Health Careers For SOUTH WEST
 Print


CMHA Thames Valley Addiction and Mental Health Services

CMHA Thames Valley Addiction and Mental Health Services (TVAMHS) is an integrated mental health and addiction agency providing community-based supports and services to individuals living in London and the counties of Elgin, Middlesex, Oxford, and South Huron.

Position:  Privacy Officer

Region:  London and Middlesex

Description:  As the Privacy Officer, you’ll play a vital role in protecting the trust that is at the heart of mental health and addictions care. The Privacy Officer is responsible for developing, and overseeing the organization’s privacy program, and provides guidance on privacy matters, influences organizational decision making in relation to privacy and ensures compliance with applicable privacy legislation and organizational policy. Every day, you’ll help safeguard the dignity, confidentiality, and rights of individuals seeking support, often at their most vulnerable moments. This work offers the opportunity to make a real difference by ensuring that privacy is not just a compliance requirement, but a reflection of compassion, respect, equity in action and overall privacy risk management.

In this role, you will provide leadership and oversight for the organization’s privacy management program, ensuring compliance with all applicable privacy legislation, including the Personal Health Information Protection Act, 2004 (PHIPA), the Freedom of Information and Protection of Privacy Act (FIPPA), and related standards governing the collection, use, disclosure, and safeguarding of personal health information.

You will act as the organization’s primary resource and subject matter expert on privacy, confidentiality, and information governance. This position is responsible for developing, implementing, and maintaining privacy policies, procedures, and training programs; monitoring compliance; investigating privacy breaches; and promoting a culture of privacy and accountability across all programs and services.

As a trusted member of the Leadership Team, you will ensure that privacy principles are integrated into operational decisions, client care practices, and organizational systems to protect the confidentiality, integrity, and trust of clients, staff and organizational information. High degree of discretion and professionalism is critical due to access to confidential and sensitive business information.

Consider revitalizing your career and making a difference in your community by joining our team!
 
What we're offering:

  • Your pension plan - Immediately enrolled in the Healthcare of Ontario Pension Plan (HOOPP)
  • Your benefits will be – After a 90-day waiting period, will be enrolled in extended health care benefits

Responsibilities:

 Privacy Governance and Compliance -

  • Develop, implement, and maintain a comprehensive privacy management program, including policies, procedures, and standards in alignment with PHIPA, FIPPA, and other relevant legislation and in alignment with organizational mission and strategic priorities
  • Provide leadership and consultative direction for all domains of privacy initiatives and breaches within the organization including but not limited to client services, vendor management, human resources/labour relations, organization and board governance, IT and finance management, donors, community system partners etc.
  • Act as the organization’s liaison with the Information and Privacy Commissioner of Ontario
  • Monitor and interpret changes in privacy legislation and make recommendations to ensure organizational compliance
  • Conduct privacy impact assessments (PIAs) and risk assessments for new initiatives, technologies, or partnerships to identify and mitigate privacy risks
  • Ensure that privacy considerations are embedded into organizational planning, service delivery, and information systems
  • Contribute to organizational projects and initiatives to ensure privacy is integrated into systems, workflows, and communication practices
  • Support compliance with accreditation standards related to privacy and confidentiality
  • Maintain and oversee the privacy risk register, maintain Records of Processing Activities (ROPA) and data maps
  • Develop and conduct vendor risk assessments and privacy impact assessment where applicable
  • Responds to requests for access and correction including requests for records outside the traditional health record and release of information to third parties such as insurance companies, police, WSIB, Children’s and Family Services, regulatory colleges etc.

Privacy Incident and Breach Management -

  • Oversee and manage all privacy breaches and complaints, ensuring timely investigation, containment, notification, and remediation in accordance with legislative requirements and organization’s policies and practices
  • Support program managers, People Services, Senior and Executive leadership through the investigation process, consult or participate in discipline or litigation processes related to privacy breaches, as required
  • Develop corrective action plans and recommendations to prevent recurrence and strengthen organizational privacy safeguards regarding performance program performance, emerging risks and regulatory developments
  • Receives and responds to complaint from the public, clients and other stakeholders

Training, Education, Awareness and Consultation -

  • Develop and deliver privacy education and training programs for all staff members, volunteers, students, and contractors to ensure understanding of privacy obligations
  • Provide coaching and consultation to staff members and leaders regarding privacy practices, data-sharing protocols, and documentation standards
  • Create educational materials, communications, and presentations to build and sustain a culture of privacy and respect for confidentiality across the organization

Access, Correction, and Disclosure Management -

  • Oversee and respond to requests for access to or correction of personal health information in accordance with PHIPA
  • Provide guidance and decisions related to the disclosure of information, ensuring adherence to privacy legislation, organization’s policies and ethical standards
  • Maintain and update documentation for all access and disclosure requests, ensuring accurate tracking and reporting

Records and Information Management -

  • Collaborate with the Information Technology Team and program leadership to ensure secure storage, retention, and disposal of both electronic and paper-based records
  • Support the development and maintenance of record retention schedules consistent with legal and operational requirements
  • Ensure information management practices support confidentiality, integrity, and availability of client and staff member information

Partnerships and Relationships -

  • Work collaboratively across departments to integrate privacy and confidentiality principles into all areas of the organization
  • Maintain effective relationships with internal and external stakeholders, including the IPC, partner agencies, service providers, legal representatives.
  • Participate in professional development and networking opportunities to maintain current knowledge of privacy best practices
  • Demonstrate a commitment to equity and inclusion by ensuring privacy practices are culturally sensitive, accessible, and respectful to all clients and staff members

Qualifications:

Required:

  • Bachelor’s degree in Health Information Management, Health Administration, Law, or a related field, or equivalent combination of education and experience (primary proof of credentials will be required during the hiring process i.e. original degree/diploma or official transcript)
  • Driver's licence and access to a vehicle with adequate insurance to carry out job duties
  • Current, satisfactory Police Criminal Record Check

Preferred:

  • 3–5 years of progressive experience in privacy, compliance, or information governance, preferably within a healthcare or community mental health and addictions environment.
  • Experience developing and implementing privacy programs, policies, and training.
  • Experience interpreting and applying privacy legislation (PHIPA, FIPPA, etc.).
  • Experience managing privacy breaches and conducting privacy impact assessments.
  • Strong understanding of PHIPA, FIPPA, and related provincial and federal privacy legislation
  • Knowledge of mental health and addictions service delivery contexts and client privacy needs
  • Familiarity with information security principles and electronic health record systems

Police Criminal Record Check Requirements:

Successful candidates must have a Police Criminal Record Check completed in the last six months. Interested applicants who reside in the City of London and are in need of a Police Criminal Record Check (CRC) are encouraged to apply for one as soon as possible as CRCs in the City of London are currently taking approximately 4 weeks to be processed and offers of employment cannot be made without receipt of a CRC.

French Proficiency:  French an asset

Salary:  $31.76 - $39.01 per hour

Terms of Employment:  Full-time

Deadline for Application:  Saturday, February 14, 2026

How to Apply:  Please submit your cover letter and resume by email to Human Resources at
human.resources@cmhatv.ca.

Our recruitment process allows us to learn about your previous work experience, your qualifications and your commitment to fulfilling our vision. While we appreciate the interest of all applicants, only those individuals being considered for a position will be personally contacted by someone from the interview team. 

We welcome and encourage applications from all members of our community including persons of any gender, gender identity, gender expression, or sexual orientation, persons with disabilities, Indigenous persons, and members of visible minorities. If you require accommodations related to a disability at any point during the recruitment process, please contact us. 

Location:  London

Profession Type:  Other

Edit Job

Stroke Resources Information London South West Healthy Aging