Official website of the State of California
Official website of the State of California
Required signatories under HSC section 130290(f) must sign the Data Sharing Agreement (DSA) whether or not they have an EHR. Participants should review the DSA and its Policies and Procedures, found under the Policies and Procedures section of the CDII DxF Website, to determine what health and social services information (HSSI) they are required to share. A Participant may use any system or solution to share the HSSI which they maintain, so long as they are able to comply with the requirements of the DSA and its Policies and Procedures.
We continue to work with stakeholders through an open and transparent process to describe additional policies and procedures that Participants must follow as they implement the DxF. Please review the Data Elements to Be Exchanged P&P for a description of the data that Participants are required to exchange under the DxF, and the draft Real Time P&P and the draft Technical Requirements for Exchange P&P, for more about the requirements that Participants must meet. Ultimately, it is a Participant’s choice how to best operationalize the requirements of the DxF as part of its own implementation plan and in compliance with the DSA and P&Ps.
The Data Exchange Framework is not a technology, but instead rules of the road for how organizations will provide access to and exchange health and social services information. Participants in the DxF are free to choose any health information exchange network, health information organization, or technology to exchange health and social services information that adheres to the requirements of the Data Sharing Agreement and its accompanying Policies and Procedures. CDII anticipates that many Participants will choose to use a nationwide network or framework or one of California’s several Health Information Organizations (HIOs) to meet some or all of their obligations to exchange data.
The Data Exchange Framework is not a technology, but instead rules of the road for how organizations will provide access to and exchange health and social services information. Health and social services information will not reside on any state DxF system. The Permitted, Required and Prohibited Purposes P&P describes the purposes for which DxF Participants are required or permitted to exchange health and social services information under the DSA with other Participants. The Privacy and Security Safeguards P&P describes the minimum privacy and security safeguards required by the DxF for Participants to implement.
The DSA does not require your organization to share protected health information with non-covered Entities, such as a social services organization. The DSA permits sharing between a Covered Entity and non-Covered Entity when you have a valid authorization from the patient or patient’s representative or the disclosure is otherwise permitted or required by applicable law. (See DSA, Section 6(a); Privacy and Security Safeguards P&P). For more information on how Covered Entities can share protected health information with non-Covered Entities, please see the State Health Information Guidance (SHIG), particularly SHIG Vol. 1.1: Sharing Behavioral Health Information in California, especially Scenario 4, and the scenarios in SHIG Vol. 2.0: Sharing Health Information to Address Food and Nutrition Insecurity in California.
Yes. Solo practices are required to sign the DSA but are not required to implement the DSA until January 31, 2026. Any physician organization or medical group with one or more physicians is required to sign the DSA.