Privacy Impact Assessment (PIA) Specialist

Requisition Title: RQ09375 - Privacy Impact Assessment (PIA) Specialist - Senior
Office Location: 222 Jarvis Street Toronto ON

Hybrid - - Candidate MUST work 3 days onsite and 2 days remote

MUST HAVES: 10 years of experience in the following:

Understanding of policy development to lead or participate in the development of options and strategies on information management and privacy protection

Managing privacy risks in the collection use and disclosure of Personal Health Information (PHI)

Demonstrated experience and competency to identify and evaluate emerging privacy issues changes and trends in current and future that impact government policy directions

Demonstrated experience and competency to prepare comprehensive reports options analyses briefing materials and presentations and propose responses on privacy issues

Description

      Develop privacy impact assessments and review recommendations from the privacy impact assessment (PIA) of proposed solution and business processes

      Lead and provide technical expertise in the development of access and privacy tools to facilitate the development of implementation key strategy data and digital initiatives implementation of security mechanisms pertaining to the creation collection storage access retrieval and disclosure of Personal Health Information (PHI)

      Engage and facilitate privacy related discussions with a wide range of business IT legal and privacy stakeholders across the ministry and government agencies.

      Examine complex program policy and information system proposals to assess and document business flow and context; perform stakeholder analysis public/private partnerships governance structures and feasibility in terms of the protection of Personal Health Information (PHI) collected and retained

      Support projects to ensure compliance with security and privacy best practices such as the Personal Health Information Privacy Act (PHIPA) (2004)

      Provide technical and systems advice on legacy systems internet tools and system interfaces information security technical architecture and data flows to improve protection of Personal Health Information (PHI)

      Provide technical and systems advice on data flows to the ministry and other stakeholders

      Develop business processes and procedures that describe information flows associated with new technologies programs policies or information systems to illustrate how and by whom Personal Health Information (PHI) will be collected used disclosed and retained

      Using system and infrastructure architectures document physical and/or logical separation of Personal Health Information

      (PHI) or security mechanisms that prevent improper access to Personal Health Information (PHI) or maintain any required separation

      Provide privacy expertise consultation and support to project team members senior management and colleagues in MOH advising on the legislation and regulations in an effort to resolve potential legal or privacy problems

      Provide analysis and advice to ministries and clusters regarding the Freedom of Information Act (FOI) and privacy implications privacy and security concepts of new information technologies and information systems and assist institutions in documenting their analysis

      Recommend mitigation strategies and privacy enhancing technologies in accordance with Privacy Impact Assessment (PIA) procedures

      Identify analyze and assess emerging and critical policy issues relating to Freedom of Information (FOI) and Protection of Privacy which may have an impact on PIA methodology

      Formulate policy proposals recommendations strategies and options for the project team and Ministry executive to address emerging issues

      Prepare and present status reports and updates for any relevant steering committees advisory panels working groups or similar governance bodies.

      Assess existing regulations for potential changes required to support additional initiatives to provide greater access to PHI and determine impacts on existing data sharing/electronic health record (EHR) agreements/privacy frameworks/health information custodian (HIC) models.

      Develop and provide change management support and/or communications to support stakeholders with changes related to privacy business processes.

      Review the recommendations from the privacy impact assessment (PIA) of the proposed solution and business processes.

      Provide advice to the Ministry as it relates to privacy policy and guidelines.

      Coordinate across branches and develop communication materials such as briefing notes and presentations.

      Consult and gather input from specific individuals within the organization on privacy topics either independently or as part of a team.

      Communicate with technical and business audiences and non-privacy experts.

      Prepare and present status reports and updates for any relevant steering committees advisory panels working groups or similar governance bodies

      Prepare and present status reports and updates for any relevant steering committees advisory panels working groups or similar governance bodies.

Remote Work :

No

Employment Type :

Contract