Privacy Compliance Auditor

MAXIMUS BC HEALTH INC. - Victoria, BC (30+ days ago)

Apply Now

Privacy Compliance Auditor, Excluded
Privacy Department, MAXIMUS Canada

Worker Category: Regular, Full-time
Location: Victoria, BC

In & Out of Service

Company Profile

MAXIMUS Canada is an industry leader in the provisioning of products and services to support the delivery of government services in North America and internationally. With operations across Canada and around the globe, MAXIMUS provides innovative, practical and meaningful solutions to help government programs and services function more effectively and efficiently.

We are constantly assessing new technology, processes and methods of delivering services to the citizens of Canada. With our expertise in program information management, claims processing, contact centre services, document processing and information technology, we are positioned for significant growth.

MAXIMUS Canada offers competitive market-based salaries, comprehensive employer-paid benefits and a defined-benefit pension plan or a Group RSP with employer-matching contributions, for eligible employees. Our people also get some great perks too, such as employee appreciation events throughout the year, along with a supportive results-oriented work environment.

Join us here in beautiful Victoria, British Columbia to experience the best of the West Coast lifestyle. You will work in an environment that will challenge you and reward your achievements. Your downtime can be spent exploring all the West Coast has to offer – scenic beauty, culinary experiences, cultural events and outdoor activities. We have it all! Located in the heart of downtown, our location offers easy access to every amenity.
MAXIMUS Canada welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.

Core Values

At MAXIMUS Canada, we believe that our culture strengthens our commitment to Helping Government Serve the People. We foster a culture that respects and values individual contributions and differences. At MAXIMUS Canada we believe in the following four core values:

Customer Focus
Our customers' business needs inform everything we do. We start by developing relationships built on trust and respect. We listen, and incorporate their diverse experience into our services and solutions, and we show our understanding with clear communication.

Disciplined Approach
With decades of experience delivering government programs, we balance tried and tested processes with a desire for continuous improvement. We take the time to plan and benchmark our performance – it's the path to success.

Results and Delivery
Great results depend on setting high, measurable standards of excellence and achieving the numbers. We challenge each other and hold one another accountable to our commitments.

A Great Place to Work
MAXIMUS Canada promotes a challenging work environment, empowering our employees to get the job done. If you want to work in an environment that recognizes and rewards accomplishments while caring about each other and the communities we serve, this could be the place for you.

Department Overview

MAXIMUS Canada’s Privacy Department is responsible for maintaining privacy compliance for all of our projects across Canada with applicable legislative requirements as well as the contractual requirements imposed by our Clients. The Privacy Department is responsible for ensuring that MAXIMUS Canada (MAXIMUS) employees and service providers not only meet these requirements but exceed these requirements whenever possible. The Department has oversight for the privacy program in all areas including the collection, use, disclosure and security of personal information. This includes the development and application of privacy related policies and procedures, employee and service provider privacy training (including ongoing privacy awareness), compliance monitoring including internal project audits, privacy impact assessment development for systems and initiatives, incident monitoring and reporting, and privacy breach remediation.

As part of MAXIMUS Canada’s compliance monitoring program MAXIMUS employs a full time Privacy Compliance Auditor who pro-actively monitors employee access within the systems that MAXIMUS administers.

Role Summary

The Privacy Compliance Auditor is responsible for the employee system access audit and special investigation duties as assigned by the Chief Privacy Officer. This process involves the detailed analysis of all employee accesses within the systems that MAXIMUS administers and detailed reporting of all outcomes. The position also assists with the logic behind the processes and any automation of the processes when possible.

In addition the position is responsible for the reporting of all administrative privacy incidents to MAXIMUS clients and the follow up for all remediation activities taken in response to these administrative incidents.

Key Responsibilities

Privacy Audit and Special Investigations:
1. Responsible for the administration of the privacy audit program including:
  • Audit of employee’s key stroke activity to identify inappropriate access to, use, and or disclosure of personal information residing in each system.
a. Production of employee operational activity reports.
b. Analysis of employee keystroke mapped to operational requirements.
c. In-depth analysis of an employee’s activities where standard operational requirements cannot be identified to further identify possible the nature of the activities.
d. Ongoing communications with Managers and Supervisors to assess employee work processes.
e. Identifying and reporting any perceived inappropriate activity to the attention of the Chief Privacy Officer for escalation to an investigation if required.
  • Development and refinement of audit processes including detailed analysis of system capabilities/functionality/automation capabilities;
  • Documentation of all audit processes and outcomes;
  • Production of administrative employee error reports for the Quality Assurance team follow up.
2. Assisting with special investigations into alleged employee wrong doing regarding the collection, use and/or disclosure of personal information including:
  • Conducting detailed investigations upon the direction of the Chief Privacy Officer, MAXIMUS Canada for enquiries brought forward by our Clients, members of the public, and/or internally identified.
  • Investigations require the further forensic analysis of employee/third party’s activity regarding the collection, use and/or disclosure of personal information which may lead to disciplinary action up to and including termination.
  • Providing further follow up and interpretation of investigation findings to both internal and external public bodies upon direction of the Chief Privacy Officer, MAXIMUS Canada.
  • Reporting all findings as necessary to the Chief Privacy Officer, Maximus Canada.
Privacy Breach Reporting and Liaison:
1 Reporting and administrative follow up for all administrative potential privacy incidences including:
  • Liaison with MAXIMUS Clients and other entities/central services providers as directed.
  • Follow up with Managers and Supervisors regarding the specific causes of privacy incidences.
  • Providing advice regarding appropriate mitigation steps to be conducted for each privacy incident and ensuring that all mitigation and document recovery steps have been completed and conform to both the Client’s and MAXIMUS breach management standards.
  • Ongoing tracking and reporting of incident related statistics.
  • Reporting all findings to the Chief Privacy Officer, MAXIMUS Canada.
Education and Experience

  • High school diploma or GED Equivalent
  • Knowledge of internal audit methodology and technics an asset
  • Post-secondary education would be considered an asset
  • Proficient knowledge of MS Office suite; Word, Excel, PowerPoint, etc
  • Knowledge of RAPID and MAXI would be considered an asset
Knowledge, Skills and Abilities

  • Defines appropriate goals
  • Advanced knowledge of audit processes and reporting.
  • Advanced skills in data analysis, data manipulation and interpretation.
  • In-depth knowledge of all Canadian privacy legislation.
  • The employee will need the ability to work independently in a secluded environment, with a strong attention to detail.
  • Excellent analytical skills
  • Excellent communication skills.
Core Competencies

Results and Delivery

  • Defines appropriate goals
  • Works toward achieving goals
  • Articulates vision and steps for achievement
  • Accountable to team
  • Works to meet established deliverables
  • Appreciates view of team members
  • Respectful
  • Builds strong relationships
  • Is flexible/adaptable
  • Works well with others
  • Solicits feedback
  • Acts with integrity and respect, in an open and direct manner
  • Understand that we win and have fun together
  • Cares about others and the communities we serve
Disciplined Approach
  • Takes the time to properly plan
  • Data-driven and detail-focused
  • Seeks out opportunities for continuous improvement
Customer Focus
  • Understands the balance between our capabilities, the customer’s expectations, and the parameters in which we operate.
  • Uses open, honest communication to develop relationships built on trust and mutual respect
  • Seeks to incorporate the experience of our diverse customers
  • Builds relationships through personal credibility, as opposed to formal authority
Application Information
We will be accepting applications until 9:00 pm (PST) on Friday June 5, 2020.
An eligibility list may be established for this role.
Please note that while all applications are appreciated, only those candidates selected for interview will be contacted.