Senior Information and Privacy Manager, Compliance Support

The Opportunity

Reporting to the Director, Compliance Support (CS), this role offers a unique opportunity to be at the forefront of the Commissioner’s legislated oversight mandate. Through relationship building, strong leadership, and effective investigation and communication skills, you will influence and effect changes in the development and implementation of initiatives, programs, policies, goals, and proposed legislative schemes in the public, health, and private sectors.

This is not an IT position. This role requires someone who can apply legislative requirements, information security, and privacy principles to ensure compliance with Alberta's privacy and access legislation.

For example, in this role you may:

• Review privacy impact assessments involving artificial intelligence.
• Participate in investigations into the adequacy of organizational security measures to protect personal and health information during privacy breaches.
• Examine business models and contracts related to virtual care platforms to assess compliance with health information and private sector privacy laws.

Responsibilities:

The specific accountabilities include:

• Review decisions made by public bodies, private organizations, and health custodians for compliance with relevant legislation.
• Review privacy impact assessments, provide feedback, and make recommendations.
• Assess privacy breaches for compliance with applicable laws.
• Conduct informal investigations to ensure legislative compliance.
• Issue findings and recommendations on access and privacy issues.
• Review and comment on initiatives, policies, contracts, procedures, and practices of public bodies, custodians, and private sector organizations to support compliance.
• Consult and educate on complex, multi-jurisdictional access and privacy issues.
• Educate and inform the public and organizations about the Acts.

Qualifications:

• Ability to interpret and apply legislation to specific situations, ensuring compliance and providing reasoned findings.
• Strong technical knowledge in information technology and security, with the ability to evaluate compliance of virtual care platforms with legislative frameworks.
• Investigation experience, including planning, evidence gathering, interviewing, analysis, and making findings on complex issues, preferably related to privacy and security.
• Proven ability to build effective stakeholder relationships.
• Excellent interpersonal skills, including conflict management, objectivity, tact, diplomacy, and collaboration.

For a detailed job description, please visit this link.

To view the full job ad and application instructions, visit the Job Board website.

Qualifications include a university degree in a related field and at least six years of progressively responsible experience in:

• Legislation interpretation and application
• Information security and privacy compliance reviews
• Research and analysis
• Investigations

Assets:

• Knowledge of access and privacy laws, especially FOIP, HIA, and PIPA.
• Professional designation in Information Security (e.g., CISSP, CISA, CISM) or related experience.