CCAC Provincial Boundary Map


To find your local region, please enter your postal code

NSM Logo

Manager, Privacy & Risk

Closing Date:
Open until position filled
Job Summary:

Posting Number:    15-07

Status:                    Temporary Full-time (Aug.3/15 to Sept.5/16)

Office Location:      Barrie

Reporting to the Director of Quality and Risk, the Manager of Privacy and Risk provides leadership for Risk Management and Internal Audit and Information Management (both Health Information Management and Corporate Information Management).

This role also fulfills all aspects of the Privacy Officer role as laid out in relevant legislation and regulation.


Risk Management & Internal Audit

  • Leads the follow up, investigation and management of critical events (and others as required) to identify organizational risks, make recommendations for mitigation and/or minimization, and initiate the disclosure process.
  • Supports the Director, Quality and Risk for the implementation, evaluation and continuous improvement of Enterprise Risk Management in the organization.  This includes ensuring that staff have the knowledge, skills and tools required, within the available organization resources, to effectively identify and manage risk(s).
  • Works collaboratively with the management team to ensure a coordinated, organization wide approach to the prioritization and management of risk and the integration of sound risk management practices in all organizational decision making.
  • Facilitates the identification and assessment of team/department/project risks, at the request of the manager/project lead.
  • Participates on provincial committees for Risk Management and Event Management.
  • Supports the Director, Quality and Risk and Vice President, Organizational Excellence in appropriately reporting risks to the CEO and Board of Directors and, when applicable, externally, e.g., to the Local Health Integration Network.
  • Leads in the development and execution of an annual internal audit plan (including, but not limited to, data quality, information management and privacy compliance) and ensures appropriate communication of audit findings.
  • Champions the desired organization risk management tone and culture.

Health Information Management

  • Responsible and accountable for ensuring the integrity, security and completeness of health records.
  • Develops and maintains health records policies, procedures and standards reflective of leading health information management practices and in compliance with all relevant legislation and regulation, including the development and delivery of HIM education.
  • Champions data quality throughout the organization, including developing/updating data standards for client information systems.
  • Develops specific coding guidelines for CCAC diagnostic coding consistent with CIHI and the Provincial standards.
  • Monitors health records management and/or data quality performance against benchmarks/targets and identify opportunities for improvement.
  • Coordinates/facilitates the planning and implementation of identified quality improvements.
  • Acts as an expert resource to organizational working groups and project teams (as required).
  • Actively participates in provincial HIM initiatives.

Corporate Information Management

  • Develops and maintains corporate records policies, procedures and standards reflective of leading information management practices and in compliance with all relevant legislation and regulation.
  • Develops and delivers information management training and education to staff.
  • Responsible for the management of information requests, including but not limited to, coordinating the collection of documents and disclosure.

Privacy Officer

  • Responsible and accountable to provide leadership to all aspects of NSM CCAC's information privacy practices in compliance with all relevant legislation including functioning as the Privacy Officer (as outlined in the Personal Health Information Protection Act (PHIPA, 2004)).
  • Develops and maintains NSM CCAC privacy policies, procedures and standards in compliance with all relevant legislation.
  • Leads the establishment of privacy practices within the organization, overseeing privacy compliance monitoring activities, including the development/review of privacy risk/impact assessments to ensure compliance with organizational, regional and provincial initiatives.
  • Champions privacy throughout NSM CCAC.
  • Receives and responds to all public inquiries/complaints related to NSM CCAC privacy practices.
  • Coordinates privacy event investigations and ensures all required follow up is completed.
  • Develops a privacy audit framework and oversees execution of audits.
  • Monitors and trends performance related to privacy practices and, utilizing recognized quality improvement tools and methods, leads quality improvement initiatives.
  • Develops and delivers privacy training/education to staff.
  • Monitors privacy trends in the external environment and proactively anticipate and prepares the NSM CCAC for their impact.


  • Provides ongoing leadership, direction and support to direct reports.
  • Participates in the development of the annual operating plan.
  • Develops, implements, monitors and evaluates team operational plans, goals and achievements.
  • Models competencies of cooperation, collaboration, communication, leadership and accountability.
  • Establishes and sustains effective working relationships with managers, staff at all levels and key external stakeholders.

Client Safety

  • Supports client safety culture through the effective implementation and continuous improvement of Enterprise Risk Management.

Risk Management

  • Champion the desired organizational risk management tone and culture.
  • Integrate sound risk management practices into the business processes and day-to-day decisions responsible for.
  • Report risks with causes, impacts or mitigations beyond scope of responsibility to senior management.
  • Support the participation of staff in learning opportunities to build competencies



  • University degree required, preferably in Health Care or Business
  • Completion of Risk Management program is an asset
  • Designation as a Certified Information Privacy Professional for Canada (CIPP/C) is an asset


  • 4-6 years of relevant experience in risk management and/or privacy
  • 3 years' experience in a management role, preferably in the health sector
  • Knowledge of the Ontario CCAC environment and services is an asset
  • Expert knowledge of best practices in Enterprise Risk Management
  • Comprehensive knowledge of health care legislation pertaining to health records and privacy


  • Demonstrated leadership, motivational and team-building skills
  • Excellent interpersonal skills and demonstrated ability to facilitate effective working relationships with internal and external customers
  • Excellent verbal and written communication skills
  • Excellent presentation and facilitation skills
  • Demonstrted ability to be an effective change agent
  • Demonstrated analytical, problem solving and decision making skills
  • Demonstrated commitment to continuous improvement principles and practices
  • Ability to organize daily workload in the presence of frequent interruptions, multiple demands and deadlines
  • Demonstrates professional and courteous manner in interpersonal relationships
  • Provides information and allows opportunity for questioning, reinforcement of information
  • Exercises independent decision-making and takes responsibility for own action
  • Proficiency in French is an asset

How to Apply

Interested applicants should apply by submitting a cover letter, along with a detailed resume, outlining how your skills, qualifications and experience meet the position requirements to:

North Simcoe Muskoka Community Care Access Centre

ATT:  Human Resources Office

15 Sperling Drive, #100

Barrie, Ontario L4M 6K9

Email:   (Include position and vacancy number in subject heading)


Please note:  At time of hire, a Criminal Record Check will be required.

NSM CCAC is governed by the requirements of the French Language Services Act and therefore encourages applications from French speaking candidates.

NSM CCAC is committed to accommodating people with disabilities as part of our hiring process.  If you have special requirements please advise Human Resources during the recruitment process.

We thank all applicants who take the time to apply. However, only those invited for an interview will be contacted.


About the CCAC

Community Care Access Centres (CCACs) connect people across Ontario with quality in‐home and community‐based health care. CCACs provide information, access to qualified care providers and community‐based services to help people come home from hospital or live independently at home.