MapleCare Health is an 880-employee specialty pharmacy headquartered in Toronto, with patient support call centres in Mississauga and Halifax. They process 92,000 patient calls per month, every one of which involves protected personal health information (ePHI), every one of which has to be handled in a PHIPA-compliant environment under Ontario's Personal Health Information Protection Act.
The problem
MapleCare's previous setup separated CRM from support: agents had to look up the patient in one system, then open a ticket in another, then log the call back into a third. Average handle time was 11 minutes; agents spent 4 of those minutes navigating tools while the patient waited on hold. Audit reviews under PHIPA required pulling logs from three different systems and reconciling them by hand.
The provincial privacy commissioner's recommendations after a 2024 audit also flagged "data minimisation" — agents were seeing more PHI than they needed to resolve calls. Their existing CRM had no field-level redaction, so agents saw everything or nothing.
4 of every 11 minutes was the patient waiting for the agent to find them.
Why Tracket
Sandeep Mehra, MapleCare's CIO and former CTO at a Canadian healthcare ISV, ran a structured RFP. Three vendors made the shortlist: Salesforce Health Cloud, Microsoft Dynamics with PHIPA-aware configuration, and Tracket. Tracket won on three things: data residency in Toronto and Montreal regions only, field-level redaction in the agent UI for PHIPA "minimum necessary" compliance, and a signed Privacy Impact Assessment (PIA) attached to the contract.
The migration
MapleCare moved Helpdesk and CRM onto Tracket Enterprise with a signed BAA and PHIPA Privacy Impact Assessment. ePHI is segregated into a PHIPA-classified Atlas region; access is logged at field level; agents get a redacted view by default with explicit "reveal" actions audited. Migration took 14 weeks with parallel running across both call centres.
The result
Time-to-resolution dropped from 11 minutes to 32 seconds for the 70% of calls that resolve via standard playbooks. Agent CSAT (the agents' own feedback on the tools) rose from 3.1 to 4.7 / 5. The privacy officer signs off the quarterly access review in 90 minutes — it used to take 3 days. The 2026 PHIPA audit found zero "minimum necessary" violations across the 14-week sample period.
Time-to-resolution went from 11 minutes to 32 seconds.
— SANDEEP MEHRA · CIO · MAPLECARE HEALTH