Reporting to the Regional Manager of Information Security & Privacy, the Privacy Specialist contributes to Osler’s compliance with all legislative obligations such as those defined in the Personal Health Information Protection Act (PHIPA), and the Freedom of Information and Protection of Privacy Act (FIPPA), along with monitoring, investigating and reporting on privacy related events or incidents.
- Supports in the implementation, and maintenance of the organization’s information privacy policies and procedures in coordination with the Regional Manager of Information Security & Privacy, internal privacy oversight committees and legal counsel as required.
- Provides operational support in Freedom of Information (FOI) access requests, including; tracking requests, coordinating record searches; preparing notices to internal program areas, requesters and third parties prescribed under FIPPA; severing records and preparing indexes of records; fee calculations and draft decisions, collecting deposits and fees prescribed by FIPPA; and disclosing records.
- Performs ongoing compliance monitoring activities such as auditing access to personal health information within internal and external health information management systems (HIS).
- Develops, implements, and delivers privacy training, orientation, and on-going awareness to all employees, volunteers, medical, and professional staff.
- Provides operational support in receiving, documenting, tracking, investigating, and taking action on all complaints concerning the organization’s privacy policies and procedures.
- Communicate as needed with management, staff, external organizations and patients on Privacy or FOI related matters.
- Maintain current knowledge of Osler policies, procedures, relevant privacy or healthcare legislation, and advancements in information privacy technologies to provide advisory where required.
- Post Secondary Degree or equivalent experience.
- 2-5 years experience in a Privacy role or equivalent.
- Working knowledge and familiarity with FIPPA and PHIPA legislation.
- Experience in handling sensitive situations with discretion and maintaining strict confidentiality is required.
- Strong business documentation, editing, proofreading and organizational skills is a requirement.
- Ability to effectively communicate with both technical and non-technical audiences.
- Experience in IT audit and coordination of privacy and/or security assessments an asset.
- Experience in a customer service environment an asset.
Closing Date: 8/5/2016