Is the BC E-Health Act the same as Alberta's Health Information Act?

No. Alberta HIA is a comprehensive provincial statute covering all custodians of health information in Alberta. The BC E-Health Act is much narrower — it governs only specifically-designated provincial Health Information Banks. BC private healthcare practices are governed by BC PIPA for their general health records, not by this statute.

Does the BC E-Health Act apply to my dental practice?

Generally no. A private dental practice in BC is governed by BC PIPA for personal information including health information. The E-Health Act applies to designated Health Information Banks (CareConnect, PharmaNet, etc.) — practices that interact with those HIBs do so under the rules the HIB designation Order specifies.

Has the BC E-Health Act been declared substantially similar to PIPEDA?

No. Unlike BC PIPA (which has been declared substantially similar to PIPEDA ), the BC E-Health Act has not received that designation. PIPEDA can still apply to federally-regulated health-related work in BC.

What is a Health Information Bank?

A database that the Minister of Health has designated as an HIB by Order in Council under section 3 of the Act. The designation Order specifies the HIB's purpose, which determines what collection, use, and disclosure is permitted. Currently-designated HIBs include CareConnect, PharmaNet, the Provincial Laboratory Information Solution, the Client Registry / Enterprise Master Patient Index, and the Provider Registry.

What is a disclosure directive?

A patient-driven instruction that limits whether and to whom personal health information from a HIB may be disclosed. The directive must be activated in the specific HIB to which it relates, in the manner the HIB's designation Order specifies.

Who enforces the BC E-Health Act?

The Office of the Information and Privacy Commissioner for British Columbia (OIPC) — the same body that enforces BC PIPA and FIPPA.

What is BC E-Health (Personal Health Information Access and Protection of Privacy) Act? Definition, components, and why it matters

Definition

The BC E-Health Act was enacted in 2008 (SBC 2008 c. 38) and brought into force on 10 April 2009. Unlike Alberta's Health Information Act, which is BC's closest provincial analogue, the BC statute governs only specifically-designated provincial Health Information Banks (HIBs) — not all health information held by all healthcare providers in the province.

A Health Information Bank is a database designated by Order in Council under the Act. The Minister of Health makes the designation, which must specify the purposes for which the information in that HIB may be collected, used, and disclosed. Examples of currently-designated HIBs include CareConnect, PharmaNet, the Provincial Laboratory Information Solution, the Client Registry / Enterprise Master Patient Index, and the Provider Registry.

For private healthcare practices in BC — independent dental, medical, naturopathic, chiropractic, optometric, pharmacy, and similar offices — the operative privacy law is BC PIPA, not this E-Health Act. For public bodies (health authorities, hospitals, the Ministry of Health), the operative law is the Freedom of Information and Protection of Privacy Act (FIPPA). The E-Health Act layers on top of FIPPA whenever those public bodies are working with personal health information from a designated HIB.

The Office of the Information and Privacy Commissioner for BC (OIPC) is the enforcement body for the E-Health Act, alongside its enforcement of PIPA and FIPPA.

Core components

Health Information Bank (HIB). A health database designated by Order in Council under the Act. Each designation specifies the HIB's permitted purposes (treatment, billing, public health, planning, research, etc.).
Data steward / data stewardship committee. Each HIB has a chief data steward and may have a data stewardship committee that authorises planning or research disclosures from the HIB.
Disclosure directive. A patient instruction attached to a HIB record limiting whether and to whom that information may be disclosed. Disclosure directives must be activated in the specific HIB to which they relate, on terms set by the designation Order.
Permitted purposes. Limited statutory list including identifying patients, providing or facilitating health services, identifying providers, chronic disease management, billing, and public health planning and research.
Data residency provisions. The Act and its regulations contain provisions addressing the storage of personal health information from HIBs, with strong preference for in-Canada data residency.
OIPC oversight. Investigations, audits, and complaints are handled by the Office of the Information and Privacy Commissioner for BC.
Interaction with FIPPA. The Act explicitly adapts FIPPA provisions for the health context — references to "public body" in incorporated FIPPA provisions are read as "health care body" for E-Health Act purposes.

Why it matters

The BC E-Health Act matters most directly to BC public-sector health bodies (health authorities, hospitals, the Ministry of Health) and to MSPs and SaaS vendors that interact with designated provincial HIBs. Most private BC healthcare practices do not have direct E-Health Act obligations — they sit under BC PIPA for their day-to-day records.

For MSPs serving BC health-authority clients or vendors plugged into CareConnect, PharmaNet, or any other designated HIB, E-Health Act compliance becomes a real procurement gate. Procurement teams ask about data residency, audit logging, disclosure-directive support in any system that touches HIB data, and the security-breach reporting expectations the OIPC has set.

For Calgary or US-based MSPs servicing BC healthcare clients, the data-residency posture is operationally important. The combination of E-Health Act preferences, FIPPA storage-outside-Canada notification rules, and BC PIPA cross-border considerations creates real procurement preference for Canadian-resident hosting.

How Lavawall® helps with BC E-Health (Personal Health Information Access and Protection of Privacy) Act

Lavawall® includes the BC E-Health Act in its unified BC health-information framework alongside BC PIPA and the FIPPA aspects relevant to BC public health bodies. MSPs serving BC health authorities, hospitals, or HIB-connected vendors get all three coverage areas in one set of evidence rather than three duplicated control sets.

Lavawall® is hosted in Canada (currently AWS Montreal, with migration to dedicated Calgary servers underway), so BC health information stored on Lavawall® itself satisfies the Canadian-residency expectation that runs through the E-Health Act, FIPPA, and BC PIPA. Native CAD billing eliminates the foreign-currency vendor relationship.

ThreeShield Information Security Corporation, the Calgary-based audit firm that built Lavawall®, supports BC clients on health-information security work, including the procurement-evidence requirements that flow from BC E-Health Act-connected systems. The control mapping reflects what BC OIPC investigations and procurement teams actually examine.

For BC MSPs serving healthcare, Lavawall® produces the safeguards evidence, breach-detection, audit logging, and data-residency documentation that BC health-information procurement teams expect in the post-2023 mandatory-breach-notification landscape.

Frequently asked

Is the BC E-Health Act the same as Alberta's Health Information Act?: No. Alberta HIA is a comprehensive provincial statute covering all custodians of health information in Alberta. The BC E-Health Act is much narrower — it governs only specifically-designated provincial Health Information Banks. BC private healthcare practices are governed by BC PIPA for their general health records, not by this statute.
Does the BC E-Health Act apply to my dental practice?: Generally no. A private dental practice in BC is governed by BC PIPA for personal information including health information. The E-Health Act applies to designated Health Information Banks (CareConnect, PharmaNet, etc.) — practices that interact with those HIBs do so under the rules the HIB designation Order specifies.
Has the BC E-Health Act been declared substantially similar to PIPEDA?: No. Unlike BC PIPA (which has been declared substantially similar to PIPEDA), the BC E-Health Act has not received that designation. PIPEDA can still apply to federally-regulated health-related work in BC.
What is a Health Information Bank?: A database that the Minister of Health has designated as an HIB by Order in Council under section 3 of the Act. The designation Order specifies the HIB's purpose, which determines what collection, use, and disclosure is permitted. Currently-designated HIBs include CareConnect, PharmaNet, the Provincial Laboratory Information Solution, the Client Registry / Enterprise Master Patient Index, and the Provider Registry.
What is a disclosure directive?: A patient-driven instruction that limits whether and to whom personal health information from a HIB may be disclosed. The directive must be activated in the specific HIB to which it relates, in the manner the HIB's designation Order specifies.
Who enforces the BC E-Health Act?: The Office of the Information and Privacy Commissioner for British Columbia (OIPC) — the same body that enforces BC PIPA and FIPPA.