The Ottawa Hospital: Inspired by research. Driven by compassion
The Ottawa Hospital Research Institute is the research arm of The Ottawa Hospital and an affiliated institute of the University of Ottawa. With more than 1,700 scientists, clinician investigators, trainees and staff, and total revenues of more than $100 million, we are one of the foremost Canadian hospital-based research institutes. We are investigating virtually every major disease and condition, with a focus on answering important health questions and translating our findings into benefits for patients and society.
Brief job description:
We are seeking a dynamic and innovative privacy professional to join our team as the site Local Privacy and Security Officer (LPSO) in Institute for Clinical Evaluative Sciences (ICES) uOttawa under the direction of the Local Site Director and the ICES Central Chief Privacy and Compliance Officer and as the Privacy Officer for the mHealth research team. This is a full-time position, located primarily at the Civic Campus of The Ottawa Hospital.
LPSO (.7 – .8 FTE)
The LPSO will support the ICES uOttawa team in the day-to-day maintenance and operation of a secure, compliant, and effective facility. The incumbent will be responsible for the maintenance of, and adherence to, all ICES privacy and security policies and procedures.
Key Duties & Responsibilities:
The successful candidate will be responsible for the day-to-day- implementation, monitoring, and enforcement of privacy and security policies and procedures for the Facility:
- Provide an ongoing presence at the facility to help ensure its physical security.
- Act as primary contact between ICES Central Privacy and Compliance Office, and the ICES uOttawa facility.
- Ensure privacy and security policies and procedures are implemented at the local facility, in collaboration with ICES Central Chief Privacy and Compliance Office.
- Receive, review and coordinate approval process for Privacy Impact Assessments (PIA) forms, Project Activations Worksheets (PAW) and proposals for each project that is planned for ICES uOttawa.
- Review new projects for adherence to privacy policies and REB status (approval and reporting requirements) prior to submission for review to ICES Central Program Offices.
- Monitor and enforce organizational compliance with all data security and privacy protections.
- Develop and deliver privacy and security training programs specific to ICES Central Chief Privacy and Compliance Office, approved policies, practices and procedures and to the ICESuOttawa Facility policies.
- Ensure that all ICES uOttawa Facility personnel, adjunct, visiting and affiliated scientists, and students are familiarizedand comply with ICES privacy and security policies and procedures
- Work with stakeholders to ensure privacy policies and procedures are being met; assess and audit assigned work to ensure adherence.
- Maintain logs and inventories as defined in ICES uOttawa policies and procedures for compliance and accuracy.
- Gather necessary information to facilitate privacy and security audits and investigations of privacy and security incidents.
- Escalate complex privacy and security processes and issues to the Privacy and Compliance office in accordance with ICES policies and procedures.
- Manage various ICES uOttawa committees, including preparing agenda, slides, meeting materials and taking minutes for various ICES uOttawa meetings.
- Act as member of various committees as privacy subject matter expert.
- Produce activity reports for all privacy/security related matters at the ICES uOttawa Facility as required for ICES Central, formal reports for IPC, TOH REB and MOHLTC as requested.
- Liaise with Change Management Committee and assist in the implementation of the ICES Change Management Policy.
- Provide necessary information for and assist with processing of financial transactions.
- Act as facility contact, for other OHRI/TOH departments (physical plant services and IT), staff, students, and outside organizations/agencies (including ICES Central, contractors).
- Assist with preparation of annual reports for submission to partner organizations.
- Prepare and submit HR paperwork and assist with new staff onboarding as required.
- Other administrative duties as assigned by the Site Director and Facility Administrator.
Privacy Officer mHealth Research Team (.2 -.3 FTE)
CANImmunize is a free, bilingual mobile app that helps Canadians across the country keep their immunization information at their fingertips. The app allows people to securely store and manage their families’ vaccination records, provides appointment reminders and vaccination schedules by home province or territory as well as reliable information about vaccination requirements for children, adults and travellers.
Given the sensitivity of the data to be stored, rigorous assessment of the security of the platform and the impacts of the platform on the privacy of its users will be completed and submitted to the IOPC for review.
Key Duties & Responsibilities:
The Privacy Officer as the public face of the mHealth Research Team will:
- Provide ongoing privacy support and training to the team
- Address privacy inquiries/complaints from users, and ensure accurate tracking and management of issues
- Ensure that privacy policies and safeguards are being applied and enforced
- Create a Quality Assurance plan
- Prepare privacy impact assessments as required