Privacy Officer

About The Position

Requirements

• Completion of a degree in law, business, public administration, information management, public policy or a related field
• A minimum of five years of progressively responsible and diversified experience in access to information, privacy, information governance, legal, regulatory or compliance.
• Strong understanding of Alberta and federal privacy legislation such as ATIA and POPA
• Hands-on experience managing access to information requests supporting or leading PIAs and advising on disclosure decisions
• Demonstrated ability to translate legal and privacy requirements into operational practice
• Strong analytical and problem-solving skills with sound judgment and attention to detail
• Excellent writing editing and document management skills
• Ability to manage multiple priorities and shifting deadlines
• Strong interpersonal and communication skills with the ability to build effective relationships.
• Proficiency with Microsoft Office and familiarity with contract management or privacy compliance tools
• Ability to work independently with minimal supervision and collaborate within cross-functional teams

Nice To Haves

• Experience responding to privacy incidents or breaches and liaising with regulatory bodies including the OIPC of Alberta is preferred

Responsibilities

• Oversee and administer the County’s access to information request process, ensuring compliance with legislative requirements, timelines, and internal procedures are met
• Provide direction on complex access requests, including the application of exceptions and exemptions to disclosure
• Monitor, track and report on access to information compliance metrics and obligations
• Develop proactive and routine disclosure of information processes and partner with departments on implementation
• Lead the development, implementation, and continuous improvement of the County’s privacy management framework
• Coordinate and support the development and implementation of privacy controls governing the collection, use, disclosure, accuracy, retention, and safeguarding of personal information, in collaboration with departments and relevant subject matter experts
• Lead and facilitate the development, review, and ongoing maintenance of Privacy Impact Assessments based on legislative requirements
• Provide organizational guidance and oversight to support the consistent application of privacy requirements across the organization in alignment with other applicable legislation, policy, and information governance practices
• Monitor privacy risks and recommend mitigation strategies and control improvements
• Maintain program documentation and records to support accountability, auditability, and continuous improvement
• Lead the development and maintenance of governance mechanisms, including privacy policies, procedures, delegation instruments, and the Directory of Personal Information Banks
• Coordinate compliance monitoring activities and follow-up with responsible departments on identified gaps, issues, and improvement opportunities
• Lead the assessment and response process for privacy incidents and potential breaches, including investigation, documentation, mitigation, and remediation activities, in collaboration with affected departments and subject matter experts
• Assess regulatory notification requirements and coordinate communications with affected individuals, internal stakeholders, and oversight bodies
• Track incident trends and recommend preventative improvements
• Act as the organization’s designated Privacy Officer, ensuring compliance with applicable Alberta privacy and access to information legislation
• Serve as the primary liaison with the Office of the Information and Privacy Commissioner of Alberta
• Coordinate and manage inquiries, investigations, mediations, audits, and related regulatory processes
• Prepare summaries, reports, and recommendations for manager and senior leadership on regulatory matters, privacy risks, and compliance issues
• Interpret legislation and regulatory guidance and provide authoritative advice on privacy, access, and disclosure obligations, including contractual privacy considerations and best practices
• Design, coordinate and deliver privacy and access to information training and awareness initiatives across the organization
• Promote a culture of privacy, accountability, and information stewardship
• Support the integration of privacy considerations into business initiatives, partnerships, research and data-sharing activities
• Provide leadership, direction, consultation and strategic advice to Access & Privacy Coordinator, including support on complex, sensitive or escalated access and privacy matters
• Establish and maintain processes, standards, and quality controls for access and privacy activities
• Escalate significant risks, issues or compliance concerns to senior leadership as required
• Perform other duties and special projects as assigned.

Benefits

• paid training
• competitive salary
• benefits after 30 days
• 27 paid days off in their first year
• general holidays
• pension plan
• paid sick time
• hybrid work environment