Position: Chief Privacy Officer and Director, Privacy & Information Security Management Status: Full-time, Permanent Location: 130 Bloor Street West, Toronto Salary: Commensurate with qualifications and experience Benefits: 4 weeks annual vacation; 3 annual float days; medical benefits and pension plan About HSSOntario Health Shared Services Ontario (HSSOntario) is an agency of the Government of Ontario. We are a shared services organization that supports Ontario’s 14 Local Health Integration Networks (LHINs) in meeting the healthcare needs of their local community. Through the continuous development and delivery of province-wide digital health platforms, quality improvement initiatives, and other business and IT supports, HSSOntario uses leading-edge technology and best practices to enable health system integration and better patient care. Job Summary This position is responsible for providing leadership, strategic direction, and operational administration of the HSSOntario privacy and information security program. This includes providing privacy and security guidance related to HSSOntario technology products and services, which supports all LHINs in the delivery of home care services to patients across the province. Key Responsibilities: Strategy: Leads the development of an annual plan for the overall function Tracks and reports on the function’s operational plans and leads risk identification and the development of mitigation strategies Provides leadership, strategic direction, and operational administration of HSSOntario privacy and information security program Operations & Administration: Provides subject matter expertise on privacy, information security and related issues Identifies operational improvement opportunities by monitoring and measuring the function’s performance Manages the development, implementation, evaluation, and maintenance of quality improvement initiatives, including proactively identifying potential issues/opportunities in supporting LHINs Develops, manages, and reports on functional budget Responsible for ensuring a culture of privacy and information security within HSSOntario through the implementation of the appropriate training programs Ensures that the function is in full compliance with all HSSOntario policies as well as relevant provincial policies and legislation Reviews and manages processes to obtain approvals for non-financial contracts (i.e., data sharing agreements, network services agreements, etc.) Provides advice and contributes to pan-LHIN Freedom of Information (FOI) requests Participates in project teams to ensure that key business processes reflect appropriate privacy, information security, and contract management considerations Supports committees and work groups that deal with privacy, information security, health information management from both a strategic and operational lens Analyzes and evaluates privacy and information security requirements Supports LHIN Privacy Officers and Health Information Managers on operational and technology related matters Provides direction and advice to organization-wide records management program involving and concerning physical and digital records within the domain of HSSOntario Applies knowledge of technology to meet business goals and objectives Oversees Threat Risk Assessments (TRA) and Privacy Impact Assessments (PIA) Advocates for privacy and security and associated vision, strategy, standards, and processes Stakeholder Relationship Management: Works with internal and external stakeholders such as HSSOntario staff, LHIN staff, provincial working groups, MOHLTC, eHealth and others for information exchange, gathering and provision of subject matter expertise Human Resources Management: Provides input on workforce planning for the function ensuring an appropriate staffing model and training and development plan Provides leadership to team on an annual basis (performance planning and assessment, career management) with a focus on coaching, mentoring and on-going performance Provides subject matter expertise and support to departments to assist with operational efficiency Qualifications: Undergraduate degree in Computer Science, Information Systems and Business Administration or related field required Masters Level degree in Computer Science, Information Systems and Business Administration or related field considered an asset Minimum of 7 years’ of experience working in a management position Certified Information Privacy Professional for Canada (CIPP/C) or; Certified Privacy Manager (CIPM) required Certified Information Systems Security Professional (CISSP) required Certified Information Security Manager (CISM) required Experience working in the Ontario Public Sector and/or health care sector an asset Working knowledge in operational planning, performance measurement, budgeting, risk management, people leadership, stakeholder relationship management, and project management Working knowledge of privacy, information security and records managementrelated policy, legislation, and best practices within the Ontario Public Service and the health sector in particular Working knowledge of data sharing agreements, network services agreements, service agreements, or general agreements required Working knowledge of the Personal Health Information Protection Act (PHIPA), the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s Anti-Spam Legislation (CASL), and the Freedom of Information and Protection of Privacy Act (FIPPA) To submit your application for consideration, please apply with your cover letter and resume on-line through our corporate careers page no later than February 19, 2018. All candidates must be eligible to work in Canada. We thank all applicants for their interest, however, only those selected for an interview will be contacted.The Health Shared Services Ontario is an equal opportunity employer and is a not-for-profit organization. The HSSOntario is committed to maintaining an inclusive environment, and will provide accommodation to people with disabilities upon request throughout our recruitment process.