Position: Manager, Privacy

Status: Permanent Full Time                                            

Department: Office of the VP, General Counsel, and Chief Compliance and Privacy Officer

Posted Date: May 26^th, 2023 – June 11^th, 2023, 11:59 PM

Salary per Annum: $104,350 – $156,550 (salary band placement commensurate with experience)

A New Kind of Health Care for a Healthier Community.  That’s our mission at Trillium Health Partners (THP), one of the largest community-based acute care facilities in Canada.  Comprised of the Credit Valley Hospital, the Mississauga Hospital and the Queensway Health Centre, along with several satellite locations, THP serves the growing and diverse populations of Mississauga, West Toronto and surrounding communities, and is a teaching hospital affiliated with the University of Toronto.

If you are passionate about your career, motivated to improve the health of the community, committed to excellence, quality and patient safety consider joining our Better Together team!

Position Overview:

The hospital is seeking a Manager of Privacy (Manager) to oversee and further develop its Privacy programs in alignment with THP’s strategic direction and in compliance with governing laws, practices and policies. The Manager is an expert in their field with at least 7 years of applicable privacy work and management experience. The Manager will lead a Privacy team and the organization in protecting and serving our patients, supporting partnerships and innovation (such as artificial intelligence and THP’s cloud strategy), and fulling our legislative duties, including under the Personal Health Information Protection Act (PHIPA) and the Freedom of Information and Protection of Privacy Act (FIPPA).

The Manager will report to the Director of Health, Privacy, and Regulatory Law, within the Office of the VP, General Counsel, and Chief Compliance and Privacy Officer (CCPO) (i.e., THP’s designated FIPPA head), and have a dotted reporting relationship to the Director, Health Information Management and Information Privacy and Security, in the Information Services Division.

Job duties and responsibilities:

• Oversee a Privacy team, including assigning work, managing performance and identifying and providing training opportunities, in a remote/hybrid environment;
• Maintain current knowledge of applicable provincial and federal privacy law (e.g. PHIPA, FIPPA, PIPEDA, etc.), the interpretation and application of the law, procedural rules of the Information and Privacy Commissioner of Ontario (IPC), and best practices within the field;
• Represent THP in processes under FIPPA and PHIPA (including but not limited to managing and being responsible for FOI or PHI requests, complaints, appeals, breach investigations, notifications, reporting);
• Prioritize clinical and enabling stakeholder inquiries and incidents, facilitate or provide systems or case-by-case advice and training (e.g. Assess and advise on privacy requirements for applications and systems and advise programs on issue-specific questions), and maintain knowledge of and centralize advice while building privacy capacity in the clinical teams;
• Support ongoing privacy compliance monitoring (as reported into Privacy or identified through Privacy initiated audits or otherwise), assess risks, investigate incidents and potential breaches and recommend appropriate remedial and responsive action;
• Ensure privacy audits (including random and targeted) are completed as required;
• Maintain and update privacy policies and processes for the collection, use disclosure of and access to PI and PHI in alignment with governing laws;
• Develop and/or review and maintain privacy related documentation, agreements or provisions (such as data sharing agreements, purchase agreements, confidentiality agreements, service agreements, leases, and consent forms);
• Collaborate with Information Services’ Access Team and Clinical Systems and Informatics Team (Epic) to ensure best practices are implemented and adhered to related to access and privacy audits;
• Maintain and update privacy awareness and educational and training materials and provide or facilitate the delivery of privacy orientation and education for employees, volunteers, professional staff and learners; and
• Liaise with internal and external stakeholders (external stakeholders include requesters, the IPC, vendors, consultants, and legal counsel).

Qualifications:

• A post-secondary degree or diploma;
• Certified information and Privacy Professional/Canada (CIPP/C) certification or equivalent industry recognized certifications preferred;
• Minimum seven (7) years privacy professional and management experience, with demonstrated expertise and experience in applying FIPPA and PHIPA;
• Experience in contract drafting and review an asset;
• Experience supporting the healthcare or publicly regulated industry an asset;
• Commitment to the hospital’s strategic plan, including becoming an antiracist organization;
• High level of composure with the ability to demonstrate sound judgment, discretion, tact, collaboration and courtesy, with the ability to manage a demanding practice and maintain strict confidentiality;
• Results-oriented and client-focused with a commitment to quality and excellence;
• Superior oral and written communication and presentation skills;
• Strong strategic and conceptual skills, systems thinking and ability to deal with ambiguity;
• Superior analytical, attention to detail, organizational, problem solving, negotiation and conflict resolution skills;
• Ability to build effective working relationships with a dynamic, professional team;
• Ability to effectively and efficiently use and manage time and hospital resources;
• Ability to work independently while both managing and reporting into a team;
• Flexibility with work environment and ability to work remotely or in-person depending on the hospital’s and team’s needs - travel to all sites of THP will at times be required.

Internal employees who believe they possess the necessary qualifications and experience for this position and who have been in their current position for at least six (6) months are encouraged to apply.

Notes to applicants: 

If you do not see yourself fully reflected in every job requirement listed on this posting, we still encourage you to reach out and apply. Research has shown candidates from underrepresented groups often only apply when they feel 100% qualified. We encourage applicants who are members of groups that have been marginalized on any grounds enumerated under the Ontario Human Rights Code to consider this opportunity.

Trillium Health Partners is an equal opportunity employer committed to fostering a healthy, safe and respectful environment for healing, based on our values compassion, excellence and courage.  To be Better Together, we commit to fostering a respectful workplace culture that promotes a safe and supportive environment for everyone who provides care, supports caregiving, receives care or visits the hospital.

In accordance with the Accessibility for Ontarians with Disabilities Act, 2005 and the Ontario Human Rights Code, Trillium Health Partners will provide accommodations throughout the recruitment and selection process to applicants with disabilities as required. 

Applicants must be eligible to work in Canada. We would like to thank all applicants for their interest in this position, however, only those selected for an interview will be contacted. Trillium Health Partners is recognized under the French Language Services Act.

As a condition of employment, we require all staff to be fully vaccinated for COVID19, in addition to other vaccinations required by the Public Hospitals Act.