Health Information Access Layer

What is it?

The provincial Health Integration Access Layer or HIAL provides a single point of integration to EHR services, acting as the broker between external systems and the services which enable eHealth Ontario registries and repositories. It applies security and privacy controls, message validation, transformation, enrichment, orchestration, and auditing for all transactions. Engineered for high availability, the HIAL can handle the high volume of transactions inherent to EHR systems. It is enabled with privacy and security controls which include the authentication and authorization of all transactions via our User Registry, the use of anti-virus services, and audit and consent management capabilities.


The diagram below shows how a service consumer creates a request and calls an EHR service through the HIAL. The HIAL authenticates and authorizes access using ONE ID (Security Token Services and Policy Decision Point), then calls the service provider to execute the request, and is returns a response to the service consumer. 




Learn more about the structure of HIAL messages in a summary document called "Introduction to eHealth Messages", and for more details refer to the HIAL Transport and Message Specification in the resources section.


    • Provides a single point of integration to EHR services
    • Allows access to multiple eHealth Ontario services via a single ONE ID certificate 
    • Provides centralized privacy and security controls