Privacy Impact Assessment Specialist 0309-1212

Join to apply for the Privacy Impact Assessment Specialist 0309-1212 role at Foilcon

2 days ago Be among the first 25 applicants

Join to apply for the Privacy Impact Assessment Specialist 0309-1212 role at Foilcon

HM Note: This contract role is remote, and candidates can work remotely. Candidates must reside in Ontario, Canada. Candidates' resumes must include first and last name.

Must haves:

• Minimum of 3 years' health privacy experience conducting privacy impact assessments (PIAs) on medium to high complexity projects
• Minimum 5 years' direct operational privacy experience, preferably in a health sector and/or IT environment
• Minimum 5 years' experience drafting and reviewing privacy requirements for data sharing agreements
• Minimum 5 years' experience developing privacy policies, procedures, requirements, or controls
• Familiarity with the Personal Health Information Protection Act (PHIPA) and related requirements for Health Information Network Providers (HINP) and Electronic Service Providers (ESP)
• Familiarity with Application Programming Interface (API) functionality and management
• Familiarity with Electronic Medical Record (EMR) or Hospital Information System (HIS) infrastructure, design, and data flows

• Conducting and completing Privacy Impact Assessments and related documentation
• Providing privacy consultation on complex, multi-stakeholder health privacy issues and IT initiatives
• Identifying and assessing privacy risks, including developing risk mitigation plans
• Creating or informing the creation of data flow diagrams and associated privacy controls and compliance requirements
• Reviewing and advising on data sharing agreements
• Developing privacy requirements for new or changing projects
• Providing privacy advisory and support to business teams
• Other duties as required

• Knowledge of project management; familiarity with PMI's PMBOK is an asset
• Experience managing and delivering multiple projects
• Proficiency with project management software (e.g., MS Project, MS Teams)
• University degree in Health, Computer Science, Engineering, Law, Security, or related discipline or equivalent experience (desired)
• Familiarity with Prescribed Entities (PEs) or Prescribed Persons (PP) under PHIPA is an asset
• Experience with audit logging and Security Information and Event Management (SIEM) technology is an asset
• Knowledge of data protection controls such as encryption and tokenization is an asset
• Understanding of Accessibility for Ontarians with Disabilities Act (AODA) regulations and standards is an asset

• Minimum 3 years' health privacy experience conducting PIAs on medium to high complexity projects
• Minimum 5 years' operational privacy experience in health and/or IT environments
• Experience developing privacy policies and procedures
• Experience drafting and reviewing data sharing agreements
• Familiarity with PHIPA and related requirements for HINP and ESP
• Familiarity with API functionality and management
• Knowledge of EMR or HIS infrastructure, design, and data flows

• Support ongoing and new Privacy Impact Assessments
• Assist in risk mitigation of PIA findings under PHIPA
• Support updates and development of data sharing agreements
• Ensure knowledge transfer to Ontario Health team, including documentation and walkthroughs

• Provide comprehensive knowledge transfer to Ontario Health team before end of engagement
• Share all related documentation for review and sign-off
• Collaborate throughout the assignment to ensure key deliverables and milestones are met

• Minimum of 3 years' health privacy experience conducting PIAs
• Minimum 5 years' privacy experience in health and/or IT
• Familiarity with API functionality and management

• Mid-Senior level

• Contract

• Education and Training

• IT Services and IT Consulting