RQ11043 - Privacy Impact Assessment (PIA) Specialist - Senior

RQ11043 - Privacy Impact Assessment (PIA) Specialist - Senior

Contract, 6 months to start with high possibility of extension

Toronto, Ontario - Onsite

Responsibilities:

• Required to lead or support the development of a privacy impact assessment that evaluates whether new technologies, information systems, or proposed programs or policies meet legal and policy privacy requirements, determine and mitigate risks, and address clients' concerns.
• These requirements include ensuring that the program complies with provincial, municipal, federal and private sector access and privacy legislation, as well as relevant regulations, statutes, OPS policies, Directives, standards, guidelines and internationally accepted Fair Information Practices.
  General Skills:
  • Excellent knowledge of privacy and security concepts, trends, and issues. This will include an understanding of their impact on business processes, as well as skill with interpretation and communication of principles and compliance requirements
  • Knowledge of, and experience in researching and applying relevant information privacy laws, regulations, jurisprudence (particularly as it relates to the Information and Privacy Commissioner of Ontario) and risk countermeasures
  • Experience in conducting Privacy Impact Assessments in public sector context
  • Knowledge of, and experience with privacy enhancing best practices
  • Knowledge and ability to interpret and apply Ontario's Freedom of Information and Protection of Privacy Act (FIPPA) and its municipal equivalent the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA), Personal Health Information Protection Act (PHIPA) their respective regulations and related jurisprudence
  • Familiarity with federal Personal Information Protection and Electronic Documents Act (PIPEDA) and US PATRIOT Act
  • Policy Knowledge
  • Familiarity with OPS Privacy Impact Assessment Process and Tools released by the Ontario Ministry of Government Services;
  • Good understanding of related disciplines, such as IT security, IT system design, policy development (privacy or security), business architecture, legal processes, Freedom of Information administration, business analysis, risk management, project management.
  • Operational Program and Business Design Skills
  • Ability to lead, mange or support the development of a PIA either independently or as part of a team by directing and gathering input from specific individuals within the organization
  • Knowledge and ability to create and understand data flow diagrams and business process diagrams
  • Ability to recognize the need for, and seek input from external experts as required
  • Excellent communication skills with technical and business audiences and non- access and privacy experts.
  • Technology and Systems Knowledge
  • Analytical skills to understand the current and future access and privacy implications of policies, decisions and business initiatives
  • Knowledge of Information Technology concepts and processes that impact the protection of personal information, including (but not limited to) Internet tools, system interfaces, information security, information architecture and data flows
  • Information and Record Keeping Knowledge
  • Experience in developing risk assessment tools, methodologies, policies and procedures to effectively manage personal information
  • Knowledge of policies, directives, standards, business rules, procedures and guidelines relating to records management including classification, retention and disposition of information
  • Knowledge and understanding of Accessibility for Ontarians with Disability Act (AODA) and related regulations and standards

• Desirable Skills:
• Professional certification from a related discipline such as IT security, architecture
• Experience providing education and training related to privacy
  Knowledge of, and experience with the policies and procedures of the Ontario government (e.g. business case development, project approvals and policy development)

Must Have:

• Experienced in privacy legislation including Freedom of Information and Protection of Privacy Act (FIPPA), Personal Health Information Protection Act (PHIPA), the Personal Information Protection and Electronic Documents Act (PIPEDA)
• Experienced in conducting privacy assessments involving personal information, citing examples in resume.
• Experienced in leading and conducting privacy assessments with involving online and/or digital solutions.
• Lead and conducted assessments involving personal health information involving third party solutions (e.g. private sector or non-profit application solutions) and/or service integration providers.

Nice to have:

• OPS or Public Sector exp

AI Disclaimer: Source Code may use artificial intelligence (AI) tools to assist in certain aspects of its recruiting and business operations.

Note: The higher end of the range is intended for absolutely exceptional candidates who meet all must-have requirements and most or all nice-to-have qualifications. The client will evaluate candidates based on both rate expectations and overall skill set when shortlisting.

INCORPORATED RATE RANGE (7.25 billable hours per day)

• $93.27/hr - $111.92/hr Inc.

T4 RATE RANGE (7.25 billable hours per day)

• $74.62/hr - $89.54/hr T4.