What BC’s Bill 9 Means for Data, Patients, and Digital Health
An analysis of how evolving privacy legislation in British Columbia is shaping data governance and digital health transformation.
Most digital health conversations focus on technology.
Electronic health records. AI. Interoperability. Virtual care.
But a piece of the foundation of digital transformation is often something less visible: data governance laws.
A new piece of legislation in British Columbia, Bill 9: the Freedom of Information and Protection of Privacy Amendment Act, 2026, proposes changes to how public sector data is accessed, protected, and shared.
While the bill is not healthcare specific, its implications could influence how digital health systems evolve across the province.
So what does the legislation actually do? What does it not do? And what should healthcare and digital leaders be paying attention to?
Understanding the legislation
Bill 9 proposes amendments to the Freedom of Information and Protection of Privacy Act (FIPPA), the primary law governing privacy and access to information in the public sector in British Columbia.
FIPPA sets out how public bodies must handle personal information and how members of the public can access government records. Its stated purposes include making public bodies more accountable to the public while protecting personal privacy.
Public bodies covered by the Act include provincial ministries, Crown agencies, universities, school boards, municipalities, and health authorities.
The amendments were introduced during the 43rd Parliament, 2nd Session of the Legislative Assembly of British Columbia.
Because healthcare organizations fall within the definition of public bodies, the legislation indirectly affects how health systems manage information.
Key elements of the proposed changes
While the bill contains multiple technical amendments, three areas are particularly relevant to leaders working in healthcare, digital transformation, and public sector data governance.
1. Changes related to FOI requests
The bill expands circumstances under which a public body may disregard certain freedom of information requests.
These include requests that may be considered abusive, malicious, or that would unreasonably interfere with the operations of government.
The stated intent is to improve the functioning of the FOI system and reduce administrative burden created by certain requests.
Freedom of information requests related to personal information are common. Government reporting has noted that requests from individuals seeking their own personal information represent a large portion of FOI activity.
2. Support for integrated digital services
The legislation also includes provisions intended to support integrated digital services across government.
This includes enabling a framework where a connected services provider may facilitate digital services delivered across multiple public bodies.
Government communications about the bill indicate that these changes are intended to support improved digital service delivery for residents and businesses.
In practical terms, this type of framework can enable shared digital infrastructure used by multiple parts of government.
3. Administrative updates within the privacy framework
The bill also introduces administrative updates within the broader privacy governance structure under FIPPA.
Oversight of privacy protections continues to sit with the Office of the Information and Privacy Commissioner for British Columbia, an independent authority responsible for reviewing government compliance with the Act.
What the legislation does not do
Public policy discussions often expand beyond what legislation actually contains.
Based on the bill and the structure of FIPPA, several core elements remain unchanged.
The proposed amendments do not:
• eliminate the right to make freedom of information requests • remove privacy protections for personal information • eliminate oversight by the Information and Privacy Commissioner • change the core purposes of FIPPA
Instead, the amendments focus primarily on administration of FOI requests and enabling digital service delivery mechanisms across government.
Why this matters for healthcare and digital transformation
Although the bill is not healthcare legislation, its implications intersect directly with digital health.
Healthcare systems depend on data governance frameworks that determine how information moves across organizations.
Modern health systems increasingly rely on:
• shared digital platforms
• integrated patient information systems
• population health analytics
• coordinated service delivery across multiple providers
Legislation governing how public bodies collect, share, and protect data shapes how these systems can be built.
Enabling integration
Digital health initiatives often require data to move between organizations such as hospitals, primary care providers, public health agencies, and ministries.
Frameworks that clarify how digital services can operate across government entities can support these types of integrated systems.
Strengthening governance expectations
At the same time, increased data sharing raises expectations around governance.
Healthcare leaders must ensure strong safeguards related to:
• privacy protection
• cybersecurity
• data stewardship • transparency
Health data is among the most sensitive information held by governments.
Trust in the system depends on how that data is managed.
What leaders should watch for
For leaders working in healthcare, digital health, and public sector transformation, several aspects of this legislation will be important to monitor.
Implementation details
The real impact of legislation often depends on implementation through policies, procedures, and regulations.
Data governance frameworks
Organizations will need strong internal governance models to ensure that expanded digital capabilities remain aligned with privacy and security expectations.
Public trust
Transparency and privacy protections remain central to maintaining trust in public institutions that manage sensitive information.
Final reflection
Bill 9 is not a healthcare reform bill.
It is fundamentally a data governance bill.
Yet as healthcare becomes increasingly digital, laws governing privacy, access to information, and data sharing will play a growing role in shaping how health systems evolve.
Technology often receives the attention.
But legislation quietly determines the rules that technology must follow.
For healthcare and digital leaders, understanding those rules is becoming just as important as understanding the technology itself.
References
Legislative Assembly of British Columbia Freedom of Information and Protection of Privacy Amendment Act, 2026 (Bill 9) https://www.leg.bc.ca/parliamentary-business/overview/43rd-parliament/2nd-session/bills/1st_read/gov09-1.htm
Freedom of Information and Protection of Privacy Act (RSBC 1996, c.165) https://www.bclaws.gov.bc.ca/civix/document/id/complete/statreg/96165_00
Government of British Columbia Amendments to the Freedom of Information and Protection of Privacy Act https://news.gov.bc.ca
Office of the Information and Privacy Commissioner for British Columbia https://www.oipc.bc.ca
Latest Insights
