Senior Privacy Impact Assessment (PIA) Specialist

Contrat temporaire

Toronto, Ontario

29 Aug 2024

    We are seeking a Senior Privacy Impact Assessment (PIA) Specialist for our Ontario Government Client. The ideal candidate will have extensive experience in health privacy, particularly in conducting privacy impact assessments and developing privacy policies. You will play a critical role in supporting EHR Modernization initiatives and ensuring compliance with privacy laws and regulations.

    Must Haves:

    • 5+ years of health privacy experience conducting PIAs on medium to high complexity projects

    • 5+ years of operational-level privacy experience in a health sector and/or IT environment

    • 5+ years of experience developing privacy policies, procedures, requirements, or controls

    • Familiarity with the Personal Health Information Protection Act, 2004 (PHIPA)

    Responsibilities

    • Develop privacy policies and procedures

    • Conduct privacy impact assessments for complex initiatives

    • Support investigations into privacy incidents and handle privacy-related inquiries

    • Identify and assess privacy risks

    • Provide privacy advisory services to business teams

    • Participate as a privacy Subject Matter Expert on various committees and project teams

    • Respond to legislative requests and inquiries related to PHIPA and FIPPA

    • Support and improve the Privacy Office’s efficiency through project management

    • Develop and deliver privacy training

    Desired Skills

    • Advanced knowledge of access and privacy requirements, particularly in the health sector

    • Strong understanding of privacy and security concepts, including privacy-by-design practices

    • Experience with Privacy Impact Assessments and privacy training development

    • Familiarity with IT system design, policy development, and digital health technologies

    Deliverables

    • Conduct Privacy Impact and Threshold Assessments

    • Provide privacy consultation for IT initiatives

    • Develop risk mitigation plans and privacy controls

    • Review and advise on data sharing agreements