Privacy Week – Day in the Life: TransForm Privacy Analyst Kim Cheswick 

As we celebrate Privacy Week across Canada, this year the theme is Putting Privacy First which highlights the impact technology is having on privacy rights and the importance of valuing and protecting personal privacy. 

At TransForm, one of the key people tasked with implementing privacy policies, keeping up with government regulations and guidelines and fostering awareness of our privacy rights and obligations is Kim Cheswick, Privacy Analyst. 

In her busy position, Kim keeps TransForm, our hospitals and community partners up to date on privacy compliance, responds to incidents, conducts privacy assessments, collaborates closely with the security team and applications team, and works externally on regional and provincial initiatives involving TransForm and the health care system. 

These tasks include: 

Erie St. Clair Region – 5 Member Hospitals 

• Privacy Audit and Monitoring Support: Supporting hospital auditors using P2 Sentinel by providing additional training, conducting monthly meetings, troubleshooting privacy-related issues, and handling service tickets.  

• Privacy Incident Response and Breach Management: In the event of a privacy breach, ensuring proper documentation, mitigation, and compliance with Information and Privacy Commissioner (IPC) requirements.  

• Privacy Assessments for Ontario Health Teams (OHTs): Conducting non-punitive privacy assessments for Ontario Health Teams (OHTs), providing health scores and executive summaries to identify compliance gaps and support improvements in privacy frameworks.  

• Regional Privacy and Security Meetings: Attending regional privacy and security meetings as part of the team, ongoing compliance, addressing any concerns or issues related to privacy. 

Outside Our Region 

• Privacy Integrated Assessment Record (IAR) Management: Managing service requests related to the Integrated Assessment Record (IAR) process, ensuring proper verification of requestors and consent suppression to protect patient data and restrict unauthorized access. 

• Ontario eHub Oracle Collaborative Working Group: Participating in the Ontario eHub Oracle Collaborative Working Group to develop and implement a comprehensive privacy plan that ensures compliance with PHIPA and enhances transparency in handling PHI. 

• Privacy Vendor Risk Assessments: Conducting privacy risk assessments for new software and updates, ensuring compliance with privacy laws. This includes working with vendors outside Ontario, as far as Singapore. 

• Privacy eLearning – Training and Awareness: Oversee the development and delivery of privacy training, ensuring staff are informed about evolving privacy laws and best practices through eLearning, training sessions, and awareness campaigns. 

In a demanding and important job, Kim is dedicated to creating awareness and education for stakeholders and protecting patient and employee data, and the bonus is – she loves what she does. 

“I love that my role allows me to support the hospitals and teams that are essential to the health system. Protecting personal health information is a responsibility I take seriously, but the best part is knowing that I am helping them when they need it most,” Kim noted. “We all have the same goal to create a safer, more transparent environment for both patients and staff. Every day is an opportunity to make a difference.” 

While being busy is something Kim thrives on, she also understands the importance of down time to ensure she can keep up with the demands of her job, while staying healthy and happy. 

“I enjoy spending time with my family, especially on weekends filled with hockey tournaments. It’s a great social outlet, and it helps me feel connected and refreshed for the week ahead. I also love traveling with family and friends, creating memories that last a lifetime,” Kim explained. 

At the end of day, trust is an important factor for both our stakeholders and the public they serve, and the Privacy and Security team are learning more every day in a constantly evolving industry that is impacted by new and advancing technologies. With the increase of bad actors attempting to exploit new technologies to gain access to data, jobs such as Kim’s are increasingly important to protect patient and employee privacy and data. 

As Kim said, every day is an opportunity to make a difference by staying vigilant, being aware of security risks such as phishing attempts and understanding all of our roles as custodians of sensitive information. Safeguarding the trust given to us by our partners is vitally important for each of us, and we appreciate our Privacy and Security team for all they do to help us maintain that trust.