Privacy Analyst, Privacy and Records Management

Business Services - Services d’affaires Ottawa, Ontario

Apply

Description

Position at Canadian Medical Protective Association

CMPA_fullclr_RGB

PRIVACY ANALYST

 

CONTRIBUTING TO THE CMPA

Privacy and Records Management is a department within the Research and Analytics group at the CMPA.  The Privacy Office takes an integrated approach to privacy by operationalizing privacy education, principles, and practices throughout our organization. It is responsible for the management of personal information, responding to requests, conducting investigations, and ensuring the application of legislative requirements. The Records and Information Management activity ensures the right business information is captured, controlled, and disposed of when meeting retention periods. The department also includes the Library and Archives which provides access to published and unpublished materials, research services, and educational outreach to improve organizational information literacy.

 

POSITION OVERVIEW

Reporting to the Manager, Privacy & Records Management, the Privacy Analyst provides Privacy program and departmental specific support for the analysis, design, development, and implementation of privacy processes and principlesThe incumbent applies best practices related to breach response, privacy access requests and data analysis in line with the organization’s Privacy Governance Framework.

 

The Privacy Analyst liaises directly with the end user community and members of the Privacy Office to support continuous improvements in CMPA’s Privacy Program. The incumbent plays an integral role in communicating the relevance and importance of privacy best practice through consultation, collaboration, and training across the Association. They are also responsible for maintaining an understanding of privacy legislation and regulation and how they apply to the Association and its members.

 

POSITION ACTIVITIES

Program Support

  • Supports the Corporate Privacy Program that defines, maintains, and implements policies and processes that enable consistent and effective privacy practices which minimize risk and ensure the protection of personal information
  • Conducts analysis to identify opportunities to evolve and mature the Association’s privacy program; promotes continuous process and program improvement meeting the ever-changing privacy legislative landscape
  • Provides consultation and privacy advice for new and updated policies, programs, initiatives, proposals, contracts, data sharing agreements, technologies, and information systems
  • Supports the Privacy Access Request process including the collection of materials, consultation with business units and liaise with Legal Counsel for review
  • Participates in internal working groups, including the Privacy Operations Group, Data Governance Operations Group and RIM Working Group
  • Collaborates with Security Office to align risk management processes and reporting
  • Identifies privacy requirements for the management, retention, and destruction of corporate information, working closely with Records and Information Management (RIM)
  • Provides workload forecasts based on operational activities and upcoming projects, including budgeting and resource estimates and delivers quarterly and year-end reporting on Privacy activity

 

Privacy Analysis

  • Facilitates needs assessments and requirements analysis, develops, and delivers reports on process improvements 
  • Conducts analysis of internal breach and incident reports to determine trends, investigates and tests solutions, provides recommendations and works with applicable internal resources to operationalize risk mitigation measures
  • Develops a thorough understanding of our Members’ privacy issues by analysing Members’ privacy interactions to report trends and develop and recommend improvements
  • Consults and provides privacy advice for new and emerging technology initiatives including the use of data de-identification systems
  • Consults with Data Stewards to identify data inventories and high-risk repositories and apply privacy classifications

 

Training and Awareness

  • Delivers ad hoc training sessions, and/or provides coaching to staff as required
  • Promotes and encourages effective management of personal information in alignment with the corporate privacy program
  • Attends and participates in the Privacy Operations Group to report on privacy risk and to stay firmly connected to business units to maintain knowledge of departmental privacy activity
  • As a subject matter expert in privacy, conducts research and stays up to date on emerging privacy trends, best practices, and regulatory developments

 

EDUCATION AND EXPERIENCE

  • Minimum four-year Bachelor’s Degree required, preferably in a related field of study
  • Minimum 5 years of experience in privacy management or another related field.
  • Industry recognized privacy certification such as Certified Information Privacy Professional, Certified Information Privacy Technologist (CIPP/C or CIPT),
  • Experience providing user support and advice, analyzing data, working in cross-functional departments, facilitating meetings, and delivering presentations
  • Knowledge of Canadian health privacy laws and privacy trends.
  • Experience in quality control, audit, and monitoring methods, practices, and tools
  • Strong knowledge and experience in privacy concepts, principles, operations, legislation, and regulations
  • Knowledge of information technology or information security is an asset
  • Proven knowledge of privacy principles, processes, and legislative requirements.
  • Maintains personal professional development as a Privacy Analyst, including continuous vendor and industry training and attending conferences

 

SKILLS AND ABILITIES

  • Demonstrated experience developing privacy requirements and delivering privacy risk training content.
  • Thorough understanding of “privacy-by-design” and privacy best practices
  • Ability to meet tight deadlines and perform well under pressure with competing priorities
  • Ability to work with internal clients on a regular basis, identifying their needs and investigating solutions
  • Analytical thinker with critical attention to detail and accuracy
  • Ability to handle confidential information with discretion and diplomacy
  • Ability to communicate with end users, business units and management.
  • Ability to analyze and provide solutions to both technical and non-technical problems

 

POSTING DETAILS

  • Job Type: Regular Full-Time
  • Salary Range: $81,600 to $95,000 – this role is classified as level 8
  • Skills Assessment: Selected candidates may be required to complete a skills assessment
  • Location: Hybrid – Primary Remote Job. You can work from a home-based office the majority of the time within the provinces of Ontario and Québec, with regular on-site presence at the CMPA office (1-2 days per week). If you prefer, you can choose to work out of the CMPA office in Ottawa, Ontario near the beautiful Dow’s Lake.
  • Application Deadline: Posting will remain open until filled. 

 

The CMPA is an equal opportunity employer and is committed to being responsive to those living with disabilities and strives to prevent and remove barriers to accessibility. The CMPA will provide support and accommodation in its recruitment processes to applicants living with disabilities. If you are invited to participate in an interview and/or skills assessment and have accommodation needs, please let us know.

 

Equity, diversity, and inclusion (EDI) is a key priority, and we actively strive to build a culture of inclusion where employees can be their authentic selves and are valued for their diverse experiences and perspectives.

 

We welcome and encourage candidates from diverse backgrounds and a variety of lived experiences to apply.

 

 

Apply Apply Later
← Back to Current Openings

Share