Senior Manager Data & Model Ethics AI - Legal and Compliance
Thomson Reuters - Other Locations
Total years of experience :7 years, 0 Months
Reporting to the Director of Data & Model Ethics, I am responsible for developing and driving the strategy and planning involved in the successful adoption of standards and regulations related to the ethical use of data and AI by:
- Acting as the key contact and liaison with legal counsel, I develop the strategy for the enterprise wide understanding and adoption of regulatory requirements for ethical data use and AI - building and owning success metrics;
- Monitoring and reporting on the latest developments in legislative and regulatory instruments as it pertains to key ethics principles - translating into technical policies and requirements;
- Working closely with external industry leaders, customers, and stakeholder groups to understand latest regulatory and social trends, sentiments, and challenges;
-Working closely with Data and Model stewardship network, Ethics Leads, and stakeholders as a specialist consultant on data and AI projects across the organization - advising on upcoming legal and regulatory trends, as well as compliance best practices;
- Ensuring that data and AI ethics policies and guiding standards are inclusive of the requirements necessary to meet the growing demands of data and AI related regulation and best practices - drafting new policies where necessary;
- Providing thought leadership, executive summaries, and insights on data and AI ethics and governance matters to colleagues across the organization - contribute to educational resources;
- Participating in data and AI governance policy and standard creation, management, and analyzing potential impacts of policy choices under consideration;
- Using and understanding governance activities including oversight mechanisms, documentation, development processes - and expert on standardization bodies requirements and best practices, such as the ISO, IEEE, W3C, EU document, and OECD;
- Working closely with data management, ModelOps and traditional software development life cycles
Supported by the Director of Privacy & Innovation, I materially influenced the ongoing development of TELUS' business by:
- Ensuring that business initiatives meet rigorous privacy, ethical and security standards;
- Developing new internal and external guidance frameworks for de-identification and synthetic data;
- Conducting privacy impact assessments, data risk assessments and strategic planning as part of the privacy management for businesses; - Conducting Privacy Due Diligence reports for Mergers and Acquisitions of TELUS international; Ensuring compliance with all provincial and federal Canadian privacy laws; as well as international laws such as the CCPA, GDPR and HIPAA;
- Supporting business units in deploying technology responsibly and ethically by providing counsel to execute data handling frameworks;
- Educating and advising on new or existing data, privacy or ethicaluses and provide strategies to address data governance and privacy;
- Primary support for all of TELUS Quebec initiatives, advising and in English and French, as well as for compliance with Quebec civil law;
- Escalating privacy risks promptly and ensure mitigation techniques are implemented; and
- Learning continuously.
In my hybrid position at the TELUS Data and Trust office, I was the Privacy Officer of the TELUS Health Virtual Pharmacy for all of Canada, I:
- Implemented and deployed an entire privacy management program (including training, privacy policies, disaster recovery responses, privacy risk assessments, etc). to ensure provincial healthlegislation compliance, regulatory and legal compliance with all operations in Canada;
- Managed and mitigated breach incidents;
- Was the officer responsible for all pharmacy management systems (PMS) owned by TELUS in Canada;
- Worked closely with all stakeholders, provincial and federal privacy commissioners and regulatory boards for pharmacies in Canada.
Reporting to the Manager of Information Management and Privacy, I provided support and advice on privacy requirements including:
- Conducting full Privacy impact Assessments (PIAs) and organizational reviews;
- Providing subject matter expertise and advice on potential privacy implications of CATSA's Activities through Privacy by Design and GAPP frameworks for new technologies;
- Supporting the Manager in the development of PIPEDA and Privacy Act compliant policy practices, processes and policy documents, including notice and consent requirements;
- Facilitating privacy training for management and staff to increase awareness and importance of privacy requirements within the organization;
- Conducting research, analysis and recommendations for privacy best practices, legislation and regulations.
Supporting the Chief Privacy Officer of Statistics Canada, I:
- Advised divisions on legal requirements under the Statistics Act and Privacy Act, standards for de-identification and anonymization procedures with internal and external stakeholders.
- Advised on Information Security, Classification of Datasets, Cloud Technologies and Privacy security best practices for new technologies.
- Interpreted laws, regulations, policies and orders to determine the organization's access and privacy rights.
- Prepared Privacy Impact Assessments (PIAs); Ensured legal compliance with recommendations on preventative measures to comply with privacy laws.
- Identified developed, recommended and/or implemented business processes that maintain or improve organizational privacy compliance, while meeting functional requirements and maintaining business continuity.
- Member of the security information coordination division.
- Updated and amend internal policies and directives to align with current modernization agenda.
- Supported Access to Information Requests (ATIP), breach notifications, and internal active monitoring projects.
- Conducted research on national and international privacy standards including European Union's GDPR.
Canada Research Chair, Faculty of Law, University of Ottawa.
- Provided research support to Canadian Research Chair Katherine Lippel that included case-law compilation, analysis and review;
- Legal analysis and research of academic literature.
- Labour law and occupational health and safety, including: occupational diseases, compensation for first-responders and nurses, presumptive legislation, stress at work and traumatic/acute mental stress disorders.
- Reviewed primarily Quebec and Ontario legislation: Workers Safety and Insurance Act, Loi sur la santé et sécurité du travail (LSST), Loi sur les accidents du travail et maladies professionnelles (LATMP).
- Worked with case law from the WSIB, WSIAT (Ontario) and CNESST (Quebec).
- Wrote legal reports analyzing the current state of legislation and recommendations for future changes.
Faculty of Law, Health and Tech Law Section
- Prepared a white paper for the Ministry of Ontario eHealth.
- Reviewed legal implications of implementing MyChart, a patient portal, in Ontario for Southern Ontario hospitals - Sunnybrook Health Sciences.
- Outlined potential approaches for governmental, regional, and/or institutional policy and regulatory frameworks to manage consent and liability issues posed by patient portals.
- Ensured legal compliance with Canadian privacy laws: Ontario’s Personal Health Information Protection Act (PHIPA), Freedom of Information and Protection of Privacy Act (FIPPA) and federal’s Personal Information Protection and Electronic Documents Act (PIPEDA).
Privacy and Anonymization Laws
- Created a spreadsheet of legal requirements for all provinces and Canadian legislation for anonymization/deidentification of health data (consent requirements, third-party sharing, etc.)
- Researched international legal requirements for Ireland, Australia, UK, New Zealand, South Korea, and United States.
Legal Researcher and Compliance for Innovative Medicine and the eHealth Laboratory
Supervised by Dr. Khaled, El Emam:
- Researched and studied international standards for de-identification (anonymization) of personal health information.
- Wrote comparative reports on varying guidelines internationally (re-identification sanctions, consent requirements,
techniques for anonymization/de-identification, minimum standards, etc.)
Supervised 4 researchers from the Faculty of Music (piano) during the collection of questionnaires at the Orkidstra music
program. Ensured collaboration with the ‘El Sistema’ stakeholder and effective communication.
URL removed due to policy violation. Please contact support for further information.