FAQs Archive - Page 3 of 10 - California Data Exchange Framework

QHIOs are not required by CDII to guarantee Participants that use a QHIO are compliant with the DxF. QHIOs may not have insight into a Participant’s internal policies and standard operating practices which could have an impact on the Participant’s compliance with the DSA and its P&Ps. Participants must assess their own processes to ensure that they remain compliant. QHIOs may choose, but are not required by CDII, to offer services to assist or advise Participants in assessing their compliance with the DSA.

View full FAQ →

No, use of a QHIO does not guarantee compliance with DSA or its P&P requirements. QHIOs offer access to critical services compliant with DxF technical standards requirements and have established critical connectivity that may help Participants comply with their obligations to provide access to or exchange of HSSI. It remains the responsibility of each Participant to ensure that they comply with requirements of the DSA and its P&Ps beyond the technical standards by reviewing and complying with P&Ps including but not limited to:

The Permitted, Required, and Prohibited Purposes P&P for the purposes for which the Participant may and must share HSSI,
The Privacy Standards and Security Safeguards P&P for information on privacy and security standards the Participant’s systems must meet,
The Data Elements to Be Exchanged P&P for information on data elements the Participant must make available,
The Technical Requirements for Exchange P&P for the types of exchange a Participant must enable, and
The Real-Time Exchange P&P for information on the requirements for timely information sharing

View full FAQ →

Yes, QHIOs may require Participants to sign additional agreements or contracts that specify the terms of the services they offer. In some cases, QHIOs may be acting as a business associate to a Participant as defined under HIPAA requiring the parties to execute a business associate agreement. Agreements that a Participant might be asked to execute by a QHIO include a participation agreement, a data sharing agreement distinct from the DxF DSA, and/or business associate agreement.

View full FAQ →

Yes, QHIOs may charge for the services they provide to Participants. CDII recommends that Participants refer to the P&Ps, including the Permitted, Required, and Prohibited Purposes P&P and the proposed Fees P&P, both of which can be found on the CDII DxF webpage, for more information on when Intermediaries, including QHIOs, may charge fees and restrictions on the fees they may charge. Please reach out to the QHIO(s) in which your organization is interested to learn more about the pricing of their services.

View full FAQ →

No, QHIOs are not required by CDII or the QHIO Program to enter into contracts and serve every Participant that requests their services. Some QHIOs may not be able to meet the specialized needs of some Participants or the technologies they have chosen; may not be prepared to serve all Participant types; may not offer all of the services requested by a Participant; or may not have the capacity to take on new Participants at the time of a Participant’s inquiry. Please reach out to the QHIO(s) in which your organization is interested for more information on whether they are able to provide services to your organization.

View full FAQ →

38. Can a Participant require that a QHIO guarantee the Participant will be in compliance with the DxF if the Participant becomes a client of that QHIO? [12/11/2023]

37. Does contracting for services with a QHIO guarantee that a Participant has met its requirements under the DSA and its P&Ps? [12/11/2023]

36. May a QHIO require a Participant to sign agreements in addition to the DSA? [12/11/2023]

35. Can QHIOs charge for the services that they provide to Participants? [12/11/2023]

34. Are QHIOs required to serve any Participant that requests their services? [12/11/2023]

Stay Informed