National health information system is accelerating its integration， hospital information systems (HIS) are stepping from a closed period into an open era. Security issues are increasingly pop out. The paper introduces the aim, the basis, the principle and the level protection concept in the partition of security domain, concretely discussed the design of security domain when information exchanged happened between HIS and center for disease control and prevention (CDC), meanwhile emphasized the significance of the security management.