Achieving PHIPPA Compliance

Has anyone tried to get PHIPPA compliance before? HIPPA is in the states, but PHIPPA is in Canada and is more strict than HIPPA. So far, I have signed a BAA with OpenAI and now have zero day retention on my organization. For data residency laws, I am using supabase that hosts its supabase using aws-central-1 with centers in Montreal, Quebec, Canada so it complies with data residency laws. How can this be adapted into the Canadian landscape, particularly in Ontario? Or am I already compliant?