Data Resources
Resources that help consumers navigate, use, and interpret HCAI and other related healthcare data.
How is HCAI data used?
The California Department of Health Care Access and Information (HCAI) collects and manages data from approximately 9,500 California licensed healthcare facilities and other healthcare entities. HCAI also produces a variety of data tools to make data useful and meaningful to improve quality of patient care in California.
HCAI produces datasets and data products from a variety of sources: Patient Discharge Data (PDD), Emergency Department Data (EDD), Ambulatory Surgery Center (ASC) data, financial and utilization data, as well as facility construction and healthcare workforce data.
What we want to achieve with our data and products
- Know our customers and understand their needs.
- Turn data into information and meaningful insight to inform patient care and quality improvement.
- Support informed decisions that advance safe and quality healthcare environments.
- Reduce challenges that occur in the collection and use of data.
- Help organizations receive data more efficiently.
- Provide data tools to enhance the work organizations are already trying to achieve.
What data is submitted?
HCAI collects and manages data from approximately 8,000 California licensed healthcare facilities and other health care entities, and maintain several healthcare data reporting programs.
What data can be requested?
HCAI receives data requests from colleges and universities, state and federal government agencies, media, healthcare entities, private companies, and non-profit organizations. Customized data can be requested that may not be available on the HCAI website.
How is HCAI data protected?
HCAI has collected, managed, and successfully protected sensitive and confidential health data for decades. HCAI ensures that the security, privacy, and confidentiality of consumers’ individually identifiable health information is protected in a manner consistent with state and federal privacy laws. All Californian’s are afforded a constitutional right to privacy and the state has long led the nation in developing robust privacy and security standards to protect personal information, particularly when it comes to information regarding individual health status. Consistent with this philosophy and history, a core principle is that protected sensitive and confidential health data managed by HCAI is used to learn and provide information about healthcare systems and populations at large, not individual patients. Only authorized individuals have access to these data.
The technology systems used to manage and store protected, sensitive, and confidential health data are administered with strict security and privacy procedures and controls, which include: regular mandatory role-based security and privacy training for all employees and contractors; encryption of data while in transit and at rest; strictly enforced least privileged access controls; rigorous back-up and recovery of data; and logging of all actions performed at the administrative, database, and application levels. These procedures and controls are overseen by HCAI’s Chief Information Security Officer and Chief Privacy Officer and comply with industry, state and federal standards. Security and privacy policies are reviewed annually and overseen by security governance that includes executive management and subject matter experts.
Release of protected, sensitive health data is tightly controlled by regulation and policy. Requestors seeking data from HCAI must first be approved and then follow strictly governed application processes, which include signing a Data Use Agreement (DUA). The HCAI DUA describes appropriate safeguards through “Required Practices for Safeguarding Access to Confidential Data.” Guidance is also included regarding security incident and data breach management and reporting; how to handle Business Associate Agreements; data record retention periods; and data destruction requirements. The HCAI DUA further explains appropriate Requestor data usage and aggregate reporting requirements for HCAI data, which comply with the CalHHS Data De-Identification Guidelines. The agreement also ensures that the Requestor and their Contractors are compliant with HCAI standards and requirements as outlined in the DUA. Failure of the Requestor to comply with all terms of the HCAI DUA can result in termination of the agreement and may subject the Requestor to legal action by the State. Separately, state entities are subject to a similar process memorialized in the California Health and Human Services Interagency Data Exchange Agreement.
Finding HCAI Data
You can navigate the HCAI website to find data in several ways:
- Featured: Highlighted release of interactive reports and visualizations
- Topics: Browse products by topic
- A-Z Content: Alphabetical list of products
- Facility Finder: Interactive map to find a data profile of each healthcare facility
- Open Data: A list of all the underlying HCAI data in open formats
Visualizing Data
HCAI produces visualizations and other data-based products. These products provide context to make data more useful for others. An example using actual data:

A-Z Content
This page includes a searchable table of featured visualizations and other curated content by Product Name and Category. For a list of all available datasets, please visit the open data webpage.
Open Data
HCAI collects and manages data from dozens of health plans, thousands of health facilities and prescription drug manufacturers, and tens-of-thousands of healthcare workforce practitioners and produces a variety of tools to make the data useful and meaningful. This page includes a list of all available datasets. This page includes a list of all available datasets. For a list of featured visualizations and other curated content, please visit the A-Z Content Page.
Data Analytics Public Reporting Plan
HCAI publishes a list of the analytics products plans to publish by measure, topic area, and the quarter which HCAI is project product release.