Canadian Provincial Government

This government province uses tokenization to keep PII and PHI out of the cloud…

Quick Facts

  • Headquarters: Western Canadian province
  • Industry: Provincial Government
  • Employees: 65,000
  • Population: 4.5 million (3rd largest in Canada)


  • Preparing custom SFDC application to maintain Canadian citizen and PHI information
  • Meeting Canadian Data Privacy Regulations (PIPEDA) that forbids Canadian PII to leave the country
  • Meeting provincial government’s security policy prohibiting PII, even if encrypted, to go beyond Canadian borders


  • CipherCloud for Salesforce
  • Tokenizing Canadian PII and PHI to assure data residency and compliance
  • Successful integration with secure on-premise Oracle data base

Top Benefits

  • Salesforce portal significantly reduced infrastructure cost
  • CipherCloud gateway supported by third-party cloud provider in Canada
  • Provincial government realizes the benefits of the cloud while meeting strict Canadian laws protecting citizen data

Canadian Government Province Protects PII and PHI in its Salesforce Cloud Portal

CipherCloud tokenization of PII and PHI meets strict PIPEDA data residency and compliance laws



Canada has 10 provinces and this Canadian provincial government governs the Western province, the third largest in the country. The national and federal governments make laws for all of Canada, and each province has its own powers that cannot be changed by the federal government. These areas of responsibility include governance and laws regarding highways, hospitals, and education.

This provincial government is responsible for managing Canadian citizens’ personally identifiable information (PII). They planned to deploy a Salesforce platform to decrease infrastructure costs. But they realized they were strictly accountable to Canada’s Data Privacy Regulations — PIPEDA. PIPEDA stipulates that PII for Canadian citizens cannot leave the country.  They needed to deploy strict security measures to ensure compliance with PIPEDA before they could launch their new portal.


Canada’s provincial branch of government was designing their custom Salesforce app to maintain Canadian citizens’ private and protected healthcare information (PHI). Planning to deploy this solution with one of their partners, they would also be integrating the portal with a secure Oracle database.

Knowing their citizen data could not leave Canadian borders per PIPEDA, security for their portal needed to:

  • Meet Canadian Data Privacy Regulations (PIPEDA) which prohibit Canadian citizen PII from leaving Canadian borders, even if encrypted
  • Provide tokenization of Canadian PII and PHI data to assure data residency and compliance
  • Provide email from any browser on any mobile device
  • Lower infrastructure costs and free up IT staff to focus on more productive tasks


The company looked forward to the significant reduction of infrastructure costs their Salesforce portal would bring. To ensure the portal was ultra secure, they selected CipherCloud for Salesforce to provide extra data protection. Because PIPEDA instructs that Canadian PII and PHI data cannot leave Canadian borders even if encrypted (virtually impossible to enforce in a pubic cloud environment), this Canadian provincial government office primarily needed to implement tokenization to protect their data. For data protection inside Canada, encrypting data is the right move. But for international compliance, CipherCloud for Salesforce’s ability for deep integration and tokenization into specific data fields fit the bill.

Tokenization is a process where specific data fields containing sensitive information – such as social security or credit card numbers — is kept from being uploaded to the cloud. When a patient or customer’s record contains such highly sensitive information, instead of being ported to the cloud, the real data in those fields is replaced by random symbols (token characters). This ensures the actual data never leaves the government’s data centers and is never placed in the cloud.

The CipherCloud for Salesforce solution ensures this necessary level of security.


This government province achieved their goal of launching an efficient, cost-saving, and secure Salesforce portal. They were able to successfully:

  • Realize the benefits of the cloud while meeting strict Canadian laws protecting private citizen information
  • Integrate granularly with Salesforce while preserving application functionality
  • Demonstrate industry leadership with Canadian businesses
Join over 5,000 subscribers - best practices and tips delivered weekly to your inbox.
We respect your privacy. Your email address will never be sold or shared with anyone else.