Questions loom as California braces for statewide exchange of health information

Modern health care embraces advances in artificial intelligence, telehealth modalities of care, and “smart” consumer health technology and apps. Within this growing digitized environment, the need for rapid, robust, and reliable exchange of electronic health information is more compelling than ever. Nevertheless, across the health care delivery system, information silos that rely on uncoordinated and inefficient systems for exchanging information persist.

The California Data Exchange Framework (DxF) aims to break down these silos. Established with the passage of Assembly Bill 133 in 2021 and codified in Health and Safety Code Section 130290, DxF is a “collection of organizations that are required to share health information using national standards and a common set of policies in order to improve the health outcomes of the individuals they serve.” To this end, DxF is technology-agnostic and is “not intended to be an information technology system or single repository of data[.]”

DxF is premised on a common data sharing agreement (DSA) that governs how DxF participants will exchange health information. On Jan. 31, 2024, the DSA’s terms will take effect. Across California, stakeholders ponder the full legal and practical implications of the DSA and their participation in DxF.

Key DxF developments in 2023

The effective date of the DSA follows more than a year of efforts to prepare DxF for launch by the California Health and Human Services Agency (CalHHS), the agency charged with administrative oversight of DxF. These efforts have included the development of the DSA’s terms, consultation with a stakeholder advisory group, and the deployment of an electronic portal for signing the DSA.

Jan. 31, 2023 marked the deadline by which hospitals, medical groups, and certain other entities were statutorily required to sign the DSA. Despite the legal mandate, however, only a fraction of required participants complied with the signature deadline. Many organizations opted not to sign out of hesitation to agree to policies and policies incorporated into the DSA that CalHHS had not yet released. Some organizations also deemed the liability risks to be low, given that CalHHS lacks express statutory authority to impose sanctions on a party for not signing the DSA.

To get buy-in for the DSA and DxF’s objectives, CalHHS has administered $47 million in grants to fund DSA signatories’ implementation efforts, including the costs of onboarding with one of the qualified health information organizations that will facilitate information exchange between DxF participants. The agency awarded another $3 million to eight industry associations that conducted initiatives in 2023 to educate their respective constituent members about their obligations under the DSA. Meanwhile, CalHHS has promulgated new or revised policies and procedures that provide a more tangible understanding of how DxF will function. Among other topics, the 12 policies and procedures that CalHHS finalized to date include the data elements exchanged through DxF, the meaning of exchanging information in “real time,” and participants’ breach notification responsibilities.

These developments may have prompted some initial holdouts to sign the DSA. As 2023 came to an end, CalHHS reported that 2,706 entities or facilities are now covered by the DSA – more than double the number the agency reported the day after the Jan. 31, 2023 signature deadline.

What lies ahead?

Beginning Jan. 31, 2024, all entities that were required to sign the DSA by Jan. 31, 2023 must exchange or provide access to health information to and from other entities subject to the Jan. 31, 2023 signature requirement. Such exchange must occur in “real time”; must be for purposes of “treatment,” “payment,” or “health care operations” (terms that derive their original meaning from the federal Health Insurance Portability and Accountability Act’s Privacy Rule); and must otherwise comply with CalHHS policies and procedures. Organizations meeting certain size or specialty criteria, such as physician practices of fewer than 25 physicians, have an additional two years to comply with these requirements.

The staggered timeline between the DSA signature and effective dates is a testament to the time and effort required of many organizations to prepare for DxF participation. Steps that DSA signatories should consider taking as they prepare include:

● Determining whether the signatory must comply with the DSA by Jan. 31, 2024 or whether the signatory is eligible for an extension to Jan. 31, 2026;

● Familiarizing key organizational stakeholders with the terms of the DSA and its incorporated policies and procedures, including DxF policies that explain the scope of the mandate to exchange information and the permitted, required, and prohibited purposes of information exchange;

● Identifying the information that the signatory has to exchange, including the specific data elements that comprise exchangeable information;

● Reviewing and making appropriate updates to technology systems, workflows, and internal policies and procedures to meet DSA requirements; and

● Reviewing other arrangements in which the signatory participates in a health information network or health information exchange framework and considering how to leverage those arrangements to satisfy its obligations as a DxF participant.

Questions and challenges are bound to arise along the way. Many organizations understandably wonder what legal risks they face for noncompliance with the terms of the DSA or applicable DxF policies and procedures – or for still declining to sign the DSA after the Jan. 31, 2024 effective date. As with other legal, operational, and technical questions regarding DxF participation, the answers are presently unclear but may come to light as CalHHS develops new policies and procedures in 2024 and beyond. Amid these uncertainties, stakeholders should stay in close consultation with legal counsel and interdisciplinary teams of compliance, information technology, and clinical operations specialists who can navigate the multifaceted issues that DxF participation entails.