Privacy Officer in Sagamok, Ontario at Sagamok Anishnawbek
Explore Related Opportunities
Job Description
FULL TIME PERMANENT JOB OPPORTUNITY
Privacy Officer - Administration
Salary Range: $70,000.00 - $85,000.00 (dependent on experience)
JOB SUMMARY:
Sagamok Anishnawbek is seeking a knowledgeable and detail-oriented Privacy Officer to oversee the protection of personal and confidential information across the organization.
The Privacy Officer plays a critical role in promoting a culture of confidentiality, accountability, and responsible information management while ensuring compliance with applicable privacy legislation, organizational policies, and Indigenous data governance principles.
The successful candidate will lead privacy program development, provide guidance and training to staff, investigate privacy breaches, and support privacy compliance across all departments and services in alignment with Anishinaabe cultural values and community governance priorities.
POSITION DUTIES:
Privacy Program Management
- Develop, implement, and maintain organizational privacy policies, procedures, and practices.
- Ensure compliance with applicable privacy legislation, regulations, and organizational standards.
- Monitor organizational practices related to the collection, use, disclosure, storage, and protection of personal information.
- Promote strong privacy governance and responsible information management practices across the organization.
Privacy Compliance & Risk Management
- Conduct Privacy Impact Assessments (PIAs) for programs, services, and projects.
- Identify privacy risks and recommend mitigation strategies and corrective actions.
- Ensure compliance with privacy legislation including:
- PHIPA
- FIPPA
- PIPEDA
- Monitor legislative changes and recommend updates to organizational processes and procedures.
- Ensure appropriate safeguards and controls are implemented to protect confidential information.
First Nations Privacy & Indigenous Data Governance
- Align privacy practices with community values, traditions, and governance structures.
- Incorporate Indigenous data sovereignty principles, including:
OCAP® (Ownership, Control, Access, Possession)
- Ensure culturally sensitive information is handled with appropriate care and discretion.
- Support privacy practices related to:
- First Nations governance
- Education
- Health services
- Social services
- Judicial and dispute resolution frameworks
- Election laws and governance systems
Privacy Breach Management
- Investigate privacy complaints and suspected breaches.
- Lead organizational responses and resolution efforts related to privacy incidents.
- Document breaches, prepare recommendations, and implement corrective measures to prevent recurrence.
- Support organizational risk management and incident reporting processes.
Training & Awareness
- Provide guidance and training to staff regarding privacy legislation, organizational policies, and best practices.
- Develop privacy awareness tools and resources including:
- Guides
- Checklists
- Educational materials
- Promote a culture of privacy protection and confidentiality throughout the organization.
- Work collaboratively with departments to integrate privacy into daily operational practices.
Policy Development & Information Management
- Develop and review privacy-related policies and procedures.
- Coordinate responses to requests for access to personal information.
- Ensure information requests are managed in accordance with legislation and organizational policies.
- Maintain records related to privacy compliance activities and information requests.
- Ensure privacy practices align with organizational values and governance frameworks.
Reporting & Advisory Services
- Provide advice and recommendations regarding privacy compliance and risk management.
- Prepare reports, briefings, and recommendations for senior leadership.
- Support audits, reviews, investigations, and compliance activities related to privacy matters.
- Provide guidance to leadership and staff on complex privacy and confidentiality issues.
TERMS AND CONDITIONS OF EMPLOYMENT:
- Valid driver’s license and vehicle for on-the-job use.
- Must be able to work flexible hours.
- Sign and maintain an annual oath of confidentiality.
- Secure and maintain certification in Privacy and Confidentiality.
- Strong interpersonal, organizational, and communication skills.
- Must provide a criminal record check prior to commencing employment.
- Incumbent is subject to six months’ probation.
QUALIFICATIONS:
Education
- Bachelor’s Degree in Law, Finance, Business Administration, or a related field.
Certifications
- Certified Information Privacy Professional (CIPP) certification required.
Experience
- Minimum three (3) years of experience developing privacy policies, procedures, or compliance controls.
- Experience working within a health sector, IT environment, or privacy compliance role preferred.
- Familiarity with:
- Electronic Medical Records (EMR)
- Health Information Systems (HIS)
- Data flows and information management systems
Knowledge & Skills
- Strong understanding of privacy legislation, regulations, and governance frameworks.
- Knowledge of:
- PHIPA
- FIPPA
- PIPEDA
- Indigenous data governance principles
- Strong analytical and problem-solving skills, including conducting privacy impact assessments and risk analysis.
- Excellent written, verbal, and interpersonal communication skills.
- Technical awareness of information systems, cybersecurity, and emerging technologies such as AI.
- Knowledge of First Nations governance, laws, policies, and organizational structures.
- Understanding of Indigenous worldviews and Anishinaabe cultural values.
Qualified candidates are invited to submit their cover letter, resumé and references to:
Attn: Human Resources
Sagamok Anishnawbek, P.O. Box 2230, Sagamok, Ontario, P0P 2L0
Fax: (705) 865-3307
By: Until filled
We thank all applicants for their interest; however, only those selected for an interview will be contacted.