California’s Data Exchange Framework (DxF) represents the state’s first comprehensive effort to unify health and social service data systems. It has the potential to transform how providers deliver care across the Golden State.
What Is the DxF?
At its core, the DxF is a legal, technical, and policy framework that supports the secure, real-time sharing of health and social services data across California.
Rather than calling for the creation of new technology or a centralized data repository, the framework establishes “rules of the road” that bring together healthcare systems, providers, and social services to foster coordinated, informed care for Californians.
A Coordinated Vision for Whole-Person Care
The DxF addresses a fundamental challenge in modern healthcare: information silos that prevent providers from accessing complete patient records.
The framework connects disparate systems across healthcare and social services. This connection enables providers to deliver coordinated care that addresses the physical, mental, and social support needs of patients.
The comprehensive approach should help providers understand a patient’s complete medical history in context.
Goals of the Framework
Eight key principles govern the DxF to benefit both providers and patients. They are:
- Advance health equity by addressing longstanding healthcare disparities by ensuring all Californians have access to coordinated care.
- Make data available to drive decisions and outcomes to improve population health outcomes.
- Support whole person care by breaking down barriers between health and social service providers.
- Promote individual data access giving patients greater control over their health information while reducing their burden to carry records between appointments.
- Reinforce individual health and social service information privacy and security ensuring robust protections for sensitive health and social services data.
- Establish clear and transparent terms and conditions that govern how data is collected, shared, and used.
- Adhere to data exchange standards through consistent technical standards to enable interoperability across different systems and organizations.
- Provide accountability by establishing mechanisms to ensure responsible data-sharing practices and compliance with framework requirements.
Key Components of the DxF
At the heart of the framework is the agreement that providers sign. The agreement lays out data-sharing requirements. The California Health and Human Services Agency also offers guidance for successful implementation.
Data Sharing Agreement
The Data Sharing Agreement (DSA) serves as the legal foundation of the DxF. This binding agreement covers critical areas, including privacy protections, governance structures, and data-sharing obligations.
All mandatory signatories must execute the DSA, creating a unified legal framework that governs the flow of health and social services information between organizations while maintaining strict privacy and security standards.
Data Sharing Requirements
The framework mandates three specific types of data exchange:
- Query-based exchange, providing real-time access to patient information upon request.
- Electronic referrals and orders enabling streamlined communication between providers for patient care coordination.
- Admission, discharge, and transfer (ADT) notifications to provide automatic alerts and keep providers informed about patient care events across providers.
These requirements focus on enabling two-way, real-time sharing that supports immediate clinical decision-making and care coordination.
Technical and Implementation Guidance
The framework supports established standards, including HL7 FHIR (encouraged but optional), and requires specific IHE exchange profiles. It also supports integration with existing nationwide networks, including eHealth Exchange, Carequality, and the federal Trusted Exchange Framework and Common Agreement (TEFCA).
Organizations can participate through qualified health information organizations (QHIOs) or by independently meeting technical requirements.
Compliance Timeline and Who’s Affected
DxF’s implementation timeline includes specific deadlines and participant requirements that vary based on organization type and size.
Milestone Dates to Know
Key compliance deadlines have already passed and continue into 2026.
- January 31, 2023: Mandatory signatories are required to sign the DSA.
- January 31, 2024: Most organizations are required to begin data exchange.
- January 31, 2026: Extended deadline for smaller organizations, including practices with fewer than 25 physicians, rural general acute care hospitals with under 100 beds, and others.
Entities That Must Participate
The DxF requires participation by a broad spectrum of healthcare and related organizations.
- General acute care hospitals
- Physician organizations and medical groups
- Skilled nursing facilities and psychiatric hospitals
- Health plans, including healthcare service plans, disability insurers, and Medi-Cal managed care plans
- Clinical laboratories regulated by the California Department of Public Health
Community-based organizations providing health and social services are encouraged to participate voluntarily.
Privacy, Security, and Patient Rights
The DxF framework prioritizes robust privacy and security protections, building upon existing California and federal law to foster patient trust in the system.
Security Requirements for Organizations
DxF participants must comply with security standards that align with existing regulations, including:
- HIPAA Security Rule as the minimum security standard.
- 42 CFR Part 2 requirements for organizations handling substance use disorder information.
- California Confidentiality of Medical Information Act (CMIA) protections.
- Encryption requirements for data in transit and at rest.
- Audit logging to track data access and sharing activities.
- Use authentication measures and permission settings to ensure patient data is accessible only to those with proper authorization.
Patient Access and Control
Patients maintain strong legal rights under the DxF that reinforce existing mandates, including the right to:
- Access their own health and social services information.
- Request restrictions on how their information is used and disclosed.
- Consent to data release.
- Opt out of consent for data sharing.
The framework does not supersede existing patient privacy rights or create new disclosure requirements beyond what is already permitted under applicable law.
The Broader Impact of DxF
The DxF represents more than just improved data sharing. It represents a fundamental shift in California’s healthcare ecosystem, designed to reduce inefficiencies and improve care across providers, systems, and populations.
Benefits for Providers and Patients
DxF implementation seeks to create tangible improvements in daily healthcare operations, including through:
- Elimination of duplicate testing through access to complete patient records and recent test results.
- Faster, more accurate diagnoses based on comprehensive patient histories.
- Improved care coordination between specialists, primary care providers, and social services.
- Reduced administrative burden as patients no longer need to carry paper records between appointments.
- Enhanced emergency care through immediate access to critical patient information.
What Providers Should Do Next
As enforcement continues to expand, healthcare organizations must take proactive steps toward DxF integration. Early action positions organizations to thrive in California’s increasingly connected healthcare environment.
Assess Current Readiness
To begin, start with a comprehensive audit of your current data-sharing capabilities and compliance status. Take the following steps:
- Review existing health information exchange partnerships and technical capabilities.
- Evaluate current privacy and security policies against DxF requirements.
- Assess staff training needs for new data-sharing workflows.
- Identify gaps between current systems and DxF technical requirements.
Leverage Available Resources
California has invested significantly in supporting the implementation of DxF through various assistance programs. These include:
- Technical assistance grants to help organizations identify and implement DxF-compliant solutions.
- QHIO onboarding grants to support connections with qualified health information organizations.
- Educational initiatives providing industry-specific guidance and support.
- Implementation toolkit and training materials available through the California Health and Human Services Agency.
Building a More Connected Future for Care
The DxF presents both an urgent compliance requirement and a transformational opportunity for California’s healthcare sector. As enforcement ramps up and participation expands, organizations that embrace the framework now will be best positioned to deliver on the promise of integrated healthcare well into the future.
Learn how Xantrion can support your organization’s DxF compliance program with healthcare-tailored IT consulting.
