDC will track any changes in legal, consent, reporting, and sharing rules. These systems continue to play a central role in managing vaccination records nationwide.
