7 Data Privacy jobs in Canada
Privacy and Compliance Specialist
Posted today
Job Viewed
Job Description
Job Description
Company Description
Who We Are
With every job, there’s always the question of “why”. Why join a company? Why be part of their mission? Here, the why is easy. It’s because at some point, we’ve all needed someone there for us.
At the OTIP Group of Companies (OGC), we believe that something special happens when employees feel valued for the work they do, supported as the people they are, and included in the very fabric of the organization: they bring their best to work every day. And that's why we mean it when we say we put our people at the centre of everything we do. Join us as we grow our way into a future that reimagines what it means to deliver meaningful benefits support and service.
Job DescriptionWhat You’ll Do:
Reporting to the Manager, Privacy and Compliance you’ll be responsible for conducting privacy risk assessments, investigating and resolving privacy incidents, privacy training and activities related to the development, implementation, and maintenance of privacy compliance measures in accordance with applicable provincial and federal privacy laws.
The core parts of your role will be to:
Conducts privacy risk reviews and privacy impact assessments for new or existing programs, projects and technologies to ensure compliance with OGC’s privacy policy and applicable data protection legislation.
Responsible for the investigation of privacy incidents, collaborating with internal and external stakeholders, assessing and mitigating the risk of significant harm, documenting outcomes, and recommendations to prevent recurrence.
Responsible for handling access to information requests, ensuring access is compliant with applicable privacy legislation and producing activity reports.
Provides privacy guidance to stakeholders at all levels by interpreting data protection requirements and recommending best practices for the collection, use, disclosure, safeguarding, retention, and disposal of personal information.
Create, update and deliver training programs and materials about privacy and information handling practices to OGC employees.
Completes privacy risk reviews of third-party service providers and related due diligence.
Conducts research on access and privacy issues and maintains current knowledge of applicable privacy laws. Familiar with information security concepts and is able to apply privacy risk management principles to new and emerging technologies to enable OGC to meet its business objectives while ensuring personal information is safeguarded.
Performs other duties within competence, as assigned.
Let’s Talk About You:
This is the unique blend of skills and experience we would love to see in an ideal candidate:
A university degree or college diploma in business or a related field.
Two years’ related experience. Professionals are not required to have prior privacy experience. We will upskill on the job those professionals with appropriate related experience (e.g. risk, compliance, audit, information security, records management, insurance/financial).
Knowledge and practical application of federal and provincial privacy legislation. A CIPP/C designation is preferred and/or willingness to attain.
Superior verbal and written communication skills with the ability to communicate technical and legal information effectively and clearly to a wide variety of audiences.
Demonstrated ability to deal effectively and collaboratively with all levels of internal and external stakeholders to achieve privacy compliance requirements.
Superior time management and organizational skills to manage multiple accountabilities and competing priorities with the ability to quickly adapt to unforeseen changes in priorities.
Innovative and a self-starter with good research, analysis and report writing abilities meeting quality standards and deadlines and able to develop and implement new policies, procedures and practices.
Proficiency in Microsoft Office Word, Excel, PowerPoint, SharePoint and Adobe In-design software.
A CRM designation is considered an asset.
The ability to communicate in French (verbal and written) is considered an asset.
Working Conditions:Hybrid options available.
May be required to work overtime.
May be required to travel.
We also consider your potential. If you know you have what it takes to do the job, but your experience doesn’t exactly match the qualifications above, we encourage you to apply and provide us with more details about why you think you would be a great fit.
Additional Information
Some of the Perks We Offer:
We offer best-in-class pension and benefits, total reward programs and comprehensive mental wellness supports to set you up for every success in and outside of work. Here are just some of the reasons you’ll love working here:
- Rewarding salary and bonuses that truly value your dedication
- Industry-leading group benefits with 100% premium coverage (excluding LTD) that start on your first day
- Defined benefit pension plan for a financially confident retirement
- 100% coverage of approved continuing education and licensing fees (including RIBO courses in Ontario)
- Access to a wealth of learning resources, including LinkedIn Learning for professional development
- Flexible work-from-home and hybrid options
- Unlock your potential with opportunities for advancement
Let’s work together! If you are interested in this opportunity, please apply online.
OTIP and its group of companies strive to create an accessible and inclusive work environment where everyone is treated with respect and dignity. Upon individual request, we will endeavor to remove any barrier to the recruitment and selection processes and provide accommodations for persons with disabilities.
As a business, we protect what matters most to our members. As an employer, we value what matters most in our workplace. Together, this includes fostering a diverse, equitable and inclusive environment for all. We are committed to learning and evolving so we can continue to celebrate what makes us special. You are who you are, and our differences are what make us unique.
We are an equal opportunity employer and encourage applications from all qualified individuals. We thank all applicants for their interest; however, only candidates selected for an interview will be contacted.
#LI-Remote, #LI-Hybrid
RQ09522 - Sr. Privacy Impact Assessment (PIA) Specialist
Posted today
Job Viewed
Job Description
Job Description
RQ09522 - Sr. Privacy Impact Assessment (PIA) Specialist
Downtown, Toronto
Hybrid -3 days onsite and 2 days remote
Contract (9 months, possible extension)
Must-Haves:
- Strong understanding of Ontario's privacy regulations/policies/frameworks, and how they are applied to individuals and organizations in the use and protection of personal health information;
- Demonstrated experience with conducting or leading privacy impact assessment in the health context ;
- Strong knowledge of and experience with the digita l health systems, programs, vendors, assets and solutions in Ontario.
Nice-to-Haves:
- Public sector experience
RQ09522 - Privacy Impact Assessment (PIA) Specialist - Senior
Posted today
Job Viewed
Job Description
Job Description
Description
· Interpret and apply Ontario Freedom of Information and Protection of Privacy Act (FIPPA) and Personal Health Information Protection Act (PHIPA), Health Information Network Provider (HINP) agreements, and Data Sharing Agreements (DSAs) to the project deliverables, ensuring that the ministry and OHs obligations are met to provide individual access to PHI and other digital health care services.
· Assess existing legislation and regulations for potential changes required to support additional initiatives to provide greater access to PHI and digital health care services and determine impacts on existing data sharing/EHR agreements/privacy frameworks/health information custodian (HIC) models.
· Develop and provide change management support and/or communications to support stakeholders with changes related to privacy business processes.
· Review the recommendations from the privacy impact assessment (PIA) of the proposed solution and business processes.
· Provide advice to the ministry as it relates to privacy legislation, regulations, policy and guidelines.
· Coordinate across branches and develop communication materials such as briefing notes and presentations.
· Consult and gather input from specific individuals within the organization on privacy topics either independently or as part of a team.
· Communicate with technical and business audiences and non-privacy experts.
· Prepare and present status reports and updates for any relevant steering committees, advisory panels, working groups, or similar governance bodies.
· Ensure project artefacts and deliverables reflect a superior understanding of:
o The necessary legislation and regulations to enable access to PHI and digital health care services in the Ontario context;
o The current landscape of digital health tools used to support patient access to PHI, including patient portals, apps, etc., and the opportunities to transform care and improve services to support a unified patient experience in digital health;
o Strong knowledge of identity verification, authentication, and authorization services and the privacy and policy requirements to enable the usage of these services;
o Strong knowledge of digital health systems and programs, including Health811, secure log-in mechanisms, patient portals, and the provincial EHR;
o All relevant digital health/information technology issues, including policy, clinical / business and technical (e.g., interoperability, standards, licensing, operations and sustainment, etc.) requirements; and
o Private and public sector delivery partner capacity to deliver technology in a clinical setting; and
o Best practices in information technology project management.
NOTE
Extension/Amendment Attestation: Extension(s) only allowed using unused days/funds left on contract. No additional funds will be added beyond the maximum contract value and any extension options included in the original SOW. Such extension(s) will be allowable only if the Master Service Agreement is extended beyond April 5, 2026 and be upon the same terms, conditions and covenants contained in the SOW.
The resource needed until July 31, 2026, will include an option to extend, at the same rate, till July 31, 2026 if Tender_12075 Managed Service Provider for Contingent IT Resources is also extended for a further one year, else an RFS under the Successor VOR will be issued for the services required April 5, 2026 to July 31, 2026 plus any extension options.
Assignment Type : This position is currently listed as "Hybrid" as consultants will be required to work partly in the physical workplace and partly remotely. The details of this arrangement will be at the Hiring Manager's discretion.
SkillsExperience and Skill Set Requirements
Health sector and digital health experience
· Strong understanding of the healthcare system, structures, processes, stakeholder groups and affected populations, and how healthcare services are delivered in the province based on extensive experience with Ontarios health sector;
· Strong track record of experience with the ministry and its delivery partners, and in-depth knowledge of the levers and instruments of change;
· Strong knowledge of and experience with the digital health systems, programs, vendors, assets and solutions in Ontario.
20 points
Health privacy knowledge and regulatory experience
· Strong understanding of Ontarios privacy regulations/policies/frameworks, and how they are applied to individuals and organizations in the use and protection of personal health information;
· Demonstrated experience with conducting or leading privacy impact assessment in the health context;
· Demonstrated experience with interpreting or applying PHIPA, and leading regulatory/policy projects in digital health.
40 points
Program and project management
· Experience managing complex projects with a demonstrated track record of successful delivery within approved plan, scope and budget and business outcomes; and
· Demonstrated leadership and resource management skills including the ability to direct activities and manage a variety of professionals.
10 points
IT strategy and planning
· Track record of successful strategic planning in health technology contexts;
· Demonstrated ability to define objectives, develop strategic options analysis and to create action plans that outline tasks required for implementation phase; and
· Ability to provide clarity and collective understanding of the range of options and communicate logically how the options were developed and selected as the strategic response.
10 points
Business analysis
· Demonstrated experience managing business projects and achieving successful results on time and on budget with high customer satisfaction;
· Demonstrated experience in process mapping, requirements gathering, program definition, and transition planning; and
· Demonstrated experience in leading program or organizational transformation initiatives.
20 points
MUST HAVES:
Strong understanding of Ontarios privacy regulations/policies/frameworks, and how they are applied to individuals and organizations in the use and protection of personal health information;
· Demonstrated experience with conducting or leading privacy impact assessment in the health context;
Strong knowledge of and experience with the digital health systems, programs, vendors, assets and solutions in Ontario.
RQ09522 - Sr. Privacy Impact Assessment (PIA) Specialist
Posted 13 days ago
Job Viewed
Job Description
RQ09522 - Sr. Privacy Impact Assessment (PIA) Specialist
Downtown, Toronto
Hybrid -3 days onsite and 2 days remote
Contract (9 months, possible extension)
Must-Haves:
- Strong understanding of Ontario's privacy regulations/policies/frameworks, and how they are applied to individuals and organizations in the use and protection of personal health information;
- Demonstrated experience with conducting or leading privacy impact assessment in the health context ;
- Strong knowledge of and experience with the digita l health systems, programs, vendors, assets and solutions in Ontario.
Nice-to-Haves:
- Public sector experience
Be The First To Know
About the latest Data privacy Jobs in Canada !