All About Data

What data can I access, how can I share it, and how should I store it?

Please note that the responses are for guidance only and do not constitute legal advice. Please contact Research Privacy if you have specific legal questions and the appropriate consultation will be arranged.

Data Collection

Collection of Race-, Ethnicity-based and Indigenous Identity data

In July 2023, PHSA Research Leaders endorsed the collection of race-, ethnicity-based and Indigenous Identity data according to the Standards for Race-Based and Indigenous Identity Data Collection Health Reporting in Canada developed by the Canadian Institute for Health Information (CIHI). The statement, as well as the CIHI Standard and related resources can be found here. For more information, please contact Holly Longstaff, Director, Research Integration and Innovation, PHSA.

Data access

PHSA data

There is a great deal of data available for research across PHSA and since we became one legal entity, access to these data by PHSA affiliated researchers has never been easier. Please visit our Data Access Security & Privacy page to find links to these data resources.

BC Ministry of Health data

The Data Management and Stewardship branch (DMS) of the Ministry of Health is responsible for processing most of the applications for data access for a legally authorized purpose. The majority of requests processed by DMS are requests submitted by other provincial health organizations, other public bodies, or eligible researchers.

Population Data BC provides support for academic researchers requesting access to ministry data including PharmaNet or a health information bank. For researchers who are planning a study using Ministry of Health administrative data, BC Data Scout™ provides information about available health data. It generates summary reports through an online tool. Information about Data Scout, PharmaNet Data Requests, and other services can be found on the BC Ministry of Health website.

Data BC is a potential source of administrative health data aggregate reports. Aggregate reports generated online are also available for BC elective surgeries wait times and BC hospitalization information.

Please visit their website for more information.

Population Data BC

‎Population Data BC (PopData) is a multi-university, data and education resource facilitating interdisciplinary research on the determinants of human health, well-being and development.

They offer researchers access to one of the world’s largest collections of health care, health services and population health data, and a comprehensive education and training service on how to best use those data.

They currently hold 19 data sets from two federal and 6 provincial sources. These data are linkable to each other, and to external data sets, where approved by the data provider.

They also provide access and linkage to two external data sets, PharmaNet and the National Ambulatory Care Reporting System (NACRS). Spatial data can also be used in conjunction with data sets held in-house. Approved users can also access file and field level summaries for BC Cancer, Human Early Learning Partnership EDI, BC Ministry of Health and BC Vital Statistics Agency via Metadata Central, their new online system.

Please visit their website for more information.

SPOR Canadian Data Platform Data Access Support Hub (DASH)

‎The Data Access Support Hub (DASH) is a one-stop data access service portal for researchers requiring multi-jurisdictional data in Canada. ‎DASH was created as part of the Strategy for Patient Oriented Research (SPOR) Canadian Data Platform. For more information, please visit their website.

Access to biospecimens and data from the BC Children’s Hospital Biobank

The BC Children's Hospital BioBank was established to provide biological samples from patients for researchers. They also provide important services that you might find helpful. The biobank collects and stores biospecimens and associated clinical information from children and women seen at BC Children's and BC Women's for REB-approved research. Stored samples include:

Pediatric samples: tissue, blood derivatives, bone marrow and more
Pregnancy related samples: placenta, cord blood derivatives, maternal blood derivatives

To apply for use of these samples please go to www.bcchr.ca/biobank and click on "Research". And for more information about the biobank and what samples they might have for your research, please contact the biobank directly.

Data sharing

Some clarity on expectations for de-identification

We understand that there is always the chance that data can become re-identified. So the issue here is really about the de-identification process used.

As long as you are not sharing identifiable information and have taken all reasonable steps to ensure that the de-identified information cannot become easily identifiable, then you have fulfilled your duty and done what is reasonable. You should note that what is reasonable will depend on the particular situation so different levels of protection may need to be implemented for different situations.

If you share data, you are responsible for making sure that the de-identification process is sound. The process should be at a standard that is reasonable in the circumstance. This is subjective, but necessarily so as there may be a higher reasonable standard for some situations as opposed to others. You can never eliminate all possible risks under all circumstances when sharing, using, or storing data.

Please draw on your data steward and PHSA Research Privacy for support and guidance when designing your de-identification process to help ensure that it is adequate. Additional resources are provided below.

In 2018, the Ministry of Health produced a policy instrument entitled Access to Health Data for Research that provides definitions for de-identification, direct identifiers, and clarifies a range of other issues. Please review the guidance for more information.
Definitions can also be found in the Glossary for Tri-Council Policy Statement: Ethical Conduct for Research Involving Humans – TCPS 2 (2022).
Finally, you may find it helpful to consult the PHSA Research Privacy Tip Sheet: Common terms and tips to reduce the risk of exposing identifiable personal information (PDF). This tip sheet references guidance from key Canadian documents that must be followed when conducting research within PHSA supplemented with advice from a range of data experts from both within and outside of PHSA.

Personal Health Numbers - to share or not to share?

‎We were recently asked by one of PHSA’s Data Stewards to clarify when, if ever, they are allowed to share Personal Health Numbers (PHNs) with research teams working within another Health Authority. We always prefer that data are de-identified before they are shared to lower the privacy risks to patients and participants. In most cases, Data Stewards can de-identify data before they are shared. They can also take responsibility for linking the data for study teams as well. However, there are times when linking must be done outside of PHSA. When this is the case, we strongly prefer that the linking is done by a trusted third party such as PopData BC.

However, if for some compelling reason the study team must do the linkage themselves and therefore require PHNs, the process becomes more complex since sharing personal information for linking purposes is considered a higher risk activity. PHNs are of course personal information. In addition, linking data can reveal personal information about individuals or be used to identify individuals so great care must be taken to ensure that existing or newly emerging privacy risks to individuals and groups have been managed.

First, the justification for needing the PHNs and conducting the linking outside of PHSA must be significant and compelling. PHSA will want to ensure that all appropriate security, privacy, and ethics standards will be met. The process will also require involvement from the Data Steward, Research Privacy, and possibly PHSA legal counsel as well.
Second, an information sharing plan (ISP) would be required between PHSA and the other Health Authority where the linking will take place since that Health Authority would be then taking a governance role over these data. This would be an ISP under the General Health Information Sharing Agreement (GHISA) since the party to whom the data are being disclosed is a Health Authority. To avoid the need to enter into an ISA every time information is shared, certain parties have agreed to the GHISA. The GHISA sets out a standard set of provisions that apply to any sharing situation. Therefore, if there is sharing of data between any two GHISA parties, all that is required is an ISP to detail the specifics of the information being shared; the GHISA provisions automatically apply to the sharing situation. Where a non-GHISA party is involved, either the non-GHISA party can be on-boarded to the GHISA or the party can enter into an ISA.

Share data safety with the IMITS Secure File Transfer Service

‎To satisfy a pent-up demand for a secure, enterprise solution for sharing protected personal information with recipients that are external to PHSA, IMITS has developed a Secure File Transfer Service, which allows anyone with a PHSA, VCH or PHC email account to share documents and other files.

This service mimics Dropbox or other cloud-based file sharing services, except shared files remain in Canada and they are fully encrypted during transmission. It also contains proper authentication controls along with the ability to audit application access—a protection that is not available using non-approved cloud-based services.

Everyone with a health authority email address has already been provisioned access (use your email address and password to log in). The IMITS InfoCentre contains more detailed information about the Secure File Transfer service. You must be on the network to access this site.

Before sharing protected personal information with external recipients, you must get permission. Acceptable external recipients of shared files include:

Ministry of Health
BC health authorities and other Canadian health organizations
Universities and other research organizations
External contractors or vendors
Private physician offices

If sharing protected health or employee information, you must have approval. If unsure, inquire at privacy@phsa.ca (or, for REB-approved research studies at PHSA, the Research Privacy Office, holly.longstaff@phsa.ca), privacy@vch.ca, or privacy@providencehealth.bc.ca. The email you choose depends on the owner of the data.

All files containing private/confidential information must be sent with appropriate security measures using passwords or encryption based on the sensitivity of the information. Passwords should be provided in a different manner (e.g. by phone, text). Please also ensure that recipients secure the information appropriately.

Data storage

PHSA Redcap

A partnership between PHSA Research & Academic Services and the BC Children's Hospital Research Institute Data Management team has made REDCap available to users from across PHSA. Researchers must be affiliated with PHSA or its programs in order to be eligible for this service. To learn more about the benefits of using BCCHRI-based REDCap service, eligibility, cost and policies, and how you can request access, please visit BC Children's Hospital Research Institute Data Management Team REDCap page.

Conducting Research at PHSA