Director, Privacy and Policy Management

Job Description

Position Summary

BCIT’s Privacy, Information Access, and Policy Management department is seeking a regular, full-time (1.0 FTE) Director, Privacy and Policy Management. This position provides strategic direction to the wide range of the Institute’s privacy and information access activities and key pillars in accordance with the Freedom of Information and Protection of Privacy Act (FOIPPA). Develops strategies, plans, policies, processes and privacy awareness resources and training to ensure BCIT is positioned to meet its legal, regulatory, and contractual obligations related to protection of privacy and access to information. Acts as strategic advisor to the VP, People, Culture and Inclusion and senior leaders on the administration of FOIPPA, and provides the privacy perspective on planning, development and implementation of Institute projects, policies and business processes. Chairs the Policy Review Team and oversees the development and implementation of the Institute’s policy framework.

Key Accountabilities

• Participates as a member of the VP’s leadership team, providing input to development of the division’s over-arching strategies and sharing responsibility for achievements and success.
• Develops department strategies, plans, policies, standards, processes and systems and ensures the Institute is positioned to meet its legal, regulatory, and contractual obligations related to access to information and privacy. Delivers reports and presentations, including metrics, on Privacy and Policy program achievements and status of key initiatives.
• Acts as strategic advisor to the VP and senior leaders on the Institutes’ most critical and sensitive privacy issues and risks, access to information requests, disclosure considerations and decisions, the release of BCIT records and information and compliance with FOIPPA and related legislation.
• Works collaboratively with the VP and other HR leaders to ensure a strategic, integrated, and broad approach to all People, Culture and Inclusion program planning, development and delivery. Fosters a collaborative and supportive team approach for all reporting areas, and with all other HR departments.
• Designs and oversees implementation of the organization-wide privacy management program to foster a culture of privacy and proactively avoid breaches of FOIPPA to mitigate impact. Advocates for the integration of privacy principles into business practices and processes; demonstrates accountability and due diligence for privacy across the disciplines and job functions.
• Directs the development and implementation of the Institute’s Privacy Impact Assessment (PIA) process in accordance with FOIPPA.
• Works in partnership with the Cyber Security and the Enterprise Risk leaders to direct the development and implementation of risk mitigation strategies, plans and controls, including a privacy breach/incident management program and privacy compliance audits of program areas and the Institutes’ business practices and processes.
• Directs the research into emerging trends, developments, potentially contentious information access and privacy issues, methods and technologies related to legislative compliance and privacy management and data protection practices, OIPC precedents and determines appropriate application to department programs, services and initiatives.
• Liaises with and represents the Institute at the inquiry and review levels with the Office of Information and Privacy Commissioner (OIPC); liaises with legal counsel, administrators, faculty, and staff on privacy matters, complaints, investigations or appeals.
• Liaises with other post-secondary institutions and public bodies that are subject to FOIPPA and represents the Institute on privacy management and policy management matters.
• Chairs the Policy Review Team. Oversees the development and implementation of BCIT’s policy framework. Directs the development and delivery of policy management resources, advisory services, research, and documentation services to support the effective and consistent maintenance, review, drafting or revision, and approval of Institute policy instruments.
• Works collaboratively with policy sponsors and approving bodies to ensure a strategic, integrated and broad approach to the development and management of BCIT-wide policies in accordance with the Institute’s policy development policy and procedures and best practices.
• Directs the development and maintenance of the official academic and administrative Institute Policies website (BCIT policy manual) and archive of Institute policy instruments.
• Manages directly and indirectly reporting staff, overseeing and participating in selection, coaching, mentoring, development, performance management and all other people management practices.

Qualifications

• Bachelor’s degree in a relevant discipline and Professional designation (IAPP or CIPP).
• Minimum 10 years’ experience at senior levels of responsibility in information access and privacy, compliance, risk management, or legal.
• An equivalent combination of education and experience may be considered.
• Expert knowledge of the information access requirements under the Freedom of Information & Protection of Privacy Act (FOIPPA) or other privacy or access to information legislation and Office of the Information and Privacy Commissioner’s (OIPC) orders and guidelines.
• Solid knowledge of the concepts, theories, practices and techniques of policy development and policy management.
• Solid knowledge of AI governance frameworks.
• Expert knowledge of the theories, concepts and practices of risk management to assess risks and use good judgement in balancing access and privacy principles with the operational needs of the Institute.
• High degree of business acumen with strong skills in strategic planning, program development and implementation, budget planning and cost management.
• Expert verbal communication and interpersonal skills with the ability to act as strategic advisor on the Institute’s most critical privacy and information access matters.
• Expert written communication skills to convey sensitive information accurately.
• Strong skills in analysis, decision making, problem solving and conflict resolution.
• Strong leadership skills and the ability to manage a team of reporting advisors in multiple disciplines and to build a strong team-based environment.

Salary Range

$149,823-$215,370, with a control point of $187,278 per annum.

Additional Salary Information: The Compensation Range is the span between the minimum and the maximum base salary for a position. The control point of the range represents an employee that possesses full job knowledge, qualifications, and experience for the position. In the normal course, employees will be hired, transferred, or promoted between the minimum and the control point of the salary range for a job, taking internal equity into account. Salaries above the control point may be considered for extenuating circumstances and must be approved by an external governing body.