Privacy Officer & Legal Support Specialist
Who we are
At Heart & Stroke our mission is to promote health, save lives and enhance recovery. We are committed to a culture that exemplifies our core values: champion health, practice humility, embrace change, drive impact, learn and grow and be heartfelt as we work together to beat heart disease and stroke.
We believe in equity, diversity and inclusion ― it’s embedded in our values and core mission work to support all people in Canada to lead healthier lives. We are committed to applying this principle to cultivate a welcoming environment that embraces diversity among our employees. Candidates from diverse backgrounds, including but not limited to, Indigenous peoples, racialized communities, 2SLGBTQIA+ communities, women, and people living disabilities are encouraged to apply.
To learn more about our mission, values, commitment to EDI, and the difference Heart & Stroke makes in the lives of people in Canada at every age, please visit our website.
Heart & Stroke is seeking a talented and experienced Privacy Officer and legal Support Specialist to join its respected Legal team. Reporting to General Counsel, Corporate Secretary and SVP Risk Management, this role is responsible for managing H&S’s national privacy portfolio and providing co-ordination and support for ad-hoc legal team projects, including enterprise risk management and governance projects.
This role also manages the foundation’s insurance portfolio, claims and incident reporting systems and works with the various business teams to collect the appropriate information required for renewals.
The successful incumbent in this role will also need to have strong project management skills to coordinate the administration of various legal projects across the organization including supporting policy drafting and maintenance to support the full legal team in carrying out risk mitigation processes.
So, if you live in the GTA, have a desire to work in a flexible hybrid work environment, and found the summary above was a match to your skills and experience, please keep reading for more detail and apply today!
How you will make an impact every day
Manage the foundation’s privacy portfolio
Manage and maintain mapping of the foundation’s data and data governance processes and policies
Ensure compliance with all applicable privacy legislation across the different province and stay abreast of upcoming changes and developments in the law to ensure Heart & Stroke remains compliant
Oversee all privacy complaints and implement resolution process, escalating to legal counsel when required due to risk
Advise business teams on standards and requirements of privacy law applicable to the foundation in coordination with counsel
Monitor developments in the privacy landscape and translate and provide information to business leads on how to stay on top of these developments
Manage processes required of a privacy office which includes, but is not limited to: breach logging, managing the privacy email in-box, oversee maintenance of suppression lists for constituents that don’t want to be contacted, track and monitor complaints and collect analytics to track trends
Manage and respond to privacy complaints in a timely and customer service oriented manner and coordinate operational processes required to meet privacy standards
Under the guidance of Legal Counsel, monitor and negotiate agreements with third parties that host, collect, use, or have any other relationship with HSFC collected personal information
Respond to ATIP requests – working with business units to prepare materials and submissions
Review all digital and print materials prior to publishing for compliance with privacy legislation and CASL
Test new websites and applications for compliance with privacy legislation and CASL
Sit on committees related to new Foundation tools to advise on privacy issues
Lead training sessions and refreshers as necessary on privacy procedures
Manage insurance renewals process
Manage annual renewal of all insurance policies for the Foundation through working with the Foundation’s broker
Manage the drafting of annual reports to the Board and make recommendations on insurance coverage
Provide support to teams on insurance as it relates to contracts
Manage process of claims as necessary and manage incident reporting system
Manage the coordination and administration of various legal projects
Demonstrate initiative to coordinate legal projects and initiatives
In coordination with counsel, develop project plans, key milestones and deliverables and ensure projects are moving according to schedule
Engage with stakeholders across the organization and in some instances, external stakeholders, to acquire appropriate input and subject matter expertise on projects to drive results and move initiatives forward.
Support legal team on contract process and other risk mitigation tools, as necessary.
Who we need
Post secondary degree or diploma
PACC or CIPP C Certificate (or in progress) or related certificate program from a Canadian post-secondary institution
Minimum of 3-5 years of relevant experience in a Canadian privacy office role using specific skills/knowledge such as privacy management, access and Information management, project management, risk management, data security and/or insurance
Demonstrated experience working with privacy legislation
Project coordination or project management experience
Extremely organized, detail oriented and able manage various stakeholders to see projects through to completion
Excellent understanding of privacy legislation, regulations and guidelines
Experience and comfortable handling highly confidential and sensitive information
Strong problem-solving and decision-making skills and the ability to work autonomously
Ability to take ownership of projects and to be a self-starter
Strong verbal and written communication skills; clear, concise with strong persuasive writing skills
Proactive thinker to recognize risk and escalate as appropriate
Ability to use sound judgement and make quick decisions.
Strong ability to manage a wide variety of tasks and systems simultaneously.
Analytical thinker with the ability to understand complex systems and policies and how they interact with standards and products, and able to make appropriate risk-based business recommendations.
Ability to communicate legislative requirements in simple terms to stakeholders
Ability to communicate risk and action steps with business units, senior leaders and regulators.
customer service oriented
competency in Microsoft Word, Excel, Power Point and virtual technologies for communication (ie -MS Teams)
What we offer
At Heart & Stroke, we make it a priority to foster a culture of caring by implementing practices and programs that foster respect, compassion, trust and attentiveness to our own and others’ health and well-being.
In addition to a competitive salary, we believe that time off is integral to the personal health and wellness of our employees. We offer a generous paid time-off package including vacation days, personal days, wellness days, and paid company-wide closure between December 25 and January 1. We also provide competitive health, medical, dental and vision benefits, life insurance, disability benefits, an employee assistance program (EAP) and a defined contribution pension plan with employer matching. Our employees also enjoy a flexible hybrid working model and reimbursement for mobile phones and home office setup, as well as opportunities for professional development.
If you want to join the fight to beat heart disease and stroke, please apply by sending your resume by February 23, 2024. Applicants must be currently residing in Canada and legally entitled to work in Canada.
Only those candidates that qualify will be selected for an interview. At this time, all interviews are being conducted via phone and/or video call ― we look forward to “virtually” meeting you!
We are committed to fostering an inclusive, barrier-free and accessible environment. If you have been contacted for an interview and require accommodation to participate in the recruitment and selection process, please let us know and we will do our best to address your needs.
Please note: Heart & Stroke has a vaccination policy that requires all employees to be fully vaccinated unless they have a valid exemption. You can view our policy here.