Privacy & Security Analyst

About The Position

Requirements

• Minimum of a four (4) year Bachelor’s Degree in Law, Business, Technology, or in a related field, from an accredited university.
• Ministry of Labour “Worker Health and Safety Awareness in 4 Steps” training certificate is required.
• Minimum of three (3) years’ experience working in a Privacy, Compliance, Risk Management or Information Security department within a health care environment.
• Demonstrated knowledge of Ontario and Canadian privacy laws, including Personal Health Information Protection Act (PHIPA), Freedom of Information and Protection of Privacy Act (FIPPA), and Personal Information Protection and Electronic Documents Act (PIPEDA).
• Demonstrated ability to interpret and apply legislation, policy, and precedent.
• Demonstrated knowledge of privacy and information security standards, including Generally Accepted Privacy Principles (GAPP), National Institute of Standards and Technology (NIST), and International Organization for Standardization (ISO).
• Demonstrated ability to analyze and interpret privacy and information security data.
• Demonstrated ability to manage conflict and facilitate problem-solving in difficult situations.
• Demonstrated excellent judgment and proven analytical skills.
• Demonstrated training, experience or utilization of lean methodology for process improvement.
• Demonstrated ability to independently identify issues, plan improvements, measure success and continue improvement.
• Demonstrated excellent computer skills with proficiency in Microsoft Office software (e.g. Word, Excel, Power Point and Outlook) and patient information systems.
• Demonstrated superior interpersonal and communication skills, both written and verbal.
• Demonstrated ability to manage routine correspondence, multiple tasks/projects, diversified workload and rapidly changing priorities and challenging deadlines.
• Demonstrated discretion and maturity when handling confidential information.
• Demonstrated commitment to the safety of co-workers and patients.
• Successful Criminal Records and Judicial Matters Check (CRJMC) is required.
• Proven ability to work independently and in a team environment.
• Demonstrated ability to perform with minimal supervision; to prioritize duties.
• Demonstrated commitment to ongoing professional development.
• Demonstrated professionalism in dealing with confidential and sensitive issues.
• Demonstrated positive work record and excellent attendance record.
• Ability to meet the physical and sensory demands of the job.
• Ability to travel between local sites.

Nice To Haves

• Certification as a Certified Information Privacy Professional (CIPP) or a related privacy/information security designation is preferred.

Responsibilities

• Provide consultation and recommendations; ensure compliance with existing privacy access to information legislation and for new and emerging federal and provincial legislations.
• Identify, report, analyze, and evaluate privacy risk to develop and implement mitigation mechanisms that support patients and HSN.
• Respond to reported privacy and information security breaches, investigate and lead breach responses, and make recommendations for corrective action within HSN and for regionally shared information systems.
• Respond to privacy complaints from internal and external sources.
• Develop and maintain privacy and information security policies, procedures, and work standards according to generally accepted privacy and information standards and best practices within HSN and for regionally shared information systems.
• Develop privacy materials, conduct privacy training programs, and promote privacy and information security awareness (e.g. face-to-face training, management of online instructional information, and print media) within HSN and with related entities associated with HSN.
• Conduct and report on Privacy Impact Assessments (PIA), organizational privacy attestations, and privacy audits/reviews.
• Determine and align improvement projects with HSN’s Strategic Plan; monitor and adjust to achieve goal outcomes.
• Contribute to learner development by providing academic support, mentorship, preceptorship and supervision as required.
• Participate in education and training specific to current, relevant federal and provincial health and safety legislation, standards and guidelines.
• Educate and promote health, safety and wellness in the work place.
• Represent the department or program on various committees and in meetings as required.
• Perform other duties as required.