Regional Privacy Manager

Job Description

Regional Privacy Manager, Permanent Full Time

Information, Privacy and Regulatory Oversight, Location to be determined

Definition of work :

Reporting to the Regional Director of Information, Privacy and Regulatory Oversight, this position is accountable for analysis, planning, development, execution and evaluation of an organization-wide Privacy Management and Accountability Framework for protection and security of Central Health business, personal and personal health information under its custody or control, in accordance with federal and provincial legal and regulatory requirements, professional practice standards, public expectations of privacy, and internationally accepted fair information practices.

The position is accountable for development and implementation of privacy metrics for the purposes of regulatory oversight, compliance reporting and risk mitigation to promote a privacy culture throughout Central Health.

The successful candidate must be willing to travel throughout the region as required. The successful candidate must demonstrate an awareness of and be responsible for promoting and supporting person-and family-centered care, demonstrate a commitment to safety and partner with all team members to improve worker and patient safety by integrating safety into work practices, identifying risks and implementing improvements.

Job Summary :

The position provides regional leadership and consultation to Central Health employees and affiliated individuals related to legislative compliance and positive privacy practices throughout Central Health facilities and community program areas.

The position is accountable for formation of constructive working relationships to promote privacy awareness, integration of privacy practices and legal and ethical compliance with privacy principles.

The Privacy Manager also maintains strong working relationships with external stakeholders, community and government partners, and the Office of the Information and Privacy Commissioner OIPC .

The Privacy Manager is responsible for sustaining a learning culture concerning protection of privacy and security of information within Central Health.

The Privacy Manager plays an integral role in risk mitigation through dissemination of knowledge to support privacy awareness, informed decision-making, and legislative compliance with the Personal Information Health Act and the Access to Information and Protection of Privacy Act, 2015, as well as a number of other relevant statutes and professional practice and industry standards.

Key Responsibilities :

• Ensures a focus of service excellence, continuous quality improvement, and integration of positive privacy practices within Central Health.
• Establishment of mechanisms to ensure accountability for lifecycle management of information assets, including security and integrity of information in the custodian's custody or control.
• Development, implementation and auditing of privacy assessments and agreements, including Privacy Impact Assessments, Information Manager, and Information Sharing Agreements compliant with law.
• Monitoring of organizational practices to identify new processes or material changes to existing processes to ensure implementation of Privacy by Design principles.
• Development, implementation and evaluation of the Central Health Privacy Awareness and Education Framework using an adult learning methodology.
• Coordination and management of informal and formal ATIPP requests for disclosure of personal and business records in the custody or control of Central Health, pursuant to the Access to Information and Protection of Privacy Act, 2015.
• Management of client and internal stakeholder privacy complaints, including requests for information system auditing to ensure authorized access by end-users and role-based access protocols for authorized access to client records and information systems.
• Development and maintenance of procedures to respond to client requests for correction of personal / personal health information and to limit consent for the collection, use and disclosure of information.
• Investigation of root causes of privacy complaints and reported incidents to resolve, manage and mitigate further occurrences and privacy breaches.
• Management of the Provincial Privacy Breach and Reporting Protocol for containment, root cause analysis, and resolution of any unauthorized collection, use or disclosure of personal / personal health information pursuant to the ATIPPA, 2015 and the Personal Health Information Act, including privacy breach documentation and compliance reporting.
• Assessing, implementing and analyzing privacy indicators and metrics to assess the current privacy culture and effectiveness of privacy safeguards relative to evolving benchmarks and industry standards.

Required qualifications :

• Undergraduate degree in law or a health-related field.
• Current registration / licensure in the relevant professional association, if applicable.
• 5 years progressive management experience with formal privacy related and legislative analysis experience.
• Demonstrated experience working under a legislative regime, specifically in healthcare or other related area, including analysis and application of case law.
• Knowledge of change management methodologies.
• Demonstrated ability to build strong working relationships with internal and external stakeholders.
• Demonstrated skills, behaviors, abilities, and knowledge as outlined in the five domains of the LEADS in a caring Environment Framework.
• Exceptional interpersonal, written and verbal communication skills, including provision of written sample authored directly by the applicant;
• Consistent demonstration of Central Health's corporate values; Compassion, Accountability, Respect, Quality and Safety.
• A valid Newfoundland and Labrador Class 05 Driver's License.
• Travel throughout the Region as required.
• A satisfactory record of work performance and attendance is required for this position.
• A satisfactory certificate of conduct from the RCMP or local police authority.

Preferred qualifications :

• CIAPP certification / designation is an asset.
• Experience and knowledge of health information systems is preferred.
• A graduate degree would be considered an asset.

Hours of work : 70 hours bi-weekly (flexible work schedule may be required)

Salary : As per Hay Management Pay Scale

Competition number : P-2022000629-MGT

Competition closing date : Open until filled

Central Health is an equal opportunity employer.

We thank all candidates however only those selected for an interview will be contacted.