Privacy Impact Assessment (PIA) Specialist
Temporary/Contract
Toronto, Ontario
28 Aug 2024
Our Ontario Government Client is seeking a highly skilled Senior Privacy Impact Assessment (PIA) Specialist with extensive experience in health privacy and IT environments. The ideal candidate will have a solid background in conducting privacy impact assessments, developing privacy policies, and ensuring compliance with the Personal Health Information Protection Act (PHIPA). This role is crucial for supporting Electronic Health Record (EHR) Modernization initiatives and ensuring the secure migration of sensitive health information.
Must haves:
5+ years of experience in health privacy, conducting PIAs on medium to high complexity projects
5+ years of operational privacy experience in health or IT environments
5+ years of experience developing privacy policies, procedures, or controls
Strong familiarity with PHIPA and its requirements for Health Information Network Providers (HINP) and Electronic Service Providers (ESP)
Responsibilities:
Lead and support EHR Modernization initiatives, including developing privacy policies and conducting PIAs
Conduct privacy assessments and provide advisory support to business teams
Investigate privacy incidents, manage patient inquiries, and address privacy requests
Identify and assess privacy risks and develop risk mitigation plans
Serve as the privacy subject matter expert on Ontario Health, regional, or provincial committees
Develop strong relationships with stakeholders to foster a culture of privacy
Provide legislative interpretation and advice on privacy issues under PHIPA and the Freedom of Information and Protection of Privacy Act (FIPPA)
Support privacy program projects and deliver privacy training for Ontario Health
Desired Skills:
Degree in health, policy, IT, security, law, or a related discipline
In-depth knowledge of privacy and security concepts, trends, and their impact on business processes
Strong understanding of privacy-by-design principles and best practices
Experience with technology architecture, digital health solutions, and information security standards
Ability to work in a fast-paced, project-focused environment with strong time management skills
Details:
Health Privacy Experience: 5+ years of experience conducting PIAs on medium to high complexity projects
Operational Privacy Experience: 5+ years in a health sector and/or IT environment
Privacy Policy Development: 5+ years of experience developing privacy policies and controls
PHIPA Familiarity: Knowledge of PHIPA requirements for HINP and ESP
OntarioMD EMR Certification: Familiarity with EMR Certification
EMR/HIS Infrastructure Knowledge: Familiarity with EMR or HIS design and data flows
API and PKI Familiarity: Knowledge of API functionality and PKI
Deliverables:
Conduct a Privacy Impact Assessment for the migration of Ontario Health's Secure Document Storage (SDS) system to a cloud environment
Complete Privacy Threshold Assessments and related documentation
Provide privacy consultation on complex, multi-stakeholder health privacy issues
Develop risk mitigation plans and create data flow diagrams with privacy controls
Review and advise on agreements, including data sharing agreements
Additional Terms:
Assignment is hybrid, with onsite work required per the Hiring Manager's discretion
Knowledge transfer must be completed with full documentation provided to Ontario Health before the end of engagement.