Privacy Officer and Applications Manager

Job Number: JR101913

Job Title: Privacy Officer and Applications Manager

Department: CEHC Regional CIS - Managers 2

Job Category: Management

Hospital Location: Central East EPIC Office

Job Type: Permanent, Full time

Number of Positions: 1

Hours: Days, Evenings

The Regional Operations Team of Central East Health Cluster (CEHC) provides operational support following the regional Epic go-live in December 2021, to the seven (7) acute hospital organizations in the Central East (CE) region: Campbellford Memorial Hospital, Haliburton Highland Health Services, Lakeridge Health, Northumberland Hills Hospital, Peterborough Regional Health Centre, Ross Memorial Hospital and Scarborough Health Network. These organizations have been on a clinical transformation journey to implement a shared, regional Epic CIS solution as well as several regional third-party applications since July 2019.

Job Description:

Position Overview

Enabling Healthcare Across Networks of Central East (ENHANCE) Ontario (also referred to here as “EO”) is a not-for-profit corporate entity which will provide centralized IT services to its seven (7) member hospitals (Campbellford Memorial Hospital, Haliburton Highlands Health Services, Lakeridge health, Northumberland Hills Hospital, Peterborough Regional Health Centre, Ross Memorial Hospital, and Scarborough Health Network) to manage and operate a set of shared digital assets. This will enable its 7 member hospitals across 14 sites to deliver high quality and safe patient care using the shared Epic Clinical Information System (“CIS”) to over 1.5 million patients residing in both rural and urban communities located in the Central East region of Ontario.

This role will have dual responsibilities as Privacy Officer and Application Manager for ENHANCE Ontario (EO)

As a privacy officer, the successful candidate will manage the development and operation of a comprehensive privacy program that includes education, policy development and review, audits, risk assessments, investigations and incident management and analysis. The role of the Privacy officer is to ensure ENHANCE Ontario compliance with Canadian privacy laws. This will include creating, maintaining, and executing procedures and policies concerning confidential patient information. The incumbent must understand how to handle and use private data in a way that complies with federal, provincial and territorial regulations. This role responds to and prevents challenges, such as privacy breaches, to help the organization and the partnership as a whole avoid loss of reputation, and client trust, regulatory investigations, and costly litigations.

As an applications manager, the candidate is directly responsible for managing/leading a team of Analysts to provide application support, drive system optimization, and participate in implementation of new applications.   Collaborating with cross – hospital interdisciplinary workgroups, taskforces and committees. The Applications Manager supports the development of operational and tactical plans for the Epic CIS with a strong focus on service delivery to member hospitals, including project deployment, system optimization and implementation strategies. The successful candidate has a strong command of information technology, application management and the Epic platform.  On a regular basis, this role interacts with peer managers, cross-hospital business/clinical leaders, vendors, and external agencies.  As a manager, he/she provides recruitment, coaching, management and evaluation of staff.  The successful candidate is accountable for the efficient and effective management and utilization of approved financial, human and material resources.

Responsibilities:

Privacy:

• Support the development and implementation of an EO-wide privacy program

• Develop and advises on the implementation of EO’s privacy strategy and program, including policies, procedures, and standards

• Monitor the industry landscape to keep visibility on trends, innovation, emerging risks, and best practices related to privacy, and supports internal reporting on this landscape to key stakeholders

• Collaborate with other teams and departments to ensure that privacy considerations and requirements are factored into the design, build, and operations of business and clinical processes

• Foster a culture of privacy across the organization and within the partnership, and promotes privacy awareness among stakeholders by developing privacy training programs and delivering information sharing sessions

• Lead, coordinate and manage internal privacy reviews, data privacy impact assessments and external assessments.

• Collaborate with all programs and regional governance to review, revise and archive policies

• Review new applications and business processes that require access to personal health information, ensuring compliance with privacy standards, legislation, and industry best practices;

• Oversee the design, implementation, monitoring and reporting on the privacy compliance program and control measures to be compliant with PHIPA and FIPPA legislation and industry best practices

• Develop a privacy audit strategy and manages the audit process in key clinical information systems (e.g. EPIC)

• Responsible for overseeing and tracking:

  • privacy training, access audits, and promoting privacy awareness across the organization.

Management of consent directives and consent over-ride investigations.

• Investigations both internal and external incidents, complaints, and privacy related inquiries;

• Maintain the relevant documentation of the privacy program including incidents, complaints and related inquiries

• Work cooperatively with the Health Information Management team and other requisite regional governance tables in overseeing the patient’s right of access to, and disclosure of, personal health information in compliance with PHIPA

• Review data sharing agreements and vendor agreements in collaboration with Legal and Information Security/Technologies

• Liaise with external bodies including the Information and Privacy Commissioner of Ontario

• Oversee all matters related to Freedom of Information and responsibilities under applicable legislation

• As required, presents to front line staff, leadership, and Board on the privacy program and the healthcare privacy landscape

• Explore and champion privacy-enhancing technology and/or improvements in privacy processes, protocols, and technical solutions
  Management of the corporate policy framework, including coordinating and organizing corporate and departmental policies and ensuring policies are reviewed and revised as needed

Application Management:

• Provide integrated oversight and leadership for applications and the analysts who support those applications

• Responsible for system support, upgrades and optimizations of some applications that fall under Access Revenue & / or Ancillary applications

• Participate in the regional governance, supporting the Clinical Quality Committee Access and Finance Committee, and Ancillary Clinical Committee

• Coordination of staff and resources for the effective delivery of services to member hospitals

• Manage escalations and communications from stakeholders to allow for faster and more effective decision-making

• Act as an advocate for technology enablement and functions as an adjudicator during the intersection of clinical and IT teams during clinical information system enhancements and new deployments.

• Act as an advocate for end users (including patients) ensuring systems meet business and end user needs and promote clinical adoption of eHealth initiatives, information systems and decision support tools.

• Guide application teams to prioritize between optimization and maintenance activities

• Support staffing and capacity planning in order to best meet service levels and manage budget/costs

• Manage vendor relationships and escalate challenges as required

• Escalate potential work stream related operational risks to the Regional Applications Director and help develop and execute mitigation strategies

• Ensure compliance with any requirements from Change Advisory Board

Requirements:

• Undergraduate degree in a health-related background

• Master’s Degree (preferred)

• Certification in CIPP/C and/or CIPM (will accept enrollment)

• 3 - 5 years progressive experience in Privacy within a health care environment, and working within clinical information systems with experience and expert knowledge of: experience interpreting and applying privacy legislation, policies, and procedures related to access to, and the collection, use, disclosure, storage and destruction of personal health information governed by PHIPA;

• Past experience in audit strategy development utilizing a variety of resources;
  • xperience working with The Office of the Information and Privacy Commissioner (IPC);
  • Experience working with legal counsel;
  • Managing, interpreting and presenting data to various stakeholders

• Knowledge of applicable legislation (e.g. Privacy Act)

• Experience managing multidisciplinary teams of 15-30 individuals

• Project Management experience

• Experience with Epic or an Epic Certification is an asset but not mandatory

Accommodation and Diversity Statement:
Scarborough Health Network (SHN) embraces and celebrates our community’s unique multicultural heritage and diversity. SHN is an equal opportunity employer, dedicated to a culture of inclusiveness and diversity reflecting our diverse patients, staff and community alike. 
We are committed to fostering an environment of equity and inclusivity where every person can work and receive care safely, openly and honestly. All qualified applicants will receive consideration for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, nation of origin, genetics, disability, age, veteran status, marital or family status, belief system, or other factors related to one’s personal identity and/or values. 
We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs.
 

Learn more about our exciting opportunities by following SHNCareers on Instagram, Twitter, and Facebook.