Privacy Impact Assessment (PIA) Specialist - Senior

Description

Deliver timely privacy products and services to support and guide HSCs compliance with privacy rules and regulations. High quality privacy products are expected to be created through services including advise and collaborate with a variety of roles from senior executives to privacy/security experts data users business program areas through different engagement formats including and not limited to individual discussions facilitated workshops to complete the deliverables below.

1. Develop platform level Privacy Policy Procedure Handbook to meet HSCs PHIPA roles requirements (HINP Agent ESP).

2. Develop platform level Privacy learning module with content that are easy to understand for all data roles who would be coming to the Health Data Utility in compliance to HSCs PHIPA roles requirements. This includes visual and audio forms of content.

3. Conduct privacy impact assessments develop risk mitigation plans service level agreements and other privacy legal related documents required to onboard groups within Ontario Public Service and Broad Public Sector Organizations (BPSOs) to the Health Data Utility platform.

the development of public health domain specific privacy educational materials under Public Health Domain Data Steward guidance as needed.

NOTE

Assignment Type: This position is currently listed as Hybrid and consultants will be required to work onsite. The details of this arrangement will be confirmed with the Hiring Manager.

Extension/Amendment Attestation: Extension(s) only allowed using unused days/funds left on contract. No additional funds will be added beyond maximum contract value. The Statement of Work (SOW) shall expire on March 31 2026. HSC may exercise its option(s) to extend a SOW beyond March 31 2026 using unused days/funds left on the contract. Such extension(s) will be allowable only if the Master Service Agreement is extended beyond April 5 2026 and be upon the same terms conditions and covenants contained in the SOW.

Skills

Experience and Skill Set Requirements

MUST HAVES:

Minimum 10 years of operational experience applying Privacy by Design within the framework of Ontarios Personal Health Information Protection Act 2004 (PHIPA) and Ontarios Freedom of Information and Protection of Privacy Act (FIPPA) preferably in or related to the health care sector.

Minimum 10 years of demonstrated knowledge in writing IPC (or similar organization) compliant policies and supporting documents to enable cloud-based platforms for varied audiences from senior executives to privacy experts and data consumers with working knowledge of digital health technologies and information security industry standards.

7 years of in-depth experience in preparing and delivering privacy training and education in plain language.

Excellent interpersonal and communication skills both written and oral with the ability to communicate complex ideas in easy-to-understand terminology. Excel in a fast-paced environment.

Excellent analytical organizational research and presentation skills.