The Sr. Manager, Privacy (Health) will work under the direction of the Chief Privacy Officer to lead the design, implement and operate the Loblaw Privacy Program – health privacy strategy within our health-related businesses. The Sr. Manager, Privacy is responsible for execution of the Privacy Program and lead the day-to-day privacy operations including activities: privacy assessments, privacy compliance reviews, policy development, delivering training, and promoting privacy practices and standards across the business.
- Serve as a dedicated privacy subject matter expert within the health organization.
- Lead the development and implementation of the Privacy Program components (e.g., content development, training, assessments, contract reviews and reporting), within health.
- Lead a health privacy team to manage privacy risks in day-to-day health business operations, including within new and existing projects.
- Provide advice, risk assessment, and recommendations regarding privacy controls.
- Support privacy breach management activities (e.g., intake, escalation and investigation).
- Gather relevant information from project teams and review, assess, document findings against requirements and create formal reports pertaining to privacy risks and benefits.
- Support the learning and development of the health privacy team.
- Stay abreast of health privacy legislative changes, privacy trends and changes in healthcare landscape to support organizational adaptation, innovation and compliance.
- Develop and maintain strong and collaborative relationships with peers within our health-related businesses and across the broader organization.
- 5+ years’ of working and management experience in Privacy Risk Management.
- Post-secondary education at either the college or university level.
- Certificate in CIPP required or equivalent preferred.
- Experience implementing and operating a privacy program within a complex healthcare environment.
- Well versed with Canadian health privacy laws and knowledge of international laws and privacy trends.
- Experience with risk management, security, and compliance, including, performing assessment activities around the application of security and privacy controls.
- Experience working collaboratively with cross-functional teams.
- Strong communication and presentation skills, including the ability to present effectively to varying levels of management.
- Strong analytical skills and ability to synthesize complex information into practical guidance.
- Ability to work in a fast-paced, changing environment while organizing and managing multiple responsibilities and projects with competing priorities and deadlines.
- Ability to approach situations and challenges with an action-oriented mindset and act decisively.
- Demonstrate sound judgement and critical thinking, analytical, and problem-solving skills.
- Forward thinking with respect to identifying, assessing and prioritizing risk, issues and challenges.