Healthcare data is protected by a number of privacy laws and regulations in Canada. In addition to the federal laws, Canadian provinces maintain their own privacy laws. In the province of Ontario, Canada, the Personal Health Information Protection Act (PHIPA) establishes general principles for the collection, use, and disclosure of personal health information (PHI). The legislation outlines comprehensive information practices for handling PHI including security, retention, and access.
We have developed a whitepaper that describes how Google Cloud leverages state-of-the-art data privacy and security capabilities to store, process, maintain, and secure customer content. We explain these data protection features and how they align to many of the security and privacy practices organizations should consider when looking to comply with PHIPA.