Job Expired

This posting has expired and applications are no longer being received and this job does not show up on the main job list.

Data Protection and Privacy Specialist

by Alimentiv

Position Type: Full-time
Location: London, ON
Date Posted: Jan 19, 2023

Job Description


Data Protection and Privacy Specialist


The Data Protection and Privacy Specialist will engage with Alimentiv’s internal operations teams, customers, partners, and vendors on privacy and data governance issues related to all aspects of our business.  This will include acting as the initial point of contact for privacy compliance inquiries, assisting on all applicable audit responses, facilitating meetings with systems experts, completing data privacy impact assessments (DPIAs) and other compliance documents, and assisting with the maintenance of privacy and security compliance programs (e.g. ISO 27001, SOC2) and related policies. Reporting to Sr. Legal Counsel, you will execute our program initiatives to ensure the correct privacy controls, data protection and governance processes are implemented and documented to ensure compliance with global data privacy and security laws, regulations, policies, procedures, and data governance best practices throughout the organization and for our study subjects.



Privacy Management and Compliance

    • Support current processes and frameworks for compliance with privacy and data security laws in existing and emerging markets.
    • Build a maintenance cycle to ensure policies, training, incident handling programs and DPIAs are current.
    • Identify and report on gaps with respect to first line of defense controls and track associated corrective actions designed to close gaps.
    • Manage and complete DPIAs, working with system owners and IT as necessary for new systems /tools and processes.
    • In conjunction with the Enterprise Analyses team, ensure the completion of data inventory and mapping for existing and new systems and functions.
    • Participate in audits where knowledge of our data and privacy security practices is required.
    • Engage Subject Matter Experts (SMEs) for Sponsor and vendor compliance questionnaires; create an electronic questionnaire bank to ensure consistent responses.
    • Liaise with Quality Assurance (QA) to ensure we are meeting Corrective Action Preventative Action (CAPA) and contractual obligations.
    • Assist with the maintenance SOC and ISO standards.
    • Ensure completion of Annual System reviews.
    • Create and monitor performance indicators to determine the effectiveness of privacy controls.


Privacy Consulting

    • In conjunction with the legal team, monitor and stay abreast of applicable global laws and regulations.
    • Serve as a privacy subject matter expert to the organization, providing practical advice and/or guidance to internal stakeholders, including the Chief Privacy Officer (CPO), on privacy and data security governance requirements.
    • Actively participate on Alimentiv’s Privacy Committee, including monthly reporting to the Committee’s members company wide.


Communications and Training

    • Escalate any legal, regulatory, or reputational risk to the CPO and VP, IT.
    • Build reports including status of any issues, lessons learned and highlight risk.
    • In partnership with QA, IT and Human Resources (HR), ensure there is a central repository for storing all privacy-related incidents and actions.
    • Provide reports related to performance indicators to the PO and senior leadership team.
    • Design and implement general and function-specific training on privacy-related topics.



Applicants should have a minimum of an undergraduate degree and 1-3 years of relevant experience with initial and on-going training, or a college diploma/degree with 4-6 years of related experience. Further, the successful will possess the following: 


  • Privacy and data security certifications or in process (e.g. CIPP/C and/or CIPP/E)
  • Previous experience with QA/privacy and compliance processes in a healthcare environment
  • Audit support experience
  • Demonstrated general knowledge of applicable privacy laws and regulations
  • Strong time management and prioritization skills with a demonstrated ability to execute against multiple projects and excel in a fast-paced work environment
  • Excellent analytic and organizational skills
  • Strong writing and facilitation skills and ability to communicate verbally
  • Ability to prepare and deliver training sessions
  • Strong MS Office skills (Excel, PowerPoint)
  • Ability to work with various stakeholders, including cross-departmental teams and leadership



 Office based

*Accommodations for job applicants with disabilities are available upon request.