CarePartners is one of Ontario’s largest, most reputable and well-established accredited home health care providers, providing nursing, personal support, home support, palliative, therapy and rehabilitation support services for patients of all ages across urban and rural Ontario. We visit approximately 80,000 patients each year in homes, schools, clinics, workplaces and retirement homes, spread across 14 branches and 21 nursing clinics.

We continuously innovate to meet patient needs with specialized (award-winning) care programs and technology, including virtual care and Artificial Intelligence (AI).

We offer a competitive compensation program, tuition assistance, on-site training and professional development and a comprehensive benefits package. Come see how community health care can fit your lifestyle and career goals!

We are currently looking for someone to join our team in the role of The Director of Enterprise Risk and Compliance which is responsible for leading CarePartners Enterprise Risk, Compliance and Privacy programss.  This position is based out of our Waterloo, ON corporate office, with Hybrid working options available.

Reporting to the Chief Financial Officer. In this role, the Director of Enterprise Risk and Compliance maintains the integrity of CarePartners by ensuring compliance with all external regulatory requirements as well as internal policies and procedures.
The Director of Enterprise Risk and Compliance, in collaboration with relevant organizational portfolios, is responsible for the enterprise-wide policies and procedures related to internal and external risk assessment and management, privacy and data security, emergency and disaster preparedness and recovery, and overall corporate sustainability to support the organization's continued stability, growth, and long-term viability.

• Competitive salary, comprehensive health and dental benefits
• Other employment perks such as Employee Assistance Program, Perkopolis, Rewards Points
• Inspiring leadership and opportunities for professional growth
• Rewarding and meaningful work in healthcare

Risk Management

• Enhance and maintain CarePartners’ enterprise risk management (ERM) framework, using evidence-based best practices, and that are integrated into all levels of operations (patient care to governance).
• Develop and continuously improve organizational risk management competency and capacity, including development of policies and procedures, infrastructure, and risk assessment processes and practices to support the organization’s ability to maintain core business processes.
• Assess and develop organizational responses to emerging risks
• Develop and implement risk notification systems, including critical situations, in collaboration with other organizational portfolios.
• Liaise with department leaders to understand, negotiate, and diffuse potential litigious concerns, and support organizational learning and capacity to mitigate negative effects of future similar scenarios.
• Identify, assess, prioritize, monitor and report to executive team internal and external risks that may impact CarePartners’ enterprise; work with teams across the organization to develop consistent methodical approaches that target identified and prioritized enterprise risks.
• In collaboration with other organizational portfolios, enhance, monitor, test and implement emergency and disaster preparedness plans.
• Manage insurance programs.
• Monitor legislation, regulations, policies, and procedures applicable to CarePartners’ and make recommendations to ensure compliance.

Compliance

• Enhance, lead, implement and manage CarePartners Corporate Compliance Program.
• Chair of the Corporate Compliance Committee.
• Monitor the performance of CarePartners Compliance Program and take appropriate steps to improve its effectiveness and outcomes.
• In collaboration with organizational leaders, develop, continuously improve, and implement corporate policies and operational procedures.
• Prepare, monitor and regularly update compliance plans.
• Lead and support the development of processes, tools and resources to support compliance initiatives that align with corporate goals and objectives.
• Develop and deliver applicable compliance training and associated materials.
• Monitor progress and evaluate the impact of compliance training programs and modify the program, as required.
• Conduct compliance research to identify and analyze compliance requirements.

• Complete compliance assessments to identify vulnerabilities and implement appropriate corrective and follow-up actions.
• Review and assess corporate compliance and associated documentation to ensure enterprise adherence.
• Coordinate the compliance activities of all departments.
• Prepare and deliver compliance reports.
• Establish employee reporting channels to provide employees with a way to report without fear of reprisal.
• Investigate, evaluate, respond and provide guidance on appropriate corrective actions for actual or alleged compliance violations.
• Establish and manage a compliance violation reporting system that supports identification of improvement areas.
• Ensure the proper reporting of violations and potential violations to authorized external agencies.
• Provide interpretation, guidance and advice on corporate compliance requirements, including: legislation, regulation and policy requirements.
• With the Corporate Compliance Committee lead or oversee internal compliance audits.
• Coordinate with external regulatory agencies for audits, where necessary.

Privacy

• Serves as CarePartners designated Privacy Officer and key privacy advisor and subject matter expert for all inquiries pertaining to privacy and data security issues specifically concerning the collection, use and retention of personal information and personal health information
• Oversees CarePartners privacy program to ensure compliance with policies and procedures, contractual obligations, applicable legislation, and best practices
• Supports advancement of a ‘privacy by design’ philosophy throughout the organization and builds privacy acumen amongst staff, including the development and delivery of privacy education
• Monitors legislative updates and revisions pertaining to privacy and information handling practices, incorporating new requirements or standards as appropriate
• Develops, implements, updates, and maintains the organization's privacy program, including policies and procedures, standard practices, educational resources, and other supporting tools and documents, to meet the organization's responsibilities related to privacy and informational handling
• Leads proactive risk mitigation activities, including assessment of new programs/tools/processes, completion of Privacy Impact Assessments (PIA) and Threat Risk Assessments (TRA)
• Promptly investigates and documents all reports of potential privacy breaches/complaints and data security violations
• Directs and supports all privacy breach management/complaint processes, including containment, investigation, documentation, reporting, notification, and remediation activities
• Oversees the ‘Release of Information’ process, including assisting to obtain and prepare records, review content, identifying and escalating corporate risk, as required
• Serves as an advisor to all internal departments, relevant projects, and committees to advance ‘privacy by design’ approach, and alignment with privacy requirements and best practices
• Works closely with Information Technology partners to ensure that security policies, procedures, and practices meet privacy requirements
• Assess and report on vendors/subcontractors prior to engaging services for adherence to privacy requirements.
• Collaborates with external Privacy Officers to discuss events/breaches and ensure appropriate action is taken
• Consults with and seeks advisement from legal counsel as required
• Actively participates in relevant external privacy forums
• Conduct ongoing compliance monitoring activities and regularly scheduled audits of the organization's services, systems and computer networks to ensure compliance to privacy and data security accountabilities, promptly responding to and resolving detected offences with appropriate corrective action.

Records Management

• Oversee CarePartners organizational management of electronic and/or paper-based information
• Provides direction regarding the most appropriate methods for storing, arranging, indexing and classifying records to meet business needs
• Ensures CarePartners records management meets administrative, legal and financial requirements

• Devise and ensure the implementation of retention and disposal schedules
• Standardize information sources throughout the organization;
• Identify the most appropriate records management resources;
• Advise on and implementing new records management policies and classification systems
• Support the records management policy framework and guiding staff in the management of their records and the use of records system

• University degree in a related field
• Membership with the International Association of Privacy Professionals (IAPP). Certified Information Privacy Professional Canada (CIPP/C) required, CIPM an asset
• Professional designation such as Canadian Risk Management (CRM), Chartered Enterprise Risk Analyst (CERA), Certified Compliance and Ethics Professional (CCEP) or equivalent preferred
• Certification in Clinical Risk, Negligence and Claims Management in Health Care considered an asset
• Proficiency in French is considered an asset
• Minimum five (5) years of related work experience at a managerial/leadership level
• Healthcare industry experience is an asset Expert level, up to date knowledge of privacy legislation in Ontario, including PHIPA and FIPPA
• Experience managing regulatory licence/registration applications.
• Knowledge of best practices in emergency preparedness, response, and recovery, as well as hazard, vulnerability, and risk assessments.
• Experience in developing and administering internal controls and processes, proven track record of partnership and collaboration with remote teams
• Strong interpersonal skills and relationship building skill
• Keen attention to detail, ability to prioritize, multitasking skills and organizational skill
• Positive attitude, willing to learn, grow and be an integral member of the team
• Excellent English verbal and written communication skill
• Experience in the healthcare or homecare sector considered an asset
• Clear Background Check

In addition to providing home-based health care, CarePartners also serves the community through clinics, transitional care units, and provides relief in retirement homes and shared care settings. Through our Community Nursing Services outreach program, we’ve been organizing staff-led medical care and clinics in countries with poor access to health care since 2009.

CarePartners welcomes and encourages applicants from people with disabilities, accommodations are available on request for candidates taking part in all aspects of the hiring process.