Director of Compliance & Ethics, Privacy & Access to Information
Our client, an export credit agency, which provides information, knowledge and innovative commercial solutions to corporations and investors to help expand their international business.
Team & Job Overview
Reporting to the Vice-President and Chief Compliance & Ethics Officer, you will promote our client’s Privacy and Access to Information programs while providing leadership in ensuring its compliance with the Canadian and foreign applicable Privacy laws and the Canadian Access to Information Act.
You will oversee a team of privacy and access to information professionals in the development, enhancement and implementation of policies, programs and practices to support regulatory compliance and to ensure that the Corporation’s obligations with regard to the above legislation are met.
Along with providing expert advice and guidance to senior management and employees on the application and interpretation of the laws applicable to our Client, you will identify and develop mitigation strategies for privacy and data protection, and oversee all the phases of the operational process associated with access to information and privacy requests.
- Ensures designs, develops, implements and promotes awareness of the organization’s Privacy and Access to Information policies in response to regulatory requirement
- Ensure monitoring of the organization’s compliance with Privacy and Access to Information policies and manages all statutory and regulatory reporting processes
- Ensures coordination and conducts assessment of internal Privacy controls to ensure compliance as required by regulatory commissions/authorities and influence regulatory policy
- Investigates Privacy incidents and recommends controls to reduce/eliminate future breaches of the organization’s policies
- Ensures development of programs and processes to manage complaint cases brought to Privacy and Access to information regulatory authorities and develops process improvements to avoid future complaints
- Maintains the organization’s ongoing relationships with Privacy and Access to information regulatory commissions/authorities
- Advises on the design of products and programs to ensure new and modified programs adhere to Privacy policies by recommending controls
- Establish the team’s priorities and plans, ensuring consistency with the corporation’s strategic direction, monitor progress to plan, identify gaps and implement corrective action plans.
- Develop, implement and monitor the internal policies, procedures and practices for administering compliance to the privacy and Access to Information laws, including processing and tracking requests and ensuring adherence to legislative timelines.
- Regularly consult with senior management, lines of business and Legal Services for the proper application of the legislation and corporate policies, and ensure that the Corporation’s and its wholly-owned subsidiary’s annual reporting obligations as outlined in the laws are met.
- Provide direction, advice, support and recommendations to various corporate functions whose records of information become the subject of ATI and Privacy requests.
- Influence, and negotiate with, various stakeholders on ATI and Privacy issues to determine relevance and materiality of information and disclosure obligations on a timely basis.
- Keep abreast of any emerging issues, relevant jurisprudence or marketplace developments, identify ATI and Privacy risks to the Corporation and its subsidiary, and make recommendations to senior management on appropriate courses of action.
- Research, analyze and evaluate major complaints and challenges filed with the Offices of the Information and Privacy Commissioners of Canada, and negotiate settlements and solutions with the parties concerned and/or offer recommendations to senior management on ATI and Privacy requests and related contentious ATI or Privacy issues.
- Directs the performance management and skill/career development of assigned staff to ensure adequate capacity and capability to meets organizational needs.
- Completed an Undergraduate Degree with a specialization in Law or in a related field
- Minimum 10 years’ experience in Privacy and Access to Information
- Advanced knowledge of Privacy and Access to Information laws, regulations and compliance requirements as they apply to Crown Corporations in Canada and certain foreign jurisdictions
- Minimum 5 years of leadership experience
- Bilingual in both official languages (French and English)
Privacy training professional designation(s) including:
- CIPP (Professional)
- CIPM (management)
- CIPT (technology)