Senior Privacy Impact Assessment Specialist

CYNET SYSTEMS - 432 Jobs

Toronto, ON

Posted today

Job Details:

Full-time

Entry Level

Job Description:
Responsibilities:

Conducting/Completing Privacy Impact Assessments and associated documentation.
Providing Privacy Consultation on a diverse range of complex, multi-stakeholder health privacy issues and Information Technology (IT) initiatives.
Identify and assess privacy risks, including developing risk mitigation plans
Create or inform the creation of data flow diagrams and associated privacy controls and compliance requirements.
Reviewing and advising on agreements, including data sharing agreements.
Developing privacy requirements for new or changing projects.
Providing privacy advisory and support to business teams.
Other duties as required.

Must Haves:

Minimum of 3 years health privacy experience conducting privacy impact assessments (PIAs) on medium to high complexity projects.
Minimum 5 years direct operational level privacy experience preferably in a health sector and/or IT environment.
Minimum 5 years' experience drafting and reviewing privacy requirements for data sharing agreements.
Minimum 5 years experience developing privacy policies and procedures, requirements, or controls.
Familiarity with the Personal Health Information Protection Act (PHIPA), and its related requirements for Health Information Network Providers (HINP) and Electronic Service Providers (ESP).
Familiarity with Application Programming Interface (API) functionality and management
Familiarity with Electronic Medical Record (EMR) or Hospital Information System (Candidate's) infrastructure, design, and data flows

Deliverables:

Over the duration of the engagement, the Senior Privacy (PIA) Specialist will support work already in progress, as well as new work on Privacy Impact Assessments.
Work with the project and product teams on risk mitigation of PIA findings as required under PHIPA.
Support work related to update and/or developing new agreements.
Conducting/Completing Privacy Impact Assessments and associated documentation
Providing Privacy Consultation on a diverse range of complex, multi-stakeholder health privacy issues and Information Technology (IT) initiatives.
Developing risk mitigation plans.
Create or inform the creation of data flow diagrams and associated privacy controls and compliance requirements.
Reviewing and advising on agreements, including data sharing agreements
Developing privacy requirements for new or changing projects.

Desired Skills:

Demonstrable knowledge of project management; Knowledge and understanding of Project Management s Institute s Project Management Body of Knowledge is an asset.
Experience working on and delivering multiple projects.
Demonstrated project management software skills and experience e.g. MS Project, MS Teams etc.
University undergraduate or graduate degree in Health, Computer Science, Engineering, Law, Security, or a related discipline from a recognized institution or equivalent experience desired.
Familiarity with Prescribed Entities (PEs) or Prescribed Persons (PP) under the Personal Health Information Protection Act (PHIPA), and their related requirements, is an asset.
Familiarity with audit logging and Security Information and Event Management (SIEM) technology is an asset.
Familiarity with technical data protection controls and technology such as encryption and tokenization is an asset.

Save