×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Data Security

Manager, Privacy and Records Management

Job in Toronto, Ontario, M5A, Canada
Listing for: PACC-CCAP - Privacy and Access Council of Canada
Full Time position
Listed on 2025-12-28
Job specializations:
  • Security
    Data Security
Job Description & How to Apply Below

, Canada’s largest and oldest art and design university, is a vibrant community of bold, curious and compassionate artists, designers and scholars who are imagining and creating a joyful, equitable and sustainable world. The University is an internationally renowned hub for art, design, digital media, research, innovation and creativity, and arts administration. It embraces collaborative and interdisciplinary approaches to change-making through art, design-thinking curriculum and research, making OCAD U a local, regional, national and global leader in art and design.

It is an exciting time to join the OCAD U community as the University is at a key stage in its institutional transformation, with the implementation of its and guiding principles — driving positive impact; decolonization, indigenization and equity; environmental sustainability; emerging as a vibrant hub; student centered approaches; innovation in learning teaching and research; and financial stewardship.

Reporting to the Vice-President, Finance and Administration, the Manager, Privacy and Records Management acts as OCAD University’s subject matter expert on matters related to access to information, protection of privacy, and records management. Responsibilities include proper application of access and privacy legislation, processing access to information requests, promoting proper records retention and good record-keeping practices, completing privacy and security impact assessments, investigating privacy breaches and privacy complaints, and promoting a culture of privacy protection and good information governance at the University.

The Manager, Privacy and Records Management is responsible for ensuring the University is in compliance with relevant privacy and access legislation. The Manager must have knowledge of legislative requirements and must maintain an ongoing awareness of developments in the areas of privacy and records management, and the implications of those developments for the University.

Summary of Responsibilities
:

Privacy (70%)

  • Provide authoritative advice on the University’s obligations under access and privacy legislation Ontario’s Freedom of Information and Protection of Privacy Act (FIPPA) and Personal Health Information Protection Act(PHIPA) are collectively referred to as “Privacy Law”.
  • Provide information, guidance and advice to the University community and general public regarding questions about privacy and information access requests at the University
  • Respond to the University’s access for information requests, ensuring compliance with Privacy Law
  • Provide guidance and information to requestors (both internal and external to the University) with their access requests
  • Direct and coordinate the retrieval of information relevant to access requests with staff, faculty and administration
  • Prepare responses to requests for information through review and consolidation of retrieved information
  • Interpret Privacy Law in order to make informed decisions regarding the application of exemptions and exclusions to the information requested, if applicable, including researching relevant orders and judicial review decisions
  • Respond and act on behalf of the University when decisions on access are appealed to the Information and Privacy Commissioner of Ontario’s (IPC)
  • Receive and investigate privacy-related complaints, and respond to the IPC assigned analyst in cases of formal privacy complaints against the University
  • Lead the response to privacy breaches at the University through the collection of relevant information and providing subject matter expertise to senior administrators for informed decision-making
  • Work with IT in cases of cybersecurity incidents involving personal information.
  • Coordinate any required involvement from legal counsel through liaising with the Office of the Vice-President, Finance and Administration
  • Submit all mandatory reporting to the IPC and prepares annual reports on Privacy Law compliance for the Audit, Finance and Risk Committee of the Board of Governors
  • Plan, lead and conduct Privacy Impact Assessments
  • Work closely with Information Technology staff to evaluate and provide authoritative recommendations on…
    • Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
    To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)

    Job Posting Language
    Employment Category
    Education (minimum level)
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary
    Advanced Search