WHO WE ARE

With every job, there’s always the question of “why”. Why join a company? Why be part of their mission? Here, the why is easy. It’s because at some point, we’ve all needed someone there for us.
At the OTIP Group of Companies (OGC), we believe that something special happens when employees feel valued for the work they do, supported as the people they are, and included in the very fabric of the organization: they bring their best to work every day. And that’s why we mean it when we say we put our people at the centre of everything we do. Join us as we grow our way into a future that reimagines what it means to deliver meaningful benefits support and service.
Job Description

Reporting to the Manager, Privacy and Compliance you’ll be responsible for conducting privacy risk assessments, investigating and resolving privacy incidents, privacy training and activities related to the development, implementation, and maintenance of privacy compliance measures in accordance with applicable provincial and federal privacy laws.

The core parts of your role will be to:

• Conducts privacy risk reviews and privacy impact assessments for new or existing programs, projects and technologies to ensure compliance with OGC’s privacy policy and applicable data protection legislation.
• Responsible for the investigation of privacy incidents, collaborating with internal and external stakeholders, assessing and mitigating the risk of significant harm, documenting outcomes, and recommendations to prevent recurrence.
• Responsible for handling access to information requests, ensuring access is compliant with applicable privacy legislation and producing activity reports.
• Provides privacy guidance to stakeholders at all levels by interpreting data protection requirements and recommending best practices for the collection, use, disclosure, safeguarding, retention, and disposal of personal information.
• Create, update and deliver training programs and materials about privacy and information handling practices to OGC employees.
• Completes privacy risk reviews of third-party service providers and related due diligence.
• Conducts research on access and privacy issues and maintains current knowledge of applicable privacy laws. Familiar with information security concepts and is able to apply privacy risk management principles to new and emerging technologies to enable OGC to meet its business objectives while ensuring personal information is safeguarded.
• Performs other duties within competence, as assigned.

Qualifications