Privacy and Legal Compliance Advisor - Mississauga, Canada - The Cigna Group

    The Cigna Group
    The Cigna Group Mississauga, Canada

    Found in: Talent CA C2 - 1 month ago

    Default job background
    Full time
    Description
    The job profile for this position is Legal Compliance Advisor, which is a Band 4 Senior Contributor Career Track Role.

    Excited to grow your career?

    We value our talented employees, and whenever possible strive to help one of our associates grow professionally before recruiting new talent to our open positions. If you think the open position you see is right for you, we encourage you to apply

    Our people make all the difference in our success.

    Key Responsibilities:

    • Provides advanced professional input to complex Compliance assignments/projects.
    • Supports product development/maintenance activity, providing highly technical advice on language and regulatory issues.
    • Spends 15%-25% of time managing special, more complex projects. Usually negotiates or resolves complex issues with customers or matrix partners using independent judgment and discretion.
    • Works autonomously, only requiring "expert" level technical support from others.
    • Exercises judgment in the evaluation, selection, and adaptation of both standard and complex techniques and procedures.
    • Utilizes in-depth professional knowledge and acumen to develop models and procedures, and monitor trends, within Compliance.
    • Works in collaboration with the Chief Privacy Officer and other team members to provide Privacy by Design support to the business and project teams including regulatory requirements research and implementation, investigations, privacy impact assessments, completing data flow documentation requirements and providing preliminary privacy assessments.
    • Manages all privacy incidents, including escalation where required, notification and documentation.
    • Manages receipt of New Hire, Termination tickets, co-ordinates enrolment with HR, communicates with learners regarding course content, resets, responds to queries, and assists learner, interacts with ESC on-boarding process and training team to resolve technical issues.
    • Supports the privacy training, and administrators to track, report and notify as required to validate completion of mandatory training
    • Leads external Privacy Audits as required
    • Conducts monthly audits and compiles results to demonstrate that ESC is meeting regulatory and contractual compliance requirements
    • Works with the Chief Privacy Officer and team members to manage medium and high priority incidents, assists with triage and containment, investigation, resolution and follow up. On occasion, urgent incident response may require longer hours
    • May perform Clean Desk Audits after hours and at our various locations once a year, according to schedule adjustments as required.

    Qualifications:

    • A Bachelor's or Master's degree in Business, Information Systems, OR related discipline or degree from an accredited college or university or equivalent experience.
    • 5 years of experience in data governance, data/information privacy or privacy compliance operations is required.
    • Privacy Professional CIPP/C Certification or equivalent
    • Demonstrates an understanding and application of Canadian information privacy laws, principles and practices at the federal, provincial and territorial levels and knowledge and understanding of related practice areas, including information security, operations, IT, compliance and product development.
    • Experience in incident reporting, preparation of privacy impact assessments and legal issues
    • Desirable (an Asset): Experience with records management systems, policies and procedures.

    Knowledge, Skills and Abilities required:

    • Proficiency in various data privacy technologies, including de-identification, privacy by design, data flow and process modeling.
    • Understanding of information security technologies including encryption, firewalls, safeguarding tools, identity management and access control systems.
    • Good overall knowledge of information technology processes and design in a corporate setting including networks, large data stores, interfaces, identity management, process and change management.
    • Knowledge of current information privacy practices including current Canadian and provincial privacy legislation, regulations and health privacy law
    • Ability to analyze privacy best practices, identify gaps in performance, raise those gaps to the business and to leadership and to document such in policy/processes
    • Ability to operate related equipment including applicable remote access to software applications, troubleshoot when required, engage with available resources and work through to problem resolution.
    • Physical ability to perform the duties of the position
    • Able to assert authority with respect to regulatory knowledge, provide effective leadership and conflict solving direction
    • Analytical reasoning and problem-solving skills
    • Ability to deal effectively with others in a dynamic environment with changing priorities
    • Ability to organize and prioritize work
    • Ability to work independently and as a member of a team

    NOTE: Internal candidates should apply before December December 7, 2023

    Please note that you must meet our posting guidelines to be eligible for consideration. Policy can be reviewed at this link.