RQ10513 Privacy Impact Assessment (PIA) Specialist Senior

Responsibilities:

• Required to lead or support the development of a privacy impact assessment that evaluates whether new technologies information systems or proposed programs or policies meet legal and policy privacy requirements determine and mitigate risks and address clients concerns.
  
• These requirements include ensuring that the program complies with provincial municipal federal and private sector access and privacy legislation as well as relevant regulations statutes OPS policies Directives standards guidelines and internationally accepted Fair Information Practices.
  

General Skills:

• Excellent knowledge of privacy and security concepts trends and issues. This will include an understanding of their impact on business processes as well as skill with interpretation and communication of privacy principles and compliance requirements
  
• Knowledge of and experience in researching and applying relevant information privacy laws regulations jurisprudence (particularly as it relates to the Information and Privacy Commissioner of Ontario) and risk countermeasures
  
• Experience in conducting Privacy Impact Assessments in public sector context
  
• Knowledge of and experience with privacy enhancing best practices
  
• Knowledge and ability to interpret and apply Ontarios Freedom of Information and Protection of Privacy Act (FIPPA) and its municipal equivalent the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) Personal Health Information Protection Act (PHIPA) their respective regulations and related jurisprudence
  
• Familiarity with federal Personal Information Protection and Electronic Documents Act (PIPEDA) and US PATRIOT Act
  
• Policy Knowledge
  
• Familiarity with OPS Privacy Impact Assessment Process and Tools released by the Ontario Ministry of Government Services and associated requirements;
  
• Good understanding of related disciplines such as IT security IT system design policy development (privacy and security) business architecture legal processes Freedom of Information administration business analysis risk management project management.
  
• Operational Program and Business Design Skills
  
• Ability to lead mange or support the development of a PIA either independently or as part of a team by directing and gathering input from specific individuals within the organization and/or from project documents
  
• Knowledge and ability to create and understand data flow diagrams business process diagrams and solution artifacts (solution design documents)
  
• Ability to recognize the need for and seek input from external experts as required
  
• Excellent communication skills with technical and business audiences and privacy experts.
  
• Technology and Systems Knowledge
  
• Information and Record Keeping Knowledge
  
• Experience in developing risk assessment tools mitigation plans methodologies policies and procedures to effectively manage and safeguard personal information
  
• Knowledge of policies directives standards business rules procedures and guidelines relating to records management including classification retention and disposition of information
  
• Knowledge and understanding of Accessibility for Ontarians with Disability Act (AODA) and related regulations and standards
  

Requirements

Experience and Skill Set Requirements:

Must Haves:

• Experience in conducting Privacy Impact Assessments in public sector context
  
• Knowledge and ability to interpret and apply Ontarios Freedom of Information and Protection of Privacy Act (FIPPA) and its municipal equivalent the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) Personal Health Information Protection Act (PHIPA) their respective regulations and related jurisprudence
  
• having the privacy professional certification is extremely helpful
  

Skill Set Requirements:

Desirable Skills:

• Professional certification from a related discipline such as IT security privacy architecture
  
• Experience providing education and training related to privacy
  
• Knowledge of and experience with the policies and procedures of the Ontario government (e.g. business case development project approvals corporate governance requirements and policy development)
  
• Analytical skills to understand the current and future access and privacy implications of policies decisions and business initiatives including the use of AI tools
  
• Knowledge of Information Technology concepts and processes that impact the protection of personal information including (but not limited to) Internet tools AI tools system interfaces information security information and solution architecture data models and data flows