Role Title: Director, Information Stewardship, Access, and Privacy

Competency Area: Privacy & Security

Competency Level: Master

Note: This role also appears under Information Governance

Description of Job: 

The Director of Information Stewardship, Access, and Privacy is responsible to provide strategic direction and organizational leadership in the development, delivery, monitoring of and adherence to a comprehensive enterprise-wide information governance, access, and privacy program and policies that enable the organization or jurisdiction to achieve value from and safeguard its information assets. The Director drives the integration of responsible information stewardship, governance, access, and privacy design and practices into culture, strategic direction, physical and electronic infrastructure and practices of the organization. The Director uses his/her expertise to build and direct a team of information management and privacy professionals and to influence and ensure that the organizations’ enterprise-wide information governance program remains current with applicable legislation, principles, standards, and promotes developing best practices. 

Job Duties:

• Champion and provide leadership in the responsible stewardship, safeguarding and management of information in support of improved health care delivery, health system management and maintenance of public trust
• Formulate enterprise-wide strategies necessary to influence and embed information governance, access and privacy design into the culture, strategic plans, physical and electronic infrastructure, the electronic health record and business/clinical practice processes throughout the health authority in compliance with applicable legislation, standards and in a manner that promotes developing best practices 
• Lead and oversee the development, implementation and/or evaluation of the enterprise-wide program, strategies, policies, standards, education, and where applicable, procedures for the jurisdiction’s internal and external audiences, including staff and other health care providers, to ensure quality and consistency with the philosophies and practices of the jurisdiction while preventing or mitigating information risk to the individual and organization and adhering to applicable legislation and standards
• Foster effective linkages with local, provincial/territorial and as applicable, national partners and key stakeholders in the design, development and delivery of consistent strategies and solutions to common challenges associated with current and emerging health information governance, management and its application to the Integrated Electronic Health Record 
• Act as the deciding authority, as required, on the approval or denial of requests for records containing confidential personal and business information, Privacy Impact Assessments, and interpretation of the provincial or territorial Freedom of Information and Privacy Protection (or Protection of Privacy Act) (FIPPA or FOIPPA) and other applicable Privacy and Access Acts 
• Apprise the senior leadership of health information governance and management issues and identify areas which have potential impact on the jurisdiction
• Recommend and develop, as necessary, in collaboration with legal counsel as appropriate, information governance and management amendments to organizational contracts, agreements, protocols and systems to enable organizational compliance with FIPPA/FOIPPA and applicable regulatory requirements and standards

Education and Experience:

• Master’s Degree in Health Information Management, public administration, or health-related discipline; a mix of education and experience may be considered
• Seven years’ progressively more senior experience in access and privacy administration with significant experience at a leadership level
• Canadian privacy certification (CIPP/C) is an asset
• CHIM certification is an asset