Reporting to the Manager, Information Management, the Privacy Analyst supports and implements CNO’s Privacy and Access program. Works in collaboration with the Information Privacy and Security Lead, internal stakeholders and external experts and applies best and current privacy and access practices to safeguard information management assets. Provides expert advice and consultation across the College to ensure compliance with privacy laws and regulations.
- Acts as a privacy expert and primary point of contact, providing advice and guidance on privacy and Access to Information inquiries; provides interpretation in relation to Freedom of Information and Protection of Privacy Act (FIPPA) and other applicable privacy legislation; escalates legal, regulatory or reputational risks to the Information Privacy and Security Lead, as required; processes Access to Information requests.
- Conducts privacy impact assessments related to products, technologies, and vendors to identify and escalate potential privacy concerns.
- Works with Information Management team members to identify and recommend best practices; updates and maintains privacy and access policies, procedures, reports, data flows and data maps, and implements within existing systems.
- Works in collaboration with the Information Privacy and Security Lead in developing an education program for CNO staff that promotes a privacy and security-awareness culture; delivers privacy and security awareness training.
- Investigates and responds to alleged violations of privacy and access legislation, policies and procedures; recommends corrective action with clear and defensible rationale; escalates issues to the Information Privacy and Security Lead, as required.
- Creates monthly and ad hoc reports about privacy activities including breaches; in consultation with Information Privacy and Security Lead and internal stakeholders, identifies risks and trends, recommends and implements strategies to address patterns of breaches.
- Performs other related duties, as assigned.