Job Description

Job Number:
J0126-0172
Posting Date:
January 15, 2026
Closing Date:
January 30, 2026
Job Title:
Manager, Privacy and Records Management
Branch/Department:
North York Central
Division:
Planning, Policy & Performance Management
Employment Type:
Permanent Full Time
# of Open Positions:
1
Salary:
$103,431.00 - $141,247.00/Year





Toronto Public Library (TPL) is the largest public library system in Canada with the highest circulation and branch visits for an urban library within North America. As TPL embarks on new initiatives, including its digital transformation, innovations to service delivery both in-person and online, serving vulnerable populations, new partnerships with community organizations, and expanded outreach, it is more important than ever to ensure that customer information is protected trust in the Library maintained.

JOB SUMMARY:

Reporting to the Senior Manager, Privacy, Risk and Data Governance, the Manager of Privacy & Records Management is responsible for providing leadership support to the privacy and records management portfolios at TPL. This position will work with all TPL divisions and the City Librarian's Office, providing proactive and reactive advice to management and the senior leadership team, as well as responding to privacy and records management inquiries from internal and external parties, while supporting the maintenance of TPL's records management programs to advise and resolve issues. The Manager will maintain up to date awareness and will ensure organizational compliance with privacy legislation, trends and leading practices. This position will also provide leadership support to the Enterprise Risk Management program in areas of privacy and records management.

DUTIES:

Under the direction of the Senior Manager, Privacy, Risk and Data Governance, this position:

Privacy

Provides strategic advice around the development, implementation, and maintenance of the privacy program for TPL Advises management on matters of privacy, dealing with significantly complex issues involving a high level of confidentiality and sensitivity, including labour relations, cybersecurity and human resources matters Establishes and works with multidisciplinary stakeholders to ensure enterprise wide application of the privacy discipline to support quality control, enabling consistent and effective privacy protections that minimize risk, and ensure the confidentiality of personal information Leads the review and drafting of privacy and privacy-related policies and standards, as well as related procedures and training plans and materials, as requested by the Senior Manager Conducts and ensures completion of PIAs for enterprise systems, initiatives, projects, and third party service providers, working with internal and external stakeholders Makes strategic recommendations to the organization on privacy best practices, including the application of privacy by design to ensure privacy is embedded into the design and operation of new systems and practices Conducts and ensures the completion of assigned audits and privacy investigations Assesses, assigns, tracks, reports and prepares responses to Freedom of Information requests made under MFIPPA, in accordance with the legislated deadlines, as assigned by the Senior Manager Maintains awareness of and makes recommendations related to the mitigation of emerging privacy risks Handles information about, and provides advice around, privacy-related risks and risk mitigation efforts of significant complexity, involving a high level of confidentiality and sensitivity, which may include labour relations and human resources matters

Records Management and Data Governance

Provides strategic advice in making influential recommendations to senior management (within and external to the department) around the development, implementation, and maintenance of the enterprise records management and data governance program(s) Provides recommendations for inclusion of data governance principles and strategies in TPL's risk management program Ensures record management program is aligned with best practice and in compliance with applicable federal and provincial statutes, regulations and municipal bylaws Provides direction and oversight to integrate records management policies and practices into business processes, and to plan and carry out a wide range of records management activities for the organization Maintains accurate and complete records retention schedule and related practices Seeks opportunities to implement the TPL Risk Management Framework by embedding data governance into strategic and business planning, service development, and capital project initiatives to support risk-informed decision making in all areas of the Library's operations

Partner & Stakeholder Relationship Management

Seeks and applies legal advice on complex and sensitive matters, as requested by the Senior Manager Organizes and works with multi-disciplinary business and technical teams from across the Library to formulate and execute project plans and tasks according to established project management principles and methodologies Cultivates and enhances highly collaborative working relationships & teams through cross portfolio engagement with stakeholders (internal customers, external partners/regulators/vendors and customers, and Management, to enable portfolio and integrated planning Manages assigned projects, ensuring effective teamwork and communication, high standards of work quality and organizational performance and continuous learning

People Leadership

Provides full scope of management responsibilities to reporting staff, including recruitment, performance management and coaching, and support for leadership and training opportunities

QUALIFICATIONS:

University degree in law, policy, information management, information technology, public administration or related discipline or a combination of education and professional experience Certified Information and Privacy Professional (CIPP) and/or Certified Privacy Manager (CIPM) strongly preferred Minimum of one (1) year of management or leadership experience within the public sector, including demonstrated expertise supervising and managing staff in a complex and fast-paced environment. Minimum of four (4) years of experience working directly with the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) or other related access and privacy legislation Information management degree or diploma, 1 year of experience managing records for an organization, or experience implementing or maintaining a piece of a records management program (such as a retention policy and schedule) an asset Risk management degree or certificate, or a minimum of one (1) year of risk management experience, an asset Experience in and awareness of regulator expectations, leading practices and trends, and their application to data and technology Demonstrated experience in leading and conducting privacy impact assessments (PIAs) on technical and non-technical systems or workflows, with leading others to conduct a PIA an asset Demonstrated experience operationalizing two or more pieces of a privacy program (namely writing and implementing policies or procedures, responding to freedom of information requests, investigating and responding to privacy breaches, reviewing agreements, delivering training, designing or evaluating RFPs, or managing consent) Strong interpersonal skills, with proven ability to coach and lead teams and resolve conflicts Strong change management skills with ability to influence and build productive relationships with cross-divisional stakeholders Excellent written and verbal communication and presentation skills; ability to effectively communicate with senior leaders

SALARY:

$103,431 - $141,247 Grade 7 (2025 wage rate)

ACCOMMODATION:

We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs.

APPLICATION PROCESS:

Toronto Public Library (TPL) invites applications from all qualified individuals. The Library is committed to equal opportunity, diversity in the workplace, equity and reconciliation, and welcomes applications from Indigenous people, Black and racialized groups, people with disabilities, 2SLGBTQ+ people and women.


All applicants must be legally entitled to work in Canada. Toronto Public Library (TPL) will be using email to communicate with you for all job competitions. It is your responsibility to include an updated email address that is checked daily. As we send time sensitive correspondence, we recommend that you check your email regularly. If no response is received, we will assume you are no longer interested in pursuing the opportunity. Please be advised that a Criminal Record Check may be required of the successful candidate. Should it be determined that any background information provided be misleading, inaccurate or incorrect, Toronto Public Library (TPL) reserves the right to discontinue with the consideration of your application.


We thank all applicants for their interest, however, only those selected for further consideration will be contacted.