RQ10829 3 x Sr. Privacy Impact Assessment Specialist

Toronto - Canada

Monthly Salary: Not Disclosed

Posted on: 2 hours ago

Vacancies: 1 Vacancy

Job Summary

RQ10829 - Sr. Privacy Impact Assessment (PIA) Specialist

3 openings

1- year contract (246 business days) - possible extension

Hybrid 3 days in office - 222 Jarvis St. Toronto

Security Level: CRJMC

Responsibilities:

Develop privacy impact assessments and review recommendations from the privacy impact assessment (PIA) of proposed solution and business processes

Lead and provide technical expertise in the development of access and privacy tools to facilitate the development of implementation key strategy data and digital initiatives implementation of security mechanisms pertaining to the creation collection storage access retrieval and disclosure of Personal Health Information (PHI)

Engage and facilitate privacy related discussions with a wide range of business IT legal and privacy stakeholders across the ministry and government agencies.

Examine complex program policy and information system proposals to assess and document business flow and context; perform stakeholder analysis public/private partnerships governance structures and feasibility in terms of the protection of Personal Health Information (PHI) collected and retained

Support projects to ensure compliance with security and privacy best practices such as the Personal Health Information Privacy Act (PHIPA) (2004)

Provide technical and systems advice on legacy systems internet tools and system interfaces information security technical architecture and data flows to improve protection of Personal Health Information (PHI)

Provide technical and systems advice on data flows to the ministry and other stakeholders

Develop business processes and procedures that describe information flows associated with new technologies programs policies or information systems to illustrate how and by whom Personal Health Information (PHI) will be collected used disclosed and retained

Using system and infrastructure architectures document physical and/or logical separation of Personal Health Information

(PHI) or security mechanisms that prevent improper access to Personal Health Information (PHI) or maintain any required separation

Provide privacy expertise consultation and support to project team members senior management and colleagues in MOH advising on the legislation and regulations in an effort to resolve potential legal or privacy problems

Provide analysis and advice to ministries and clusters regarding the Freedom of Information Act (FOI) and privacy implications privacy and security concepts of new information technologies and information systems and assist institutions in documenting their analysis

Recommend mitigation strategies and privacy enhancing technologies in accordance with Privacy Impact Assessment (PIA) procedures

Identify analyze and assess emerging and critical policy issues relating to Freedom of Information (FOI) and Protection of Privacy which may have an impact on PIA methodology

Formulate policy proposals recommendations strategies and options for the project team and Ministry executive to address emerging issues

Prepare and present status reports and updates for any relevant steering committees advisory panels working groups or similar governance bodies.

Assess existing regulations for potential changes required to support additional initiatives to provide greater access to PHI and determine impacts on existing data sharing/electronic health record (EHR) agreements/privacy frameworks/health information custodian (HIC) models.

Develop and provide change management support and/or communications to support stakeholders with changes related to privacy business processes.

Review the recommendations from the privacy impact assessment (PIA) of the proposed solution and business processes.

Provide advice to the Ministry as it relates to privacy policy and guidelines.

Coordinate across branches and develop communication materials such as briefing notes and presentations.

Consult and gather input from specific individuals within the organization on privacy topics either independently or as part of a team.

Communicate with technical and business audiences and non-privacy experts.

Prepare and present status reports and updates for any relevant steering committees advisory panels working groups or similar governance bodies

Prepare and present status reports and updates for any relevant steering committees advisory panels working groups or similar governance bodies.

Must-haves:

10 years experience with privacy impact assessment (PIA) methodologies tools and techniques
Application of threat and risk analysis principles program analysis business analysis
Managing privacy risks in the collection use and disclosure of Personal Health Information (PHI)
5 years of experience working with federal/provincial/broader public-sector healthcare providers (Preferred)

RQ10829 - Sr. Privacy Impact Assessment (PIA) Specialist 3 openings 1- year contract (246 business days) - possible extension Hybrid 3 days in office - 222 Jarvis St. Toronto Security Level: CRJMC Responsibilities: Develop privacy impact assessments and review recommendations from the privacy impac...