We def can't use Dropbox, Google Docs/Drive, anything above Office 2010. Slack is frowned upon even. It is kind of brutal.
Why would FIPPA affect Office versions past 2010? 2013, 2015 and 2016 are available as standalone (non-365 subscription) versions, and regardless of your purchase model (subscription, retail, volume, etc) you can still store documents locally.
I recommend reaching out to other health organizations within Canada as they often collect survey data internally. For example, surveys get used for feedback for presentations/educational sessions all the time. With the exception of Alberta, all provinces have separate health authorities which would mean separate contracts/sales cycles etc, however they are usually of large size so it would be worth it financially.
However, in the last year, almost all major banks have moved to Azure and from what I've heard - a lot of companies don't mind it as much, but employees wanted to use AWS (familiarity I guess).
That said, MS has been on a hiring spree for TSPs and TAMs to expand as much as possible so it'll be fun to see what Amazon does to compete.
The only mitigation is to make sure you encrypt everything in transit and ensure that the private keys never leave Canada.
Whether or not AWS, Azure, etc. can meet this...I honestly don't know.
I don't believe any provinces have requirements on border crossing, and there's no federal requirement on data sovereignty at all for private corporations.
Same requirement - data must not leave Canada, which ruled out basically all "hosted solutions"
There are only 3 provinces that require storage in Canada: BC, NS and QC. And even then, that is for public sector organizations only.
I can assure you the data we were sending around didn't even leave our territory, let alone the country, seeings we owned every single scrap of networking hardware in a ~10,000km radius.