About Supply Ontario:
Supply Ontario is a new centralized procurement agency that enables a holistic government approach to purchasing goods and services. At Supply Ontario, we believe that modernizing procurement is a key driver of success for Ontario’s public sector. Our mandate is to strengthen supply chain management and procurement across the public sector, ensuring that Ontario ministries, provincial agencies, hospitals, school boards, children’s aid societies and more have access to high-quality, timely, reliable products at the best value.
As we stand up this new agency, we are looking for Fee-for-Service (FFS) resources to help support our organization’s privacy program that will enable Supply Ontario to deliver on its mandate.
Supply Ontario is committed to maintaining the highest standards of privacy and data protection. Our agency prides itself on our commitment to ethical practices and compliance with privacy laws, regulations, and best practices. As we continue to grow and innovate, we are seeking a highly skilled Senior Privacy Specialist to join our dynamic team.
Our primary goal revolves around innovating a mature privacy program that underpins Supply Ontario's core business functions. Focusing on continuous improvement, key objectives include adherence to applicable privacy laws & regulations, supporting the development of a mature privacy model, and supporting risk management processes within the organization.
Through the utilization of cutting-edge technology and industry best practices, we are dedicated to innovating our comprehensive privacy strategy within our agency.
- Involvement in privacy compliance or data function, with experience in data protection activities such as records of processing activities, records management, and subject access requests/Freedom of Information requests (FOI).
- In-depth knowledge and experience with privacy laws, legislations, regulations, and best practices. This includes but is not limited to: FIPPA, PHIPA, PIPEDA, CASL, GDPR, etc.
- Familiar with risk management and ability to understand policies and provide guidance on related matters.
- Excellent knowledge of privacy and security concepts, trends, and issues. This includes an understanding of impacts on business processes.
- Skilled in interpreting and communicating privacy principles and compliance requirements.
- Experience in researching and applying relevant information privacy laws, regulations, jurisprudence (particularly as it relates to the Information and Privacy Commissioner of Ontario), and risk countermeasures.
- Experience in conducting Privacy Impact Assessments.
- Knowledge and experience with privacy enhancing best practices.
- Experience in developing and deploying privacy training and awareness campaigns across organizations.
- Strong interpersonal capabilities to effectively liaise with stakeholders ranging from technical teams to senior executives within the organization. Adeptness in understanding, managing, and aligning stakeholder expectations.
- Demonstrated experience in developing and maintaining comprehensive documentation. Strong technical and business writing capabilities.
- Agile responsiveness to evolving project dynamics, ability to pivot strategies based on emerging challenges or changes in project requirements.
- Solid experience in fostering and managing relationships with external vendors and ensuring optimal service levels and performance benchmarks are met.
- Exceptional written and oral communication skills, proficient in translating intricate technical details into clear, comprehensible insights for stakeholders irrespective of their technical aptitude.
The Senior Privacy Specialist is expected to play a pivotal role in the successful execution and maintenance of privacy within the organization. Their responsibilities and expectations encompass the following:
- Support the development of a comprehensive privacy model tailored to the organization's specific needs and regulatory requirements.
- Create and maintain privacy policies, procedures, and guidelines that align with applicable laws, regulations, and industry best practices and standards.
- Conduct regular privacy impact assessments to identify potential privacy issues and risks to protect sensitive information.
- Ensure that the organization complies with all relevant privacy regulations and standards. Eliminate the risks of non-compliance with legislation, corporate policies, and best practices. Report on findings and deliver recommended advice.
- Support the development and delivery of privacy training and awareness programs to educate employees.
- Support the continuous improvement of FOI requests process flows.
- Support and promote compliance with internal policies and processes related to data protection & records and information retention & disposition.
- Generate regular reports and documentation on the privacy program's status, risks, and compliance.
- Define, evaluate, and assess privacy requirements for organizational projects.
- Ensures the incorporation of privacy measures in the development of systems & processes.
- Support privacy projects and tasks within the agency as assigned.
- Educational Background: A bachelor's degree in Information Technology, Computer Science, or related disciplines.
- Relevant professional certifications such as Certified Information Privacy Professional/Canada (CIPP/C).