Privacy Analyst

December 21 2024
Expected expiry date: December 21 2024
Industries Healthcare, social assistance
Categories Population Health
Winnipeg, MB • Full time

Requisition ID: 372597

Position Number: 20015878

Posting End Date: December 30, 2024

City: Winnipeg

Employer: Shared Health

Site: Shared Health - 155 Carlton St

Department / Unit: Digital Health Privacy

Job Stream: Non-Clinical

Union: Non Union

Anticipated Start Date: 02/24/2025

FTE: 1.00

Anticipated Shift: Days

Work Arrangement: Hybrid

Daily Hours Worked: 7.75

Annual Base Hours: 2015

Shared Health leads the planning and coordinates the integration of patient- centered clinical and preventive health services across Manitoba. The organization also delivers some province-wide health services and supports centralized administrative and business functions for Manitoba health organizations.

Position Overview

Provincial Lead, Legal Services provides legal advice to Shared Health and WRHA programs and Facilities as well as providing a provincial lead and coordinate function. The Shared Health, Chief Privacy Officer, is responsible for the administration and compliance with privacy legislation including The Personal Health Information Act (PHIA), The Freedom of Information and Protection of Privacy Act (FIPPA), The Personal Information Protection and Electronic Documents Act (PIPEDA), The Mental Health Act (as it pertains to access and privacy), The Health Governance and Accountability Act, The Protecting Children Information Sharing Act, The Public Health Act, The Vulnerable Personal Living with a Mental Disability Act (as it pertains to access and privacy).

The Privacy Analyst (Compliance) has direct responsibilities to lead and coordinate the privacy auditing required by The Personal Health Information Act (PHIA) for those electronic information systems managed and/or maintained by Shared Health, Digital Shared Services. This lead and coordinate function requires the Privacy Analyst (Compliance) to provide support and advice to Privacy Officers provincially as it relates to the administration of relevant privacy legislation.

The Privacy Analyst (Compliance) reports to the Shared Health, Manager, Privacy, who is responsible for managing the Privacy Auditing Program, who in turn reports to the Shared Health, Chief Privacy Officer.


MAIN FUNCTION:

  • To ensure compliance with statutory obligations under The Personal Health Information Act (PHIA) including but not limited to: Lead and coordinate record of user activity auditing for Shared Health, RHAs, and Fee for Service Clinics for those electronic information systems managed and/or maintained by Digital Shared Services.
  • Provide support and advice to Shared Health, RHAs and Fee for Service Clinic Privacy Officers related to user access in electronic information systems and the administration of privacy legislation.
  • Provide guidance, as a subject matter expert, to Digital Shared Services and/or Information Technology vendors on the design, maintenance and operation of electronic information systems containing personal health information (PHI) and personal information (PI) to ensure they are compliant with relevant privacy legislation.
  • Participate in Digital Shared Services testing of electronic information systems to ensure compliance with privacy functionality as designed, identifying risks and informing mitigating solutions.
  • Oversee the completion of Privacy Impact Assessments for electronic information systems managed and/or maintained by Digital Shared Services.
  • Represents Shared Health Privacy on various committees and working groups.
  • Responsible for management of access requests and record of user activity audits received from the public for their personal health information maintained in electronic information systems.
  • Responsible for development and maintenance of privacy auditing support documentation.

Experience

  • Strong working knowledge of privacy law (especially PHIA, FIPPA and related legislation).
  • Demonstrated experience and understanding of the Manitoba health system.
  • Knowledge of electronic information systems used within health care.
  • Healthcare administrative/record management experience an asset.
  • Proven analytical ability.
  • Experience working with specialists in the creation and maintenance of various safeguards for information such as:
    • Privacy and Security policies, procedures, and standards,
    • Risk mitigation and management plans,
    • Incident reporting, investigation, and management,
    • Audit analysis and management.
  • Knowledge and/or experience with security and privacy practices, including:
    • Breach Investigation,
    • Privacy Impact Assessments (PIA)
    • Auditing and Assessments
    • File Management.
  • Minimum of 5 years recent experience applying information privacy legislation and policy, preferably in a healthcare environment.
  • Minimum of 3 years recent experience developing and implementing privacy policies and procedures preferably in a healthcare environment.

Education (Degree/Diploma/Certificate)

  • Undergraduate University Degree in Public Administration, Health Information Management, Project Management, Information/Computer Technology, healthcare management or other relevant discipline
  • A combination of education and experience may be considered.

Certification/Licensure/Registration

Not applicable

Qualifications and Skills

  • Strong working knowledge of privacy law (especially PHIA and related legislation).
  • Knowledge of electronic information systems.
  • Demonstrated ability to investigate, audit and monitor compliance with privacy legislation.
  • Reputation for exercising sound and impartial judgment in conflict situations.
  • Analytical, highly curious, and self-motivated.
  • Simultaneously able to concentrate on specific details while remaining aware of their connection to the "big picture".
  • Demonstrated ability to problem solve and trouble shoot.
  • Possesses strong organizational skills.
  • Maintains strong listening skills and can draw out information by hearing what has been said/not said and understanding the underlying meaning behind the speaker's words and behavior.
  • Demonstrated strong oral and written communication skills, including presentation and instructional skills. Able to create written material that is concise, grammatically correct, and structured to communicate the intended message with high efficacy.
  • Possesses excellent facilitation and presentation skills with individuals and groups (including senior management) that have different needs and points of view.
  • Possesses highly developed interpersonal skills and be able to collaborate with "difficult" stakeholders and/or team members.

Physical Requirements

Not applicable

We have a unique ability to work together to make health care better. If you want to make a difference and contribute to supporting the health of your family, friends and neighbours, please apply today.

Interested candidates should select the "Apply" icon below to upload their cover letter, resume and copy of licenses/certification.

This position requires a current satisfactory Criminal Records Check (including Vulnerable Sector Search), Child Abuse Registry Check and Adult Abuse Registry Check as conditions of employment. The successful candidate will be responsible for any service charges incurred. A security check is considered current if it was obtained no more than six (6) months prior to the start of employment.

Please note that an employee is not permitted to hold two or more positions in Shared Health that combine to equal more than 1.0 FTE.

Shared Health values and supports employment equity and workplace diversity and encourages all qualified individuals to apply. We thank all applicants but only those selected for an interview will be contacted.

We welcome applications from people with disabilities. Accommodations are available upon request during the assessment and selection process.

Apply now!

Similar offers

Searching...
No similar offer found.
An error has occured, try again later.

Jobs.ca network