The Alberta Medical Association (AMA) is looking for an experienced privacy and risk management professional to join our team as the Manager, Privacy and Risk Management.
The AMA is moving towards a hybrid work environment; therefore, the successful candidate will have the opportunity to work from home but will be required to go into our Edmonton or Calgary offices when required. This role will be pivotal in supporting the AMA to revise our privacy, internal audit and risk management programs in a hybrid work environment.
Why Work for the AMA?
At the AMA, we take pride in hiring client-oriented relationship builders who embrace teamwork, personal growth and development and truly want to help us succeed. We seek employees who understand and realize value in what they are doing and are personally committed to their roles within the AMA. As part of our employee experience, we provide a competitive compensation, work-life balance, comprehensive employer paid benefits and a pension plan that includes both a Defined Benefit and Defined Contribution components.
The Manager, Privacy and Risk Management is responsible to the COO/CFO for the AMA’s privacy, internal audit, and risk management programs, bringing a systematic, objective, and disciplined approach to the management of privacy and organizational risk. This role will be an internal expert and lead for the association in these areas.
In this role, you will:
- Develop and maintain the AMA privacy program in alignment with legislative requirements and OIPC guidelines.
- Develop and deliver training and tools for AMA staff, contractors and/or other stakeholders on the areas of privacy, information classification and risk management.
- Providing consultation to AMA staff and contractors on privacy matters.
- Manage privacy breaches if/when they occur, including determining actions required and process improvement recommendation to mitigate the risk of future breaches.
- Develop and maintain the AMA’s information classification program to ensure AMA’s sensitive information is appropriately classified and that staff are aware of their responsibilities in handling and sharing that information.
- Develop and maintain the AMA internal audit program including preparing control documentation on all key processes and systems and working with department leaders to develop and implement process changes to resolve any control failures or control weakness identified.
- Develop and maintain the AMA’s enterprise risk management framework by identifying key risk categories and establishing risk tolerance levels. In collaboration with functional leaders, identify, evaluate, mitigate, and monitor the AMA’s operational risks, ensuring the AMA’s risk management practices are compliant with applicable regulations, standards, and best practices.
- Develop and present internal audit and risk management reports to the Committee on Financial Audit.
As an ideal candidate, you possess the following qualifications:
Education and experience
- Business or related degree supplemented by professional certification in privacy (CIPM or similar certification) and professional certification in risk management (RIMS or similar certification) or internal audit.
- Five to ten years of experience in privacy, risk management or internal audit, with a pattern of progressive responsibility and learning.
- Demonstrated knowledge and experience in the application of:
- Canadian information privacy laws, principles, and practices (e.g., Alberta’s Health Information Act (HIA), the Personal Information and Protection Act of Alberta (PIPA), Personal Information Protection Electronic Documents Act of Canada (PIPEDA), Freedom of Information and Protection of Privacy (FOIP), Canada’s Anti-Spam Legislation (CASL), General Data Protection Regulation (GDPR), Alberta Evidence Act, Electronic Transactions Act).
- the information classification domain as it pertains to protection of sensitive information.
- risk management frameworks and tools; and
- audit procedures, as well as evaluating, analyzing, and testing internal control systems.
- Outstanding written and oral communication skills and the ability to communicate at all levels of the organization and with external stakeholders.
- Ability to serve as an effective liaison between the organization and the Office of the Information and Privacy Commissioner, or other such government bodies.
- Demonstrates a commitment to continuous learning and process improvement.
- Forward looking, able to leverage technology and change processes to improve systems.
- Ability to work independently and within a team environment.
Who are we?
The AMA advances patient-centered, quality care by advocating for and supporting physician leadership and wellness. Alberta’s physicians and the AMA are committed to Patients First®. For more information on the AMA please visit our website at www.albertadoctors.org.
How to Apply:
To apply, please complete our online application form on our website at https://www.albertadoctors.org/app/forms/hr/Detail.aspx?ID=18 . Please note only applications received through our online platform will be considered. Thank you. You can view all available opportunities at https://www.albertadoctors.org/app/forms/hr/.
The deadline to apply for this position is September 26, 2021 or until a suitable candidate is found.
We thank all applicants for thier interest in joining our team, please note that only those selected for an interview will be contacted. An employment offer for the successful candidate will be contingent upon the satisfactory completion of a background check, including a criminal record check.