Company: TransForm Shared Service Organization

Location: On-site in Windsor, ON with opportunity for one day per week work from home.

Posting Period: March 6, 2025 to March 27, 2025 closed at 4:00pm.

Employment Type: Permanent, Full-Time

Benefits: Pension, Health & Dental, Paid Sick, Life & Disability Insurance, Vacation and more. Visit our website for more details

Scope: Internal & External

Conditions: Current business reference checks, judicial matters police clearance, and immunization medical clearance

POSITION SUMMARY:

Under the direction of the CEO, the VP Chief Information, Officer is responsible for providing strategic direction for TransForm’s enterprise architecture, enterprise data, information management, information technology privacy, security and compliance; supports the development and implementation of sound Information Systems policies and governance. This role also oversees clinical systems and integration, and development related to the Oracle Health/clinical applications environment. The VP Chief Information Officer participates in the overall business strategy development and planning; oversees major technological initiatives by managing technology standards and systems, ensures Privacy compliance; provides client services that support the organization’s mission and business goals.

The VP Chief Information Officer directs staff in identifying, developing, implementing and maintaining processes across the organization to reduce information, privacy and IT risks, responds to incidents, by establishing appropriate standards and controls.

• Operating Budget development and oversight ($6m annually) via Chief’s of IT and AID (applications, integration and development)
• Capital Budget development and oversight ($2.5-$4m annually) via Chiefs of IT and AID
• Stakeholder engagement (members, vendors and regional partners)
• Development and execution of TransForm’s Digital Strategic and Operating plans
• Primary accountability related to IT: Cyber Security, disaster recovery/business continuity manager, identity and access management, privacy compliance, information regulatory compliance, risk management, information security and information assurance, the Regional Data Centre (RDC) and information technology controls for financial and other systems
• Oversee the alignment of clinical systems and application development with goals and objectives that support our mission and vision, in additional to our members and customers
• Digital/Enterprise Architecture
• Data Governance
• Application and Integration lifecycle management

WHAT YOU’LL DO:

• Knowledge or familiarity with security audits of systems and/or audits of processes to verify compliance with security standards and/or regulations
• Knowledge of one or more Industry/government regulations
  • PHIPPA – for the patient information processed as the consent call center for IAR
  • FIPPA – FOI requests from the public
  • Canadian anti-SPAM legislation
  • PCI compliance regarding processing or storing of credit card information
  • PEPIDA – Federal level of Privacy protection
  • PHIPPA as it relates to Data Sharing Agreements and MOUs that include contractual obligations. Under PHIPPA TransForm acts as a HINP (Health Information Network Provider) and agent of the hospitals (classified as HICs)
  • ePHIPPA
  • Connecting Security from eHealth Ontario legal framework for participating in eHealth Electronic Health Records
• Knowledge of Ontario’s eHealth Blueprint
• Knowledge of Security Standards (e.g. ISO 2700x series, NIST Publications, COBIT, etc.) and associated framework of controls
• Working knowledge of one or more of the following: Microsoft Excel, Microsoft Access, ACL, IDEA
• Experience in conducting threat risk assessments (TRA), business impact assessments (BIA), and/or privacy impact assessments (PIA), and make recommendations to mitigate risks and/or ensure compliance
• Ability to conduct third party risk assessments, and make recommendations to mitigate risks, and/or ensure compliance
• Ability to develop strategies and architectures to address information security risks/threats
• Ability to collect and analyze data from systems to determine compliance and risk levels, as well as determine trends in systems and processes
• Experience in managing projects - developing project charters, communication plans, project governance, budget plans, and managing a team of technical resources
• Knowledge of collecting, processing and reporting of security metrics
• System design and architecture
• Experience in developing processes around many of the following areas:
  • Patch management
  • Vulnerability management
  • Network security
  • Data encryption
  • Internet security
  • System hardening
  • Access Control
  • Security administration including aspects of segregation of duties and least privilege
  • Security incident management
  • Business Continuity Management (BCM) / Disaster Recovery (DR)Securing Application Development
  • Securing Local and Wide Area TCP/IP Networking
  • Securing Windows Server 2012/200x, Linux and UNIX based environments
  • Service Desk management
• Knowledge of information system architecture and security controls including configurations of perimeter devices, operating systems, wireless LAN technologies, databases, specialized appliances, and information security policies, standards and procedures
• Knowledge of common application architecture, e.g. Client Server architecture, n-Tier architecture, Web Application architecture
• Knowledge of vulnerability testing of infrastructure and applications using automated and manual tools, and providing recommendations to remediate them in a risk based prioritization
• Knowledge of deployment and/or management of logging and monitoring tools, and developing documented procedures for operating such tools, and managing security incidents
• Proven track record of creating and maintaining a culture of service excellence for internal and external stakeholders
• Strong leadership ability as it relates to change management and adoption

• Serves in a leadership role for privacy compliance and acts as a liaison, ensuring all privacy concerns, requirements, and responsibilities are addressed.

• Builds a strategic and comprehensive ongoing privacy program that consistently utilizes effective privacy practices minimizing risk and ensuring confidentiality, across all paper or electronic media.
• Works cooperatively with other Organizational Units in overseeing patient rights to inspect, amend, and restrict access to protected health information when appropriate.
• Performs or oversees initial and periodic information privacy risk assessment/analysis, mitigation and remediation.
• Oversees, development and delivery of initial, ongoing privacy training, and ongoing compliance monitoring to the workforce and business associates.
• Manages all required breach determination and notification processes under HIPAA and applicable Ontario breach rules and requirements.
• Establishes and administers a process for investigating and acting on privacy and security complaints.

MUST- HAVES:

• Master/bachelor’s degree in relevant disciplines (e.g. MIS, CIS, Security Management, Business Management, Information Science)
• One or more recognized certifications in the following areas:
  • Information Technology Service Management
  • Information Management
  • Project Management
  • Technical Architecture
  • Security (i.e. Information Management, Business, Cyber)
  • Information System Auditing

• Privacy Certification or Security Certification is considered an asset
• Minimum 10 years’ experience in a senior Information Systems management role, (including Information Systems consulting or auditing), with at least 5 years in a senior management position, preferably within a large healthcare organization.
• Experience in risk assessment.  Use of comprehensive approaches to the analysis of business risk which includes financial, human, and technological elements
• Excellent communicator (written, verbal, presentations, etc.)
• Strong analytical ability
• Self-starter
• Proven leadership skills: ability to persuade and motivate others
• Successful negotiator
• Skilled decision maker
• Effective manager of change and stress
• A high level of integrity and trust
• Experience in information management and technology strategy, policy and standards development including security and privacy
• Thorough knowledge and proven expertise in security planning for computer and related technology, including experience in applying recognized control frameworks such as CobiT, ISO17799, ITIL, etc. as it relates to all major operating system platforms, application development environments and subsystems in use within the Corporations: MVS, MS Windows, Solaris, HP-UX, AIX, OS400, Checkpoint Firewall, Directory Services (AD/Tivoli), IDS/IPS, anti-virus, VPN, encryption, PKI, secure email, mobile computing, secure e-business systems, etc.
• Experience developing business cases
• Knowledge of relevant regulatory and legislated matters pertaining to information security (e.g. privacy, health care)
• Knowledge of the markets, customers, competitors, and IS business functions of the within a healthcare environment.

OTHER CONDITIONS:

• Minimal exposure to disagreeable conditions typical of an office position: exposed to stress and pressure associated with multiple priorities and deadlines
• Must be able to travel within the Southwestern Ontario area, when required
• Must be able to work evenings and weekends, when required

ABOUT US:

TransForm Shared Service Organization, a non-profit, unique, innovative, results-driven organization founded by hospitals in the Erie St. Clair region. Our services include: clinical and business system application support, integration and development, information system infrastructure, information privacy, security, IT break fix, project management as well as other back office support services. As a strategic solutions centre committed to exceptional service delivery, TransForm leads, innovates and supports health system transformation. If you are service oriented, dedicated to exceeding performance expectations and interested in reaching your full potential, TransForm is for you!  We welcome and appreciate your interest in our organization. Want to know more about TransForm?  Visit our website

HOW TO APPLY:

• Please email a copy of your cover letter and resume to HR@transformsso.ca.
• Reference the job and where you found the job posting in the subject line of the email.

TransForm is committed to employment equity and welcomes diversity in the workplace. TransForm encourages applications from all qualified individuals including women, members of racialized communities, indigenous persons, immigrants & refugees, persons with disabilities, and persons of any sexual orientation, gender identity or gender expression. Upon request, accommodation for disabilities will be provided to support participation in all aspects of the recruitment process.

By applying to this position, you are confirming you possess a Canadian citizenship or a permanent resident status or work permit.

We thank all applicants for their interest.  Only those selected for an interview will be contacted.

TransForm is currently not accepting applications or solicitation from recruitment agencies.  Thank you for your cooperation.

STAY CONNECTED TO US:

Follow us on LinkedIn, Facebook, Indeed and X for the latest job postings and news!