State Policy Update 

AB 133: Health Omnibus Trailer Bill 

On July 27, Governor Gavin Newsom signed AB 133, the Health Omnibus Trailer Bill, to implement and add policy detail to SB 129, the Budget Act of 2021. The bill affects many aspects of health policy in California, from Medi-Cal coverage expansion to telehealth, but also includes several provisions affecting health information exchange in California. 

Health Information Exchange Provisions in AB 133 

• Data Sharing Mandate: Requires all “specified entities” to “exchange health information or provide access to health information to and from” other specified entities in real-time, as defined in the bill, by January 31, 2024 

• Specified entities: include general acute care hospitals; physician organizations and medical groups; skilled nursing facilities; health care service plans, disability insurers Medi-Cal Managed Care Plans; clinical laboratories; and acute psychiatric hospitals 
• Exceptions: Certain health care providers¹, including physician practices of fewer than 25 physicians, do not need to meet the data sharing mandate until January 31, 2026 

• Health information: 

• For hospitals, clinics and physician practices, this includes at a minimum the USCDI v.1 until October 6, 2022, which includes data such as immunizations, allergies, medications and clinical notes; thereafter, it will include all “electronic health information” (EHI), as defined in the ONC final rule, which includes “designated record sets” as defined in the HIPAA regulations. 
• For health insurers and health care service plans, this includes at a minimum, the data required to be shared under the CMS Interoperability and Patient Access final rule, which would include claims and encounter information as required under the Patient Access API portion of that rule. 

• Data Exchange Framework: Requires the California Health and Human Services Agency (CHHS) to develop the CHHS Data Exchange Framework on or before July 1, 2022. The Data Exchange Framework must include a single data sharing agreement and common policies and procedures “that will leverage and advance national standards for information exchange and data content, and that will govern and require the exchange of health 

nformation among health care entities and government agencies in California” 

• Stakeholder Advisory Group: Requires CHHS by September 1, 2021 to convene an advisory group “to advise on the development and implementation of the California Health and Human Services Data Exchange Framework.” Members of the advisory group must include certain enumerated stakeholder types², and all meetings will be public. CHHS will deliver an update, including recommendations, from the advisory group by April 1, 2022. 

• POLST eRegistry: Requires the Emergency Medical Services Authority (EMSA) to establish a statewide electronic Physician Orders for Life Sustaining Treatment (POLST) registry within the California EMS Data Resource System (CEDRS) 

Analysis of AB 133 

The data sharing components of AB 133 are a step toward establishing a statewide HIE network in California. The law does not establish a single repository or health information system but rather requires specified entities to share information. This data must be shared in real-time which most likely means that organizations cannot meet the data sharing requirement merely through participation in a national network. It also means that CHHS and its advisory group will need to develop recommendations on how data will be shared in real-time. 

Missing from the bill are the sticks and carrots that should be used to ensure entities share information, with no clear rules for enforcement and incentives for smaller practices to acquire the resources necessary to devote to health information exchange. More details are also needed on whether and how EMSA and health information exchanges will be able to integrate the POLST eRegistry into existing health information exchange infrastructure, and any future infrastructure that might be developed as a consequence of the CHHS Data Exchange Framework. 

Lastly, the bill is largely silent on the specific standards organizations must use for health data sharing to meet the mandate. The reference to the classes and elements of the USCDI v.1 from the ONC Information Blocking final rule does not contain a requirement to use the FHIR v.2 standard. Similarly, the CMS Interoperability and Patient Access final rule referenced in the bill is mostly silent on standards required for data sharing, especially in key areas such as the Patient Access API, ADT notification and payer-to-payer exchange provisions that are most germane to real-time data sharing for health plans in California. 

² These include the Department of Health Care Services; Department of Social Services; Department of Managed Health Care; Department of Health Care Access and Information; Department of Public Health; Department of Insurance; CalPERS; Covered California; health care service plans and health insurers; physicians, including those with small practices; hospitals, including public, private, rural and critical access hospitals; clinics, long-term care facilities, behavioral health facilities, or substance use facilities; consumers; organized labor; privacy and security professionals; health information technology professionals; community health information organizations; county health, social services, and public health; and community-based organizations providing social services.