Responsible for the day-to-day implementation, monitoring and enforcement of privacy and security policies and procedures for the facility; and drafting, negotiating and finalizing agreements between the University and external sources.
Representative Duties & Responsibilities
- Develop procedures to satisfy network privacy and security policies and external stakeholder requirements.
- Draft and negotiate complex agreements for final approval and execution by authorized University officials ensuring compliance with all appropriate University, stakeholder, and government policies and regulations.
- In collaboration with the ICES Central Chief Privacy & Compliance Officer (CPCO), Security Manager and the broader ICES Privacy and Compliance team, ensure privacy and security policies and procedures are implemented.
- Review project privacy impact assessments and grant submissions according to policies and procedures, and provide consultative support to staff, researchers and students.
- Ensure research ethics board approval and reporting requirements are met.
- Deliver privacy and security training to staff, researchers and students.
- Escalate privacy, security and compliance issues to the Privacy Office in accordance with privacy policies and procedures.
- Gather necessary information for the Privacy & Compliance Office to facilitate privacy and security audits and investigations of privacy and security incidents and privacy complaints.
- Monitor activity logs to verify compliance with procedures and identify anomalies.
- Liaise with other departments (e.g. privacy, research ethics, security, IT) and third party vendors as required to support compliance to privacy and security policies and procedures.
- Sit on committees and contribute information as privacy subject matter expert.
- Participate in provincial Privacy & Compliance activities such as the creation, review and delivery of documents and initiatives to support privacy, security and compliance.
- In collaboration with the Privacy & Compliance Office, develop and implement consistent documentation, including logs and systems, to support compliance with the policies and procedures and enable compliance audits and the maintenance of performance metrics.
- Maintain vigilance for, report on, and make recommendations regarding new and emerging privacy and security risks; and, the effectiveness and adequacy of privacy and security controls.
- Coordinate the change management process and take responsibility for systematic accreditation of changes, including post-implementation review.
- Provide back-up support to manager during absences.
- Explain and clarify University policies in an effort to facilitate agreements between internal and external clients and collaborators.
- Seek the advice of colleagues with regards to more complex matters such as intellectual property, commercialization, indemnification and insurance language that may be required in agreements.
- Remain current with frequent changes to privacy law, and regulations and restrictions.
- Identify intellectual property and potential liabilities and handle them according to rules and regulations.
- Provides functional guidance to others on an ongoing basis.
Closing Date 2016/03/31