Job Description

Key Responsibilities

Develop a

platform-level Privacy Policy Procedure Handbook

aligned with HSC's PHIPA roles (HINP, Agent, ESP). Create a

Privacy Learning Module

with accessible content (visual and audio) to train all data roles using the Health Data Utility platform. Conduct

Privacy Impact Assessments (PIAs)

, develop risk mitigation strategies, service level agreements, and other privacy-related documentation for onboarding OPS and BPSO partners. Support the

development of public health domain-specific privacy educational materials

under the guidance of the Public Health Domain Data Steward. Provide subject-matter expertise on

privacy by design principles

within digital health platforms. Engage with stakeholders at all levels to translate complex privacy concepts into clear, actionable guidance.
Required Skills & Experience

Canadian and Ontario Health Privacy Legislation (30 points)

Minimum

10+ years of operational experience

applying Privacy by Design under

PHIPA (2004)

and

FIPPA

, preferably in the health care sector. Familiarity with PIPEDA, OAHPP, and other privacy legislation is an asset. A recognized privacy designation (e.g.,

CIPP/C

) is an asset.
Privacy Policy & Procedures (30 points)

Minimum

10+ years of experience

writing IPC-compliant privacy policies and supporting documentation. Strong background in

digital health technologies

and

information security standards

, with the ability to prepare policies for varied audiences (executives, experts, and data users).
Privacy Acumen & Training (35 points)

Minimum

7+ years of experience

designing and delivering privacy training and education in plain language. Exceptional communication skills--oral and written--with the ability to simplify complex concepts. Strong analytical, organizational, research, and presentation skills. Ability to thrive in a

fast-paced environment

and manage multiple priorities.
Public Sector Experience (5 points)

Minimum

8+ years of operational experience

working with public sector organizations. Experience with the

Ontario Public Service (OPS)

and

BPSOs

(e.g., Public Health Ontario, PHAC) is preferred. Health and healthcare sector experience is an asset.

MUST HAVES:

Experience applying

PHIPA, FIPPA

within privacy frameworks. Experience developing

IPC-compliant policies

and privacy documentation. Experience delivering

privacy training and education

. Excellent communication, analytical, and organizational skills.
Job Types: Full-time, Fixed term contract
Contract length: 12 months

Pay: From $75.00 per hour

Expected hours: 36.25 per week

Application question(s):

How many years of experience do you have applying Privacy by Design within the framework of PHIPA and FIPPA (preferably in healthcare)? How many years of experience do you have writing IPC-compliant (or similar) privacy policies and supporting documents for cloud-based platforms? Do you have experience communicating complex privacy concepts in clear, simple terms to varied audiences (executives, experts, data users)? Do you have strong analytical, organizational, research, and presentation skills that you've applied in a professional setting?
Location:

Toronto, ON (preferred)
Work Location: Hybrid remote in Toronto, ON