HLN Consulting LLC
  • About
    • About HLN
    • Our History
    • Clients
    • Careers
  • Solutions
    • Informatics Solutions
    • Case Studies
    • DMI
    • ICE
    • IIS
  • Knowledge
    • Articles
    • Blog
    • Case Studies
    • Collaborations
    • Newsletters
    • Presentations
    • Press Releases
    • White Papers
  • Blog
  • Contact Us

BLOG
Implementing Vaccine Credentials Across State Lines

BY Noam Arzt ON August 19, 2021
AIRA | CDC | COVID-19 | Immunization Information System (IIS) | Vaccine Credentials

I have written previously about the role that Immunization Information Systems (IIS) play in the US with respect to providing authoritative, complete information about vaccinations for the citizens within their jurisdictions. Under Centers for Disease Control and Prevention (CDC) leadership, the IIS community is making strides towards enabling a more transparent exchange of information between IIS. This is to primarily ensure that vaccinations received by an individual in a location other than where they live (for example, a workplace or school in another state) will find their way to the IIS in the individual’s home jurisdiction. This ensures that the IIS where a person lives has as complete a record as possible.

I have also written a lot about vaccine credentials and the role they play in providing an authoritative, digital record of one’s COVID (and ostensibly any) vaccination status. A few states – most notably California, Louisiana and New York – have provided digital vaccine credentials to their citizens for this purpose. Though they all suggest that they are following the same standard (Smart Health Cards), I myself have not been able to get my California-issued credential to be accepted in the NY State Excelsior digital wallet. Clearly some interoperability issues exist with these early implementations.

But what happens if an individual needs to certify their vaccination status in a jurisdiction other than where they live or work/go to school? What if they need to certify their vaccination history in a jurisdiction where they have no electronic record at all, especially not in an IIS? For instance, what if someone who has no clinical relationships in NYC wants to attend a show on Broadway? The theatre instructs the person that an Excelsior pass is needed, but unless you have received vaccinations in NY State or you are a NY State resident who has had out-of-state vaccinations sent to the NY State IIS (NYSIIS), Excelsior has no records on which to build a vaccine credential.

There are several possible strategies to address this issue, along with some challenges to each:

Strategy Challenges
The preferred strategy is for the citizen to acquire a vaccine credential from the “home” jurisdiction (IIS or other government system) and present it digitally where required. This is the vision for interoperable digital vaccine credentials.
  • Not all jurisdictions produce vaccine credentials, and some even prohibit it.
  • Not all vaccine credentials are interoperable even when they claim to be following a common standard.
  • Some sites only accept a vaccine credential that is stored in a particular wallet or application.
Broaden interjurisdictional data exchange to include requests by citizens to send records between jurisdictions to satisfy this need on the back end (i.e., within  the IIS database). These requests could either be initiated from the sending IIS (“push”) or the receiving IIS (“pull,” or query). The vaccine credential could then be generated by the “other” IIS for the citizen.
  • IIS do not currently support these types of requests from citizens.
  • This is likely not a high priority for IIS given the demands of the pandemic (though priorities can always change).
  • The receiving IIS would need to have a pre-existing data exchange relationship with the sending IIS. While in process, these relationships have not been universally established.
  • It may be tempting for one jurisdiction to pre-populate another jurisdiction’s IIS with its data to support this purpose, but this may raise significant patient consent and other legal issues.
Rely on vaccine certificates from healthcare providers. While normally I advocate for reliance on IIS data whenever possible, in this case this might be an easier strategy since this need is often for the convenience of the individual than addressing a broader public health need. 
  • Electronic Health Records, or EHRs (especially those from smaller companies) may be slow to offer this functionality.
  • There are many digital wallets in use and this functionality will require strict adherence to standards to enable interoperability of digital vaccine credentials.

Previous posts on vaccine credential activities:

A Complicated Path Forward in the US (Part 1) – Potential Sources of Data (A discussion of the basic philosophy of the vaccine credentialing movement, including where data for use in a digital vaccine credential might come from in the US, IIS will likely be a major source of this data.)

A Complicated Path Forward in the US (Part 2) – Major Initiatives Underway (A review of the major vaccine credentialing initiatives that are currently underway worldwide, including VCI, CCI, the EU and WHO.)

A Complicated Path Forward in the US (Part 3) – Recommendations (Initial recommendations for how public health agencies in  the US – federal, state, and local – should approach vaccine credentialing. Additional federal leadership would certainly be useful.)

WHO Interim Guidance (Comments on the Interim Guidance released by WHO for member countries in March 2021. Their recommendations are particularly unsuited for the US)

It’s All About the Rules! (For vaccine credentialing to be effective the issue boils down to the rules that are going to be developed and adopted to make the SVC’s usable. Many of these rules currently don’t exist so we will start by analyzing some key factors.)

Vaccine Credential Activities: Redirecting the Conversation for Public Health Registries (In this article we issue more specific advice for public health agencies about vaccine credentialing to reduce confusion about what vaccine credentialing is and how it functions.)

Vaccine Credentials Do Not Replace Full Vaccination Histories (In this article we address the similarities and differences between vaccine credentials and traditional immunization histories and offer some opportunities for public health to maintain its role in data access.)

Towards a National COVID-19 Vaccine Credential Strategy in the US (In this post I will review the “facts on the ground” as I see them and offer a way forward for the US.)

 

HLN Consulting, LLC
9 Pemberly
Mission Viejo, CA 92692
  info@hln.com
858-538-2220
  Bluesky  
GSA
Home
About
Solutions
Clients
Blog
Careers
Contact Us
HLN Brochure 2025HLN Brochure
Download ICE BrochureICE Brochure
Knowledge & Resources
Newsletters
Contract Vehicles

Copyright © 2025
HLN Consulting, LLC

Privacy Policy Cookie Policy