Access and Privacy Advisor

How you'll contribute

Privacy Compliance and Risk Management

• Conducts privacy impact assessments for new and existing programs, projects, and technologies to ensure SAIT complies with its privacy and data protection policies and procedures and with applicable legislation and regulatory requirements, and works with Office of the Information and Privacy Commissioner to review and address those assessments as required.
• Identifies and evaluates privacy risks associated with SAIT’s data collection, use, disclosure and storage practices and processes, makes recommendations to mitigate those risks, and works with a broad range of internal stakeholders to implement those mitigation strategies.
• Completes privacy-related due diligence reviews of third-party vendors and service providers

Privacy Incident Responses and Investigations

Leads the investigation of and SAIT’s responses to privacy breaches and incidents, including documenting investigative outcomes and providing recommendations to prevent potential recurrence.

Conducts assessments of risk of significant harm to affected individuals and coordinates/carries out required notifications.

Access-to-Information Management

Responds to both internal and external access-to-information requests in compliance with applicable legislation and with SAIT’s policies and procedures. This includes coordinating with internal stakeholders to gather their responsive records, reviewing responsive records, redacting responsive records as appropriate, and responding directly to applicants on SAIT’s behalf.

Acts as SAIT’s primary contact with the provincial Office of the Information and Privacy Commissioner to address challenges and difficult situations in relation to access-to-information requests.

Institutional Advice and Support

Provides specialized advice to SAIT employees, managers, and leaders at all levels of the institution on a wide variety of matters relating to access-to-information and privacy, and including on SAIT’s artificial intelligence initiatives.

Provides support to General Counsel in relation to access/privacy issues and related information/data management issues

Participates on a wide variety of internal projects and teams, to ensure that privacy considerations are addressed and embedded in SAIT’s business processes and in SAIT’s implementation of new programs, initiatives and technologies.

Develops, updates and delivers training programs and educational materials across the institution relating to access-to-information and privacy.

Identifies and monitors developments in privacy legislation, best practices, guidance from regulatory bodies, and works with General Counsel to address those developments on an institutional basis.

What you bring

Bachelor's degree in business or a related field
3-5 years progressively responsible experience in privacy, information management, compliance or a closely-related field, and with knowledge and practical application of provincial privacy and access-to-information legislation
Experience with ServiceNow is an asset
An IAPP certification and CIPP/C designation (or willingness to attain those designations) are preferred

Skills & Knowledge

Demonstrated ability to work effectively and collaboratively with internal and external stakeholders at all levels of the organization
Excellent written and verbal communication skills, including the ability to communicate technical and legal information clearly and effectively to diverse audiences
Strong time management and organizational skills, with the ability to manage competing priorities and meet deadlines
Ability to work independently as a self‑starter, demonstrating initiative, creativity, and innovation
Strong research skills, with the ability to gather, analyze, and synthesize information from a variety of sources
Well‑developed analytical and critical thinking skills to assess complex issues and support informed decision‑making