Healthcare Data Privacy Advisor - HDPA 26

• Liaise with internal Data Access and Information Privacy teams to support implementation of privacy and security processes for digital health technologies and healthcare initiatives.
• Lead and support updates to organizational Privacy Impact Assessments (PIAs) to ensure ongoing enterprise-level compliance.
• Provide continuous privacy and security oversight for key initiatives, including monitoring, intake assessments, PIA support, governance participation, and coordination with program areas.
• Lead and/or collaborate with cross-functional teams to execute privacy and security activities such as PIAs and security assessments.
• Assess and evaluate the impact of health information legislation and privacy/security policies on new technology implementations.
• Collaborate with stakeholders to plan and develop privacy and security materials for end users during the implementation of healthcare technologies.
• Develop privacy and security deliverables during planning phases, including risk assessments (e.g., threat risk assessments) and supporting documentation.
• Provide expert guidance and support on privacy and security processes, documentation, and compliance requirements.
• Assist users in implementing and utilizing digital health technologies in a secure and compliant manner.
• Coordinate activities across multiple projects to ensure consistent adherence to privacy and security processes.
• Align privacy and security practices with applicable health information and electronic health record (EHR) policies and any updates.
• Ensure that sensitive health and personal information is collected, used, and disclosed in accordance with legislative and regulatory requirements, with risks appropriately assessed and mitigated.
• Deliver timely and effective advice on privacy and security matters to program areas and project teams.
• Develop training materials and facilitate sessions to enhance internal capability and consistency in privacy practices.
• Draft and finalize privacy and security guidance for the responsible use of emerging technologies (e.g., AI), ensuring compliance, risk awareness, and alignment with public trust expectations.

• University degree in business, management, or related discipline + 4 years’ experience, OR
• 2-year diploma + 6 years’ experience, OR
• 1-year certificate + 7 years’ experience

• 10+ years: Risk/impact assessments across multiple scenarios
• 5+ years: Business writing, communication, and documentation
• 1+ year: Experience with AI (e.g., machine learning, NLP)
• 10+ years: Health information legislation and related assessments (PIA, security risk, business impact)
• 10+ years: Privacy, security, and compliance within IT projects
• 5+ years: Developing training materials
• 3+ years: Training plans development
• 5+ years: Change management
• 10+ years: Information management, privacy, and access-to-information legislation
• 5+ years: Policy, standards, and practice development
• 3+ years: Data security implementation (e.g., anonymization, audits)
• 1+ year: Responsible AI (fairness, bias, explainability, risk mitigation)

NavitasPartners