Digital Record-Keeping for Canadian Therapists: Provincial Retention Laws, Canadian Cloud Storage & Switching EHRs

If you run a therapy practice in Canada, your clinical records are one of your most significant legal and ethical responsibilities. Unlike the United States, where HIPAA provides a single federal baseline, Canada's record-keeping obligations flow from provincial health-information and professional-regulation statutes like PIPEDA and PHIPA. The rules differ depending on where you practise, what profession you belong to, and whether your clients were minors at the time of treatment.

This guide walks through the retention timelines province by province, explains your data-residency obligations, surveys Canadian-hosted cloud storage options that meet those obligations, and provides a step-by-step playbook for migrating between EHR systems or winding down a practice.

Provincial Record Retention: Know Your Timeline

There is no single "Canadian" retention period. The number of years you must keep clinical records depends on your province's health-information legislation, your regulatory college's standards of practice, and whether the client was a minor. When the college standard is stricter than the statute, you follow the college.

Ontario

Under the Personal Health Information Protection Act (PHIPA), health information custodians must retain records for 10 years from the date of the last entry, or 10 years after the client reaches age 18 if the client was a minor. The College of Registered Psychotherapists of Ontario (CRPO) aligns with this 10-year standard. If you hold records for clients who were 8 years old at their last session, you could be looking at a 20-year obligation.

British Columbia

BC's Personal Information Protection Act (PIPA) does not prescribe a fixed retention period for health records, but the BC College of Social Workers and the BC Association of Clinical Counsellors both recommend a minimum of 7 years after the last service date, or 7 years after a minor client turns 19 (the age of majority in BC). In practice, many BC therapists default to 7 years as the floor.

Alberta

The Health Information Act (HIA) requires custodians to retain records for 10 years after the last date of service. The College of Alberta Psychologists mirrors this 10-year minimum. For minor clients, the clock starts when the client reaches 18.

Other Provinces

• Saskatchewan: The Health Information Protection Act (HIPA) mandates 6 years minimum after the last service, though colleges often recommend 10.
• Manitoba: The Personal Health Information Act (PHIA) requires records be kept for a minimum of 10 years, or until a minor turns 18 plus an additional retention period.
• Quebec: The Act Respecting the Protection of Personal Information in the Private Sector applies, and the Ordre des psychologues du Quebec generally requires 5 years minimum after the last service, though many practitioners retain for 7-10 years as a precaution.
• Atlantic Provinces (NB, NS, PEI, NL): Retention requirements typically range from 7 to 10 years depending on the specific regulatory college. Always check with your provincial college for the current standard.

When in doubt, keep records longer rather than shorter. Destroying records prematurely exposes you to regulatory complaints and malpractice liability. A data breach during the retention period also triggers mandatory breach notification obligations. The cost of an extra few years of encrypted cloud storage is trivial compared to a college investigation.

Data Residency: Where Must Your Data Live?

Provincial privacy legislation in Canada does not universally prohibit storing health data outside the country, but the practical and legal landscape strongly favours keeping it on Canadian soil.

Ontario's PHIPA does not explicitly require data to reside in Canada, but it does require that personal health information receive equivalent privacy protection wherever it is stored. Given that U.S. laws like the PATRIOT Act and CLOUD Act can compel American companies to hand over data stored on their servers regardless of location, many Ontario privacy experts and colleges advise keeping data in Canada to avoid these jurisdictional risks.

BC's FIPPA (which applies to public bodies, including some health authorities) explicitly requires that personal information be stored and accessed only within Canada. While PIPA (the private-sector statute) is less restrictive, BC therapists working within public health settings or receiving public funding may be bound by FIPPA's stricter rules.

Nova Scotia's PHIA requires that personal health information not be stored outside Canada without the individual's consent. Alberta's HIA similarly restricts cross-border transfers unless safeguards are in place.

The safest approach for any Canadian therapist: store your clinical data in Canadian data centres, use Canadian-hosted backup solutions, and confirm that your EHR vendor's servers are located in Canada.

Canadian-Hosted Cloud Storage Options

You do not need to run your own servers to keep data in Canada. Several major cloud providers operate data centres on Canadian soil, and a growing number of Canadian-owned providers cater specifically to organizations with data-residency requirements.

Major Cloud Providers with Canadian Regions

• AWS ca-central-1 (Montreal): Amazon Web Services' Canadian region runs out of data centres in the Montreal area. When you or your EHR vendor select ca-central-1 as the deployment region, your data stays within Canada. AWS also offers a Canada West region (Calgary) for additional redundancy.
• Microsoft Azure Canada Central (Toronto) & Canada East (Quebec City): Azure's two Canadian regions provide geo-redundant storage within Canada. If your EHR or backup solution runs on Azure, confirm the deployment region is set to one of these.
• Google Cloud northamerica-northeast1 (Montreal) & northamerica-northeast2 (Toronto): Google's two Canadian regions allow you to keep data within the country while leveraging Google's infrastructure.

Canadian-Owned Cloud Providers

• OVHcloud Montreal: A French-Canadian data centre provider with facilities in Beauharnois, Quebec. Popular with Canadian organizations that want a non-American cloud provider. Competitive pricing for object storage and virtual machines.
• HostPapa (Burlington, ON): A Canadian-owned hosting company with data centres in Canada, offering cloud hosting suitable for small practice websites and backup storage.
• Cloud-A / CIRA Canadian Shield: Purpose-built Canadian cloud infrastructure. CIRA (the Canadian Internet Registration Authority) offers DNS-level security services and partners with Canadian hosting providers.

What to Ask Your EHR Vendor

When evaluating any EHR system (Jane App, OWL, or other Canadian platforms), ask these questions before signing:

1. Where are your production servers physically located? (City and data centre operator)
2. Where are backups stored? (Some vendors store primary data in Canada but replicate backups to U.S. regions)
3. Do you use subprocessors that store or access data outside Canada?
4. Can you provide a written data-residency commitment confirming Canadian storage?
5. What encryption is applied at rest and in transit?

Safely Migrating Between EHR Systems

Switching EHR platforms is one of the most anxiety-inducing transitions a practice can face. Client data is sensitive, formats vary between vendors, and a botched migration can leave you unable to access historical records. Here is a structured approach.

Step 1: Inventory and Export

Before you do anything else, generate a complete export from your current system. Most Canadian EHR platforms support exports in one or more of these formats:

• CSV/Excel: Client demographics, appointment history, billing records. Universally importable but lacks clinical note formatting.
• PDF per client: A full clinical record including notes, treatment plans, and intake forms. Ideal for archival but not easily importable into a new system.
• XML/JSON: Structured data that preserves field relationships. Less common but the most migration-friendly format when available.
• HL7/FHIR: Standardized health-data formats. Rare in private-practice EHRs but increasingly supported by larger platforms.

Export everything. Even if you do not plan to import all historical data into the new system, you need a complete archive to satisfy retention obligations.

Step 2: Data Mapping

Create a field-by-field mapping document that shows how each data element in the old system corresponds to fields in the new system. Pay special attention to:

• Client identifiers: How are clients uniquely identified? Email, name + DOB, internal ID?
• Session types and categories: Does the new system use the same taxonomy? "Individual Therapy" in one system might be "Individual Counselling" in another.
• Custom fields: Any custom intake fields, assessment scores, or practice-specific data elements need manual mapping or may need to be imported as notes.
• Billing codes: Provincial billing codes and fee schedules may be formatted differently across platforms.

Step 3: Test Migration

Never run your first import against the live production environment of your new EHR. Ask the vendor for a sandbox or test instance. Import a small subset of records (10-20 clients) and verify:

• Client demographics imported correctly (spelling, DOB, contact info)
• Session history dates and types are accurate
• Clinical notes are readable and complete
• Billing records and outstanding balances transferred correctly
• Attachments (consent forms, assessment PDFs) are accessible

Step 4: Full Migration and Verification

After a successful test, run the full migration. Then conduct a verification pass: randomly select 5-10% of migrated records and manually compare them against the originals. Document this verification process. If your college ever asks how you ensured data integrity during the transition, you want a paper trail.

Step 5: Retain the Original Export

Do not delete your export files from the old system. Store them in encrypted Canadian-hosted cloud storage for the full duration of your retention obligation. This is your safety net if any data was lost or corrupted during migration.

What to Do When a Practice Closes

Whether you are retiring, relocating out of province, or closing a practice for any other reason, your record-keeping obligations do not end when you stop seeing clients.

Designate a Records Custodian

Most provincial colleges require that you designate another regulated health professional to serve as custodian of your records after closure. This person must be able to respond to client requests for access, release records when legally required, and maintain security throughout the remaining retention period.

Notify Clients

Give clients reasonable notice (most colleges suggest 90 days minimum) that the practice is closing. Inform them how to request their records and who the new custodian will be. Send this notice in writing and retain copies as evidence of notification.

Secure Long-Term Storage

If you are archiving digital records for the remaining retention period:

• Use AES-256 encryption at rest
• Store in a Canadian data centre (see the cloud options above)
• Ensure the designated custodian has documented access procedures, including encryption keys or credentials stored in a secure password manager
• Set calendar reminders for the destruction date, factoring in minor-client extensions

Secure Destruction

When the retention period finally expires, destroy records completely. For digital records, this means cryptographic erasure (deleting the encryption keys that protect the data) or certified data destruction from your cloud provider. Document the destruction date, method, and the records destroyed. Retain this destruction log indefinitely.

Your regulatory college may have specific requirements for practice closure that go beyond what is outlined here. Contact your college directly for their current closure checklist before taking any action.

Building a Compliant Record-Keeping System

Putting it all together, a robust digital record-keeping setup for a Canadian therapy practice looks like this:

1. EHR with Canadian-hosted servers as your primary clinical record system, with automatic backups to a second Canadian region
2. Encrypted export archives stored separately from your EHR (in case the vendor goes out of business or you switch platforms), hosted on AWS ca-central-1, Azure Canada, or a Canadian-owned provider
3. A documented retention schedule specific to your province, profession, and client demographics (minor vs. adult)
4. A migration and closure plan documented in writing, including designated custodian information and secure destruction procedures
5. Annual review of your data storage, backup integrity, encryption standards, and retention timelines

Digital record-keeping is not a set-it-and-forget-it exercise. Provincial laws evolve, cloud providers change their infrastructure, and your practice circumstances shift over time. An annual review ensures you stay compliant and that your records will be accessible for as long as the law requires.

If you need help evaluating Canadian-hosted EHR options, setting up encrypted backup infrastructure, or planning an EHR migration, reach out to us. We work exclusively with therapy practices and understand the intersection of clinical compliance and technology.