Norwegian Institute of Public Health launching DHIS2-based municipal health dashboards

The Norwegian Institute of Public Health (NIPH) is officially launching a new DHIS2-based municipal health dashboard system in the first week of September, after a rapidly developing and piloting over the course of just nine months. The new system enables municipal chief medical officers across the country to securely access timely and relevant public health data from national registers. This project, part of the NIPH KoSy initiative, marks a significant step forward in making critical health data available at the local level—while navigating Norway’s stringent data privacy and infrastructure constraints.

From concept to production in record time

The NIPH faced a long-standing challenge: how to securely and efficiently share sensitive national health data with local chief medical officers (CMOs) across Norway’s 357 municipalities. Municipalities needed timely, detailed health information to manage local public health risks, but strict data protection rules and infrastructure limitations had made this difficult. The solution came in the form of a DHIS2-based dashboard system that progressed from idea to a barebones solution in six months, and to a working pilot in nine months—a timeline that surprised many inside and outside the organization.

“People were saying, ‘How can you do this in six months? This is supposed to take three years,’” said Gutorm Thomas Høgåsen, PhD, a senior advisor at NIPH’s Department of Strategy and Portfolio, during his presentation about KoSy at the DHIS2 2025 Annual Conference.

With a small, focused team of just one to three data engineers, NIPH developed a system that was piloted in 40 municipalities before the official September launch. Each participating municipality gained secure access to curated health indicators drawn from Norway’s national health registers—something that was previously out of reach for most local health officers.

Meeting the unique data needs of local health officials

Norway’s municipalities vary widely in size and population, with the smallest boasting just 215 residents. Each municipality has at least one chief medical officer responsible for safeguarding public health within their community. These responsibilities range from monitoring infectious diseases to managing vaccination campaigns and responding to emerging health threats.

However, delivering relevant and timely data at the municipal level has historically been difficult. National statistics were often too generalized to inform local decision-making. For smaller municipalities, privacy concerns meant that even aggregated data could risk identifying individuals. Høgåsen explained that some diseases are so rare and certain municipalities are so small, that even ‘anonymous’ statistics effectively become personal data under the law.

This combination of legal, ethical, and technical barriers left many CMOs unable to access the information they needed for effective public health management. Routine data requests often involved time-consuming manual processes, causing delays at precisely the moments when fast action was required.

Overcoming infrastructure and security challenges

One of the most significant hurdles the NIPH team faced was integrating DHIS2 into Norway’s tightly regulated IT environment. Because NIPH outsources its IT operations, any new system needed to meet extremely high standards for data security and infrastructure compatibility.

“When I first proposed using DHIS2, the immediate response was, ‘There’s no way we can put this in our infrastructure,’” Høgåsen recalled. This skepticism was understandable, given NIPH’s history of rigorous data protection practices and its concern for maintaining public trust.

To overcome this, the NIPH team designed a secure system architecture that would allow DHIS2 to run within NIPH’s environment without violating security protocols. At the heart of this solution is a central login portal that acts as a secure gateway between external users and the DHIS2 instance. Users authenticate via Norway’s national electronic ID system, ensuring that only authorized personnel can access the data.

This setup isolates the DHIS2 instance from direct internet exposure, adding another layer of protection. The system also integrates with Norway’s national access portal and Altinn—the country’s platform for digital communication and signature tracking between government agencies and individuals—ensuring compliance with both legal and organizational requirements for secure access and auditability.

Building on existing strengths with DHIS2

Norway’s long-standing investment in national health registers provided a solid foundation for the project. These registers include the vaccination register, infectious disease surveillance, lab-confirmed test results, and control and payment of reimbursements to health service providers (KUHR), among others. Together, they represent decades of high-quality, population-level health data.

Despite this wealth of information, local health officials had limited access to timely, actionable insights. The KoSy project aimed to close this gap by developing a secure data ingestion framework that could extract selected indicators from national registers and present them through DHIS2 dashboards tailored for each municipality.

Choosing DHIS2 as the technical foundation was a strategic decision. As an open-source platform, DHIS2 offered the flexibility and control that NIPH required. The team could configure, deploy, and maintain the system entirely in-house, free from vendor lock-in or costly licensing fees. This ensured not only cost-effectiveness but also digital sovereignty—an important factor for NIPH’s long-term technology strategy.

“We are absolutely dependent on cohabitating with existing infrastructure, and that was surprisingly easy with DHIS2,” Høgåsen noted.

From pilot rollout to national scale

The initial rollout focused on 40 pilot municipalities. The dashboards were intentionally designed to be clear, lightweight, and user-friendly, making it easier for busy CMOs to access and interpret the data they needed. Feedback from these early users played a critical role in refining the system’s usability and identifying priority areas for improvement, including enhancing visualizations and providing more intuitive dashboard layouts.

As NIPH now scales the system to cover all 357 municipalities across Norway, work is also underway to increase the frequency of data updates from the national registers and to integrate additional data sources relevant to municipal health management.

In parallel, NIPH is preparing training materials and user support resources to help municipal health officers make the most of the new system in their day-to-day work.

Lessons learned and next steps

Reflecting on the project, Høgåsen highlighted several key takeaways. Starting with a proven, open-source platform like DHIS2 enabled the team to move quickly, but substantial effort was still needed to adapt the system to Norway’s strict legal, technical, and organizational requirements.

Building privacy, access control, and auditability into the system from day one was essential. Close engagement with end users throughout development ensured that the dashboards addressed real-world needs and fostered trust among stakeholders.

By leveraging DHIS2 and Norway’s existing digital infrastructure, NIPH has delivered a secure, scalable, and user-centered solution for municipal public health monitoring. As the system continues to evolve, the KoSy DHIS2 dashboards are positioned to become an essential tool for supporting data-driven decision-making at the local level throughout Norway.

Watch the recording of Høgåsen’s presentation at the DHIS2 2025 Annual Conference: