DHS Fusion Centers: State and Local Intelligence Sharing

DHS fusion centers form the backbone of the United States' domestic intelligence-sharing architecture, connecting federal agencies with state, local, tribal, and territorial partners to identify and respond to threats before they materialize. This page covers how fusion centers are defined, how information flows through them, the operational scenarios they address, and the boundaries governing what activities they may and may not conduct. Understanding this network is essential to grasping the broader homeland security mission and how DHS extends federal capabilities to every layer of government.

Definition and scope

Fusion centers are state-owned and state-operated entities designated by their governors to serve as focal points for receiving, analyzing, gathering, and sharing threat-related information between federal, state, local, tribal, and territorial partners (DHS, Fusion Center Overview). The Department of Homeland Security and the Department of Justice jointly provide guidance, tools, training, and technical assistance to support the network.

As of the most recent DHS reporting, 80 designated fusion centers operate across all 50 states, the District of Columbia, Puerto Rico, Guam, and the U.S. Virgin Islands (DHS, National Network of Fusion Centers). Each center maintains a primary mission area — either all-hazards or a specific domain such as cyber threats or critical infrastructure — while the network as a whole functions as a distributed platform for joint threat analysis.

Fusion centers are distinct from federal intelligence facilities. They do not have independent law enforcement authority, and they do not replace existing federal entities such as the Office of Intelligence and Analysis or FBI field intelligence groups. Instead, they occupy a connective role: translating federal threat intelligence into locally actionable information and returning locally observed indicators back up to federal analysts.

How it works

The operational model of a fusion center rests on a bidirectional information flow governed by the Nationwide Suspicious Activity Reporting (SAR) Initiative and the Information Sharing Environment (ISE) established under the Intelligence Reform and Terrorism Prevention Act of 2004 (6 U.S.C. § 485).

A standard information cycle inside a fusion center proceeds through five steps:

  1. Collection — State and local law enforcement agencies, private sector partners, and federal liaisons submit raw threat indicators, suspicious activity reports, and open-source data to the center.
  2. Processing — Analysts deduplicate, format, and ingest submissions into shared systems such as the Homeland Security Information Network (HSIN) or Regional Information Sharing Systems (RISS).
  3. Analysis — Trained all-source analysts assess collected data against known threat patterns, federal intelligence products, and historical case files to produce finished intelligence products.
  4. Dissemination — Finished products — typically intelligence bulletins or threat assessments — are distributed to relevant state, local, and federal partners through secure channels, classified down to appropriate handling levels.
  5. Feedback — Recipient agencies report on the utility of products, enabling the center to refine future collection and analytical priorities.

Federal support to fusion centers is channeled primarily through the DHS State and Local Program Office. Embedded personnel — called Deployed Intelligence Officers when drawn from DHS — work alongside state analysts, providing direct access to federal classified holdings not otherwise available at the state level.

Common scenarios

Fusion centers address a range of operational situations that span the full threat spectrum covered by DHS counterterrorism programs and critical infrastructure protection.

Terrorism-related suspicious activity. When a local officer documents suspicious pre-operational surveillance of a bridge or power substation, the SAR is submitted to the fusion center, cross-referenced against federal watchlists, and — if elevated — forwarded to the FBI's Joint Terrorism Task Force.

Cyberthreat indicators from private sector. A regional utility reports anomalous network intrusion attempts to its state fusion center. Analysts correlate the signature against products from the Cybersecurity and Infrastructure Security Agency (CISA) and distribute a warning to peer utilities statewide within hours.

Natural disaster and emergency support. During a hurricane activation, fusion centers shift to an all-hazards posture, aggregating situational awareness from 911 centers, public works agencies, and FEMA field teams to give state emergency managers a common operating picture.

Human trafficking tip aggregation. Law enforcement tips related to trafficking networks are consolidated and analyzed to identify geographic patterns, supporting investigations coordinated with DHS's Blue Campaign and Homeland Security Investigations (HSI).

Decision boundaries

Fusion centers operate under significant legal and policy constraints that define the limits of permissible activity.

What fusion centers may do:
- Receive and analyze information voluntarily submitted by law enforcement and the public
- Produce and disseminate unclassified and classified threat products to authorized recipients
- Maintain liaison relationships with private sector critical infrastructure owners under existing authorities

What fusion centers may not do:
- Conduct independent intelligence collection targeting individuals based on First Amendment–protected activities (prohibited under 28 C.F.R. Part 23 and DHS privacy guidelines)
- Direct federal law enforcement operations or issue arrest warrants
- Retain SAR data on individuals who are not connected to criminal activity beyond the 5-year retention ceiling established by the ISE Privacy Guidelines (Office of the Director of National Intelligence, ISE Privacy Guidelines)

The distinction between a federally-supported intelligence function and a state-controlled entity matters for civil liberties oversight. The DHS Office for Civil Rights and Civil Liberties conducts annual reviews of fusion center compliance with privacy policies, and the DHS Privacy Office has published a Privacy Impact Assessment specific to the fusion center program. The DHS Oversight and Accountability framework extends to center activities funded through federal grants administered under DHS grants programs.

For a foundational overview of how DHS structures its intelligence mission and interagency partnerships, the DHS Authority site index provides a structured entry point to all component topic areas.

References

Read Next

DHS Mission Statement and Core Strategic Objectives This page examines the official mission language, the five core mission areas that structure DHS activities, how those... DHS Office of Intelligence and Analysis: Role and Functions Established under the Homeland Security Act of 2002 ( 6 U.S.C. DHS Role in Counterterrorism and Threat Prevention This page covers the department's statutory authorities, operational mechanics, the tensions embedded in its dual mandate of...