Privacy Impact Assessment Specialist (BB-F004A)
Found in: Neuvoo Bulk CA
- Develop privacy impact assessments of the Ministry's centralization, system integration and standardization of data entry for the integration of the provincial Immunization Repository and other provincial repositories and the Case and Contact Management (CCM) solution (this includes initiatives in support of infectious disease public health activities, including infectious disease case, contact, and outbreak investigation and management, immunization administration, and vaccine distribution and delivery (inventory).
- Lead and provide technical expertise in the development of access and privacy tools to facilitate the development of I&IT requirements, implementation of security mechanisms pertaining to the creation, collection, storage, access, retrieval and disclosure of Personal Health Information (PHI)
- Engage and facilitate privacy related discussions with a wide range of business, IT, legal and privacy stakeholders across the ministry, public health units and Public Health Ontario.
- Examine complex program, policy and information system proposals to assess and document business flow and context; perform stakeholder analysis, public/private partnerships, governance structures and feasibility in terms of the protection of Personal Health Information (PHI) collected and retained
- Support projects to ensure compliance with security and privacy best practices, such as the Personal Health Information Privacy Act (PHIPA) (2004)
- Provide technical and systems advice on legacy systems, internet tools and system interfaces, information, security, technical architecture and data flows to improve protection of Personal Health Information (PHI)
- Provide technical and systems advice on data flows that flow into / originate from the Case and Contact Management solution and other relevant provincial repositories
- Provide technical and systems advice on data flows to the ministry, Public Health units and other stakeholders
- Develop business processes and procedures that describe information flows associated with new technologies, programs, policies or information systems to illustrate how and by whom Personal Health Information (PHI) will be collected, used, disclosed and retained
- Using system and infrastructure architectures, document physical and/or logical separation of Personal Health Information (PHI) or security mechanisms that prevent improper access to Personal Health Information (PHI) or maintain any required separation
- Provide privacy expertise, consultation, and support to project team members, senior management and colleagues in MOH advising on the legislation and regulations, in an effort to resolve potential legal or privacy problems
- Provide analysis and advice to ministries and clusters regarding the Freedom of Information Act (FOI) and privacy implications, privacy and security concepts, of new information technologies and information systems, and assist institutions in documenting their analysis
- Recommend mitigation strategies and privacy enhancing technologies in accordance with Privacy Impact Assessment (PIA) procedures
- Identify, analyze and assess emerging and critical policy issues relating to Freedom of Information (FOI) and Protection of Privacy which may have an impact on PIA methodology
- Formulate policy proposals, recommendations, strategies and options for the project team and Ministry executive to address emerging issues.
calendar_today1 day ago
work Resource Logistics, Inc.