The proposed Connected Care for Canadians Act (Bill S-5) signals a broader shift toward a more connected, interoperable, and patient-centered healthcare ecosystem. While this bill does not prescribe a specific technology stack, it establishes the direction of healthcare modernization to include: reduced vendor data blocking, improved interoperability, and enabling more secure and accessible exchange of health information across systems and jurisdictions.
For hospitals, health systems, clinics, and long-term care organizations, this creates important procurement and modernization considerations: whether current and future technology vendors can support a truly connected care platform for Canadians, today and in the future, regardless of where care is delivered.
At Smile Digital Health, our experts have implemented more than 190 FHIR®-based interoperability and modernization initiatives globally, including more than 30 CMS compliance implementations in the US. One of the clearest lessons from these large-scale data and process modernization initiatives is that sustainable and scalable connectivity is not achieved through short-term compliance exercises alone. The most successful organizations align technology decisions with long-term operational, clinical, and business outcomes, so that the value of investment is realized and experienced by patients, care providers and populations.
FHIR, CQL, and SMART on FHIR are HL7 open standards that have become foundational to building scalable and future-ready initiatives globally, because they power interoperability, secure data storage and exchange, flexibility, and ecosystem integration, without vendor lock-in.
The following check-list is designed to help healthcare delivery organizations evaluate current and prospective vendors against the broader direction of connected care, modernization and interoperability in Canada.
It is intended to support procurement, modernization planning, and long-term interoperability strategy by helping organizations identify solutions that can adapt to evolving legislative expectations, as well as population needs, cost-effectively, while maximizing operational and clinical value.
For hospitals, health systems, clinics, and long-term care organizations, this check-list ensures internal organizational policies, governance, and contractual requirements are in place to successfully integrate and scale interoperable solutions, and prevent organizational inertia from creating data-blocking barriers.
Data Governance Review: Have we defined who has the authority to review and approve data sharing requests across the organization to ensure that administrative delays are not interpreted as information blocking?
First Nations OCAP® Principles: If we hold data for Indigenous patients or communities, do our internal systems provide the granular control needed to separate and return that data to the community when requested?
Consent Management: Does our EHR allow for dynamic consent (patients opting in/out of specific sharing) to meet both Bill S-5 and provincial privacy laws?
Legacy System Audit: Have we identified siloed and/or legacy systems (e.g., old lab or imaging software) or technical debt that need a retirement/upgrade roadmap?
Contractual Evergreen Clauses: Do our vendor contracts include language that requires them to update to new federal standards (incorporated by reference) at no additional cost to the hospital?
Information Blocking Training: Have we trained our HIM (Health Information Management) staff on the difference between a Privacy Breach (which we must prevent) and Data Blocking (which we must avoid)?
Cyber-Security Alignment: Are our data-sharing protocols using OAuth 2.0 to ensure that as we expand interoperability workflows for Bill S-5, we aren't creating new security vulnerabilities?
Care delivery organizations can use this checklist to vet current vendors and potential vendors when issuing new RFPs. These questions may help organizations evaluate short and long-term vendor interoperability readiness, flexibility, and security.
Native FHIR Support: Does the solution support HL7 FHIR R4 (or higher) natively, or is it an add-on that requires extra configuration on different levels?
CA:FeX Compliance: Does the vendor demonstrate alignment with the Canadian FHIR Exchange (CA:FeX) specifications?
SMART on FHIR & CQL Support: Does the vendor’s solution include SoF and CQL to ensure the organization can maximize ROI through value-adding clinical and business solutions?
Terminology Mapping: Does the system natively use SNOMED CT and LOINC codes, or does it use proprietary internal codes that require manual translation?
Consent Management: How does the solution allow for dynamic consent (patients opting in/out of specific sharing) to meet both Bill S-5 and provincial privacy laws?
Indigenous Data Sovereignty: Does the vendor's solution support granular, Nation-level data controls (such as OCAP® tagging and collective consent) to prevent unauthorized extraction and enable the repatriation of Indigenous health data?
"No-Fee" Data Access I: Does the contract allow for the extraction of patient data for clinical use without transactional or integration fees?
Bulk Data Export: Does the system support the FHIR Bulk Data API to allow the hospital to move thousands of records at once for population health or system migration? If so, how long does this process take?
Open API Documentation: Is the vendor’s API documentation publicly available and standardized, or is it locked behind a partner program or NDA?
Legislations may be a catalyst for change, but true health system modernization demands a vision that extends far beyond the regulation requirements. The vendors you choose today will determine your organization's ability to deliver high-value cost effective care that Canadians deserve.