Privacy Impact Assessment (PIA) Specialist
Privacy Impact Assessment (PIA) Specialist
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Assignment #: A2439548
Client: Ministry of Health Health Services Cluster
Location: 222 Jarvis Street Toronto ON (Hybrid: 3 days onsite 2 days remote)
Position Overview
The Privacy Impact Assessment (PIA) Specialist Senior will support the Ministry of Health in developing and leading privacy and access compliance strategies ensuring the protection of Personal Health Information (PHI) across various projects. The specialist will provide technical and policy expertise risk mitigation and consultative guidance on privacy issues to internal stakeholders.
Key Responsibilities
- Develop and review Privacy Impact Assessments (PIAs) for proposed solutions and business processes.
- Lead development of privacy and access tools to support implementation of data and digital initiatives.
- Provide subject matter expertise on access and privacy legislation (e.g. PHIPA FOI).
- Engage stakeholders across business IT legal and government to facilitate privacy-related discussions.
- Assess systems programs and policies for privacy and security risks and provide mitigation recommendations.
- Analyze document and map data flows involving PHI.
- Provide advice and guidance on legacy and emerging IT systems regarding data privacy.
- Evaluate and align projects with current privacy legislation and standards.
- Create documentation for privacy protocols business processes and risk assessments.
- Communicate findings and recommendations to executive leadership and governance bodies.
- Lead change management efforts to ensure privacy-compliant adoption of new technologies or policies.
Mandatory Qualifications and Skills
Technical Skills (10 years):
- Expertise in PIA methodologies threat/risk analysis and business/program analysis.
- Deep understanding of privacy risks related to PHI collection use and disclosure.
- Policy development experience to support privacy and information management strategies.
- Familiarity with IT systems impacting privacy (data flows architecture infrastructure).
- Ability to recommend privacy-enhancing technologies and security controls.
- End-to-end experience with risk assessments and compliance gap analysis.
Core Skills and Experience (10 years):
- Strong analytical and strategic thinking for resolving complex privacy issues.
- Ability to develop policies and evaluate legislation impacts on I&IT systems.
- Skilled in preparing detailed reports privacy analyses and stakeholder briefings.
- Consultation negotiation and stakeholder engagement experience.
- Strong communication and presentation skills (oral and written).
General Skills:
- Leadership and team management.
- Advanced problem-solving and decision-making.
- Excellent customer service and consulting approach.
- Ability to manage strict deadlines and complex priorities.
Preferred Experience (Public Sector)
- 5 years working with federal/provincial healthcare providers.
- Knowledge of Ontario Public Sector policies including de-identification and data privacy.
- Familiarity with Public Sector IT standards (e.g. GO-ITS Enterprise Architecture Gating).
- Experience with large complex health-related IT projects.
- Knowledge of project management methodologies (e.g. PMI Unified I&IT).
Must-Have Summary
- 10 years of PIA and PHI risk management experience.
- Strong background in policy development and privacy law compliance.
- Experience with public sector governance privacy issues and digital health standards.
- Demonstrated ability to lead assessments prepare technical documentation and support cross-functional privacy initiatives.
Employment Type
Full Time
