Privacy Impact Assessment PIA 9055-0415
Privacy Impact Assessment PIA 9055-0415
Posted on :
04-04-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
HM Note: This hybrid contract role is three 3 days in office. Candidates resume must include first and last name.
Description
Responsibilities:
Required to lead and develop privacy impact assessment (PIA) that evaluates whether new technologies information systems or proposed programs or policies meet legal and policy privacy requirements determine and mitigate risks and address clients concerns.
These requirements include ensuring that the program complies with provincial municipal federal and private sector access and privacy legislation as well as relevant regulations statutes OPS policies Directives standards guidelines and internationally accepted Fair Information Practices.
Work on the project with business and technology teams to ensure PIA captures all relevant information required for project governance and approvals
Coordinate approvals of the PIA with project team and Privacy office
Provide guidance and expertise to the project team on privacy requirements and standards
Provides input and supports the development of amendments to FIPPA and MGSA to support projects long term roadmap and vision
General Skills:
Excellent knowledge of privacy and security concepts trends and issues. This will include an understanding of their impact on business processes as well as skill with interpretation and communication of principles and compliance requirements
Knowledge of and experience in researching and applying relevant information privacy laws regulations jurisprudence (particularly as it relates to the Information and Privacy Commissioner of Ontario) and risk countermeasures
Experience in conducting Privacy Impact Assessments in public sector context
Knowledge of and experience with privacy enhancing best practices
Knowledge and ability to interpret and apply Ontarios Freedom of Information and Protection of Privacy Act (FIPPA) and its municipal equivalent the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) Personal Health Information Protection Act (PHIPA) their respective regulations and related jurisprudence
Familiarity with federal Personal Information Protection and Electronic Documents Act (PIPEDA) and US PATRIOT Act
Policy Knowledge
Familiarity with OPS Privacy Impact Assessment Process and Tools released by the Ontario Ministry of Government Services;
Good understanding of related disciplines such as IT security IT system design policy development (privacy or security) business architecture legal processes Freedom of Information administration business analysis risk management project management.
Operational Program and Business Design Skills
Ability to lead mange or support the development of a PIA either independently or as part of a team by directing and gathering input from specific individuals within the organization
Knowledge and ability to create and understand data flow diagrams and business process diagrams
Ability to recognize the need for and seek input from external experts as required
Excellent communication skills with technical and business audiences and non access and privacy experts.
Technology and Systems Knowledge
Analytical skills to understand the current and future access and privacy implications of policies decisions and business initiatives
Knowledge of Information Technology concepts and processes that impact the protection of personal information including (but not limited to) Internet tools system interfaces information security information architecture and data flows
Information and Record Keeping Knowledge
Experience in developing risk assessment tools methodologies policies and procedures to effectively manage personal information
Knowledge of policies directives standards business rules procedures and guidelines relating to records management including classification retention and disposition of information
Knowledge and understanding of Accessibility for Ontarians with Disability Act (AODA) and related regulations and standards
Desirable Skills:
Professional certification from a related discipline such as IT security architecture
Experience providing education and training related to privacy
Knowledge of and experience with the policies and procedures of the Ontario government (e.g. business case development project approvals and policy development)
Skills
Experience and Skill Set Requirements
40 Privacy Assessment Experience Policy and Legislative Requirements
Experienced in privacy legislation including Freedom of Information and Protection of Privacy Act (FIPPA) Personal Health Information Protection Act (PHIPA) the Personal Information Protection and Electronic Documents Act (PIPEDA)
Experienced in conducting privacy assessments involving personal information citing examples in resume.
Experienced in leading and conducting privacy assessments with Ontario health or D and amp;V systems involving online and/or mobile digital solutions that handle personal and health related information
Lead and conducted assessments involving personal health information involving third party solutions (e.g. private sector or nonprofit application solutions) and/or service integration providers
Experienced working with policy development teams; reviewing and comparing policies and legislation to make informed recommendations to ensure adequate privacy protections and considerations are addressed with in policy/legislation.
30 Technical understanding
Experience with privacy risks and conducting PIAs associated with integration between legacy systems web applications mobile and cloud based solutions to obtain retrieve and synchronize information.
Experience with privacy risks and conducting PIAs involving mobile app solutions and the unique security and privacy challenges associated with such platforms
Demonstrated experience and familiarity with strong security encryption and privacy protection approaches to digital solutions including mobile; web based and backend integrations via API or similar approaches.
Familiar with Digital Wallet technologies (native within OS or third party) including the security and privacy considerations limitations and best practices for local data protection on mobile devices
Familiar with cloud based digital wallet technologies including the security and privacy considerations limitations and best practices for data protection
Experience knowledge and understanding of privacy protection standards and best practices business information and security architecture principles and emerging technology related to the protection of privacy and personal information
20 Leadership and Communications
Demonstrated strong communication and engagement skills with ability to lead teams in discovery sessions to elicit details of technical solutions business processes and/or policies; strong writing skills to document findings recommendation etc.
Demonstrated ability to interpret both technical (e.g. architecture design documents process flows state transition diagrams etc) and nontechnical documentation to conduct assessment of impacts and to develop mitigation strategies
Strong organizational and time management skills to manage multiple and concurrent requests in an agile and highly dynamic work environment setting.
Strong presentation abilities to communicate findings recommendations etc. to senior management and executives to inform decision making; able to communicate Page 6 of 12 complex problems/issues in a simple terms
5 Digital Identity Frameworks and Standards
Experience in developing applying and/or evaluating digital identity trust frameworks such as the PCTF eIDAS or similar.
Experience with Digital Identity standards such as NIST FIDO Open ID Connect SAML
5 OPS experience
Prior experience with leading and conducting multiple PIAs in OPS setting/ environment including demonstrated knowledge and experience with OPS processes existing templates and expectations to obtain approvals/sign off. and nbsp;
Must Have:
Experienced in privacy legislation including Freedom of Information and Protection of Privacy Act (FIPPA) Personal Health Information Protection Act (PHIPA) the Personal Information Protection and Electronic Documents Act (PIPEDA)
Experienced in conducting privacy assessments involving personal information citing examples in resume.
Experienced in leading and conducting privacy assessments with Ontario health or D and amp;V systems involving online and/or mobile digital solutions that handle personal and health related information
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
