· Interpret and apply Ontario Freedom of Information and Protection of Privacy Act (FIPPA) and Personal Health Information Protection Act (PHIPA), Health Information Network Provider (HINP) agreements, and Data Sharing Agreements (DSAs) to the project deliverables, ensuring that the ministry and OH’s obligations are met to provide individual access to PHI and other digital health care services.
· Assess existing legislation and regulations for potential changes required to support additional initiatives to provide greater access to PHI and digital health care services and determine impacts on existing data sharing/EHR agreements/privacy frameworks/health information custodian (HIC) models.
· Develop and provide change management support and/or communications to support stakeholders with changes related to privacy business processes.
· Review the recommendations from the privacy impact assessment (PIA) of the proposed solution and business processes.
· Provide advice to the ministry as it relates to privacy legislation, regulations, policy and guidelines.
· Coordinate across branches and develop communication materials such as briefing notes and presentations.
· Consult and gather input from specific individuals within the organization on privacy topics either independently or as part of a team.
· Communicate with technical and business audiences and non-privacy experts.
· Prepare and present status reports and updates for any relevant steering committees, advisory panels, working groups, or similar governance bodies.
· Ensure project artefacts and deliverables reflect a superior understanding of:
o The necessary legislation and regulations to enable access to PHI and digital health care services in the Ontario context;
o The current landscape of digital health tools used to support patient access to PHI, including patient portals, apps, etc., and the opportunities to transform care and improve services to support a unified patient experience in digital health;
o Strong knowledge of identity verification, authentication, and authorization services and the privacy and policy requirements to enable the usage of these services;
o Strong knowledge of digital health systems and programs, including Health811, secure log-in mechanisms, patient portals, and the provincial EHR;
o All relevant digital health/information technology issues, including policy, clinical / business and technical (e.g., interoperability, standards, licensing, operations and sustainment, etc.) requirements; and
o Private and public sector delivery partner capacity to deliver technology in a clinical setting; and
o Best practices in information technology project management.
NOTE
Extension/Amendment Attestation: Extension(s) only allowed using unused days/funds left on contract. No additional funds will be added beyond the maximum contract value and any extension options included in the original SOW. Such extension(s) will be allowable only if the Master Service Agreement is extended beyond April 5, 2026 and be upon the same terms, conditions and covenants contained in the SOW.
The resource needed until July 31, 2026, will include an option to extend, at the same rate, till July 31, 2026 if Tender_12075 Managed Service Provider for Contingent IT Resources is also extended for a further one year, else an RFS under the Successor VOR will be issued for the services required April 5, 2026 to July 31, 2026 plus any extension options.
Assignment Type: This position is currently listed as "Hybrid" as consultants will be required to work partly in the physical workplace and partly remotely. The details of this arrangement will be at the Hiring Manager's discretion.
|
Health sector and digital health experience |
·Strong understanding of the healthcare system, structures, processes, stakeholder groups and affected populations, and how healthcare services are delivered in the province based on extensive experience with Ontario’s health sector; ·Strong track record of experience with the ministry and its delivery partners, and in-depth knowledge of the levers and instruments of change; ·Strong knowledge of and experience with the digital health systems, programs, vendors, assets and solutions in Ontario. |
20 points |
|
Health privacy knowledge and regulatory experience |
·Strong understanding of Ontario’s privacy regulations/policies/frameworks, and how they are applied to individuals and organizations in the use and protection of personal health information; ·Demonstrated experience with conducting or leading privacy impact assessment in the health context; ·Demonstrated experience with interpreting or applying PHIPA, and leading regulatory/policy projects in digital health. |
40 points |
|
Program and project management |
·Experience managing complex projects with a demonstrated track record of successful delivery within approved plan, scope and budget and business outcomes; and ·Demonstrated leadership and resource management skills including the ability to direct activities and manage a variety of professionals. |
10 points |
|
IT strategy and planning |
·Track record of successful strategic planning in health technology contexts; ·Demonstrated ability to define objectives, develop strategic options analysis and to create action plans that outline tasks required for implementation phase; and ·Ability to provide clarity and collective understanding of the range of options and communicate logically how the options were developed and selected as the strategic response. |
10 points |
|
Business analysis |
·Demonstrated experience managing business projects and achieving successful results on time and on budget with high customer satisfaction; ·Demonstrated experience in process mapping, requirements gathering, program definition, and transition planning; and ·Demonstrated experience in leading program or organizational transformation initiatives. |
20 points |
Maximum Number of Submissions - 1 (one)
Hybrid - - Candidate MUST work 3 days onsite and 2 days remote
MUST HAVES:
Strong understanding of Ontario’s privacy regulations/policies/frameworks, and how they are applied to individuals and organizations in the use and protection of personal health information;
· Demonstrated experience with conducting or leading privacy impact assessment in the health context;
Strong knowledge of and experience with the digital health systems, programs, vendors, assets and solutions in Ontario.