ACCESS AND PRIVACY OFFICER

Tracking Code: req1457
Faculty/Department: University Secretary and General Counsel Department
Number of Positions: 1
Appointment Type: Full-Time Continuing
Hours of Work: 35 hours per week
Salary Range: Level 10 - Annual Hiring Salary, $86,176, with annual step progression in accordance with the Salary Grid.
Posting Date: February 12, 2025
Closing Date: March 5, 2025 (7:00 pm EST)

JOB SUMMARY:

This position supports the university’s privacy and freedom of information (FOI) programs under the Freedom of Information and Protection of Privacy Act (FIPPA) and the Personal Health Information Protection Act (PHIPA) and supports effective records and information management of at Ontario Tech.
Reporting to the Manager, Privacy and Policy the incumbent supports the evaluation of proposed systems and processes by conducing privacy impact assessments and processes routine freedom of information (FOI) requests under FIPPA, including communicating with requesters, faculty, staff, and others as necessary. This position also conducts research and advances and advises on policies, procedures and processes, and facilitates presentations and conducts training on relevant topics. This is a highly collaborative position with university-wide reach and impact.

TECHNICAL AND INTERPERSONAL SKILLS:

• Communication and project management
• Negotiation tactics and planning
• Collaboration (internal/external), soft skills, conflict/dispute resolution
• Analytical and problem-solving skills
• Organizational skills
• Issues management
• Ability to manage priorities/deadlines and maintain efficiency under significant and often protracted time pressure
• Proficiency in Microsoft 365 suite and relevant applications (Word, Excel, Outlook, SharePoint, Teams, etc.)

REQUIRED EDUCATION:

• Completion of a university program consisting of four academic years
• Certifications in freedom of information, privacy, records management, project management or cyber security an asset
• Verification of Academic credentials may be required

REQUIRED EXPERIENCE:

• Five to seven years of working with access and privacy legislation in Ontario and Canada, including FIPPA and related regulations and procedures and orders, as well as other statutes in a higher education or public sector setting
• An equivalent combination of education and related experience may be considered

• Conducts privacy impact assessments (“PIA”) on assigned projects in support of university objectives
• Reviews contract terms as requested to assess risks to privacy and information security
• Monitors the outcomes of privacy impact assessments and supports the implementation of recommended practices
• Coordinates the investigation and resolution of access to information and privacy requests and complaints for the University, as assigned
• Performs the initial assessment of access requests, and makes recommendations to the Manager, Privacy and Policy about initial responses, including recommendations about clarifying requests and confirming authority to make the request
• Coordinates records search and perform initial assessment to recommend if any records or portions of records should be withheld, and for what reason
• Prepares for the Manager, Privacy and Policy’s review, responses to applicants or correspondence to third parties, including drafting letters and preparing records for disclosure, including numbering and redaction
• Supports legislative reporting to, and communication with the Information Privacy Commissioner and the resolution of appeals and privacy complaints, under the direction of the Manager, Privacy and Policy
• Serves as a resource for the University community on issues regarding privacy, records and information management, information governance and privacy impact assessments
• Participates in, and contributes to, local, regional and national compliance, security, privacy and information governance discussions
• Keeps up to date with legislative requirements and sector best practices and ensures that information is communicated to relevant units across the institution
• Participate as SME in committee setting as needed or as standing member
• Assists in the development of policies, programs and practices in the areas of privacy, records and information management, information governance and other General Counsel