Privacy Officer & Legal Support Specialist

 Published 10 days ago
Apply Now Please mention DailyRemote when applying

Disclaimer: Before you apply, please make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Who we are 

At Heart & Stroke our mission is to promote health, save lives and enhance recovery. We are committed to a culture that exemplifies our core values: champion health, practice humility, embrace change, drive impact, learn and grow and be heartfelt as we work together to beat heart disease and stroke. 

We believe in equity, diversity and inclusion ― it’s embedded in our values and core mission work to support all people in Canada to lead healthier lives. We are committed to applying this principle to cultivate a welcoming environment that embraces diversity among our employees. Candidates from diverse backgrounds, including but not limited to, Indigenous peoples, racialized communities, 2SLGBTQIA+ communities, women, and people living disabilities are encouraged to apply. 

To learn more about our mission, values, commitment to EDI, and the difference Heart & Stroke makes in the lives of people in Canada at every age, please visit our website

The opportunity 

Heart & Stroke is seeking a talented and experienced Privacy Officer and legal Support Specialist to join its respected Legal team. Reporting to General Counsel, Corporate Secretary and SVP Risk Management, this role is responsible for managing H&S’s national privacy portfolio and providing co-ordination and support for ad-hoc legal team projects, including enterprise risk management and governance projects.    

The Privacy Officer is accountable for maintaining and ensuring the foundation’s privacy policy is up to date, ensuring compliance with applicable privacy legislation across different jurisdictions and manages privacy complaints.  The role works closely with the legal team and business units across the organization to understand, map and maintain data governance policies and processes.   

This role also manages the foundation’s insurance portfolio, claims and incident reporting systems and works with the various business teams to collect the appropriate information required for renewals.  

The successful incumbent in this role will also need to have strong project management skills to coordinate the administration of various legal projects across the organization including supporting policy drafting and maintenance to support the full legal team in carrying out risk mitigation processes. 

So, if you live in the GTA, have a desire to work in a flexible hybrid work environment, and found the summary above was a match to your skills and experience, please keep reading for more detail and apply today! 

How you will make an impact every day 

Manage the foundation’s privacy portfolio 

  • Manage and maintain mapping of the foundation’s data and data governance processes and policies 

  • Ensure compliance with all applicable privacy legislation across the different province and stay abreast of upcoming changes and developments in the law to ensure Heart & Stroke remains compliant 

  • Oversee all privacy complaints and implement resolution process, escalating to legal counsel when required due to risk 

  • Advise business teams on standards and requirements of privacy law applicable to the foundation in coordination with counsel 

  • Monitor developments in the privacy landscape and translate and provide information to business leads on how to stay on top of these developments 

  • Manage processes required of a privacy office which includes, but is not limited to:  breach logging, managing the privacy email in-box, oversee maintenance of suppression lists for constituents that don’t want to be contacted, track and monitor complaints and collect analytics to track trends 

  • Manage and respond to privacy complaints in a timely and customer service oriented manner and coordinate operational processes required to meet privacy standards  

  • Under the guidance of Legal Counsel, monitor and negotiate agreements with third parties that host, collect, use, or have any other relationship with HSFC collected personal information  

  • Respond to ATIP requests – working with business units to prepare materials and submissions 

  • Review all digital and print materials prior to publishing for compliance with privacy legislation and CASL  

  • Test new websites and applications for compliance with privacy legislation and CASL  

  • Sit on committees related to new Foundation tools to advise on privacy issues  

  • Lead training sessions and refreshers as necessary on privacy procedures  

Manage insurance renewals process 

  • Manage annual renewal of all insurance policies for the Foundation through working with the Foundation’s broker 

  • Manage the drafting of annual reports to the Board and make recommendations on insurance coverage 

  • Provide support to teams on insurance as it relates to contracts  

  • Manage process of claims as necessary and manage incident reporting system 

Manage the coordination and administration of various legal projects 

  • Demonstrate initiative to coordinate legal projects and initiatives 

  • In coordination with counsel, develop project plans, key milestones and deliverables and ensure projects are moving according to schedule 

  • Engage with stakeholders across the organization and in some instances, external stakeholders, to acquire appropriate input and subject matter expertise on projects to drive results and move initiatives forward. 

  • Support legal team on contract process and other risk mitigation tools, as necessary. 

Who we need 


  • Post secondary degree or diploma  

  • PACC or CIPP C Certificate (or in progress) or related certificate program from a Canadian post-secondary institution 


  • Minimum of 3-5 years of relevant experience in a Canadian privacy office role using specific skills/knowledge such as privacy management, access and Information management, project management, risk management, data security and/or insurance  

  • Demonstrated experience working with privacy legislation  

  • Project coordination or project management experience  


  • Extremely organized, detail oriented and able manage various stakeholders to see projects through to completion 

  • Excellent understanding of privacy legislation, regulations and guidelines 

  • Experience and comfortable handling highly confidential and sensitive information 

  • Strong problem-solving and decision-making skills and the ability to work autonomously 

  • Ability to take ownership of projects and to be a self-starter 

  • Strong verbal and written communication skills; clear, concise with strong persuasive writing skills 

  • Proactive thinker to recognize risk and escalate as appropriate 

  • Ability to use sound judgement and make quick decisions. 

  • Strong ability to manage a wide variety of tasks and systems simultaneously. 

  • Analytical thinker with the ability to understand complex systems and policies and how they interact with standards and products, and able to make appropriate risk-based business recommendations. 

  • Ability to communicate legislative requirements in simple terms to stakeholders 

  • Ability to communicate risk and action steps with business units, senior leaders and regulators. 

  • customer service oriented  

  • competency in Microsoft Word, Excel, Power Point and virtual technologies for communication (ie -MS Teams)   

 What we offer 

At Heart & Stroke, we make it a priority to foster a culture of caring by implementing practices and programs that foster respect, compassion, trust and attentiveness to our own and others’ health and well-being. 

In addition to a competitive salary, we believe that time off is integral to the personal health and wellness of our employees. We offer a generous paid time-off package including vacation days, personal days, wellness days, and paid company-wide closure between December 25 and January 1. We also provide competitive health, medical, dental and vision benefits, life insurance, disability benefits, an employee assistance program (EAP) and a defined contribution pension plan with employer matching. Our employees also enjoy a flexible hybrid working model and reimbursement for mobile phones and home office setup, as well as opportunities for professional development.  

Apply now 

If you want to join the fight to beat heart disease and stroke, please apply by sending your resume by February 23, 2024. Applicants must be currently residing in Canada and legally entitled to work in Canada. 

Only those candidates that qualify will be selected for an interview. At this time, all interviews are being conducted via phone and/or video call ― we look forward to “virtually” meeting you!  


We are committed to fostering an inclusive, barrier-free and accessible environment. If you have been contacted for an interview and require accommodation to participate in the recruitment and selection process, please let us know and we will do our best to address your needs.  

Please note: Heart & Stroke has a vaccination policy that requires all employees to be fully vaccinated unless they have a valid exemption. You can view our policy here.  

Ace Your Job Interview

Read our advice on how to answer the most common interview questions.