I'm Jenn Hynes. For fifteen years I've worked inside the systems your information flows through — hospital records, provincial health repositories, the privacy impact assessments behind public-health infrastructure. Privacy Lite brings that rigor to small clinics, practitioners, and businesses — without the full-time privacy officer.
Inside hospitals and government, privacy is a team, a budget, and a stack of assessments. A growing business or clinic has none of that — yet they hold some of the most sensitive information there is, and the same laws apply to them.
That gap is where breaches happen, and it's where I've spent my career on the other side. Privacy Lite exists to close it: the same standards I've applied to provincial health systems, translated into plain language and right-sized tools you can actually use.
Built on PHIPA, FIPPA, PIPEDA, IPC orders, and the standards your college expects.
Complex obligations made clear — without dumbing them down.
Practical tools and reviews scaled to a small practice, not a hospital network.
Sherwoods International Inc. — Part of the early wave of insurance tech transformation, the backend systems that turned manual spreadsheet-based underwriting into instant quotes — learning how structured data and well-mapped processes could transform an industry.
Worked directly with clients and their personal information in a regulated industry. Developed an appreciation for the trust people place in advisors to steward sensitive details responsibly at every stage.
Managed administrative functions for a large pharmaceutical company. Owned EHS data — certifying employees on hazardous materials, maintaining SDS, ensuring regulatory compliance. Saw firsthand how data management was the backbone of a safe, audit-ready workplace.
Move into the public sector: providing legal administration to General Counsel, handling Freedom of Information requests, records lifecycles, and privacy matters before the Information and Privacy Commissioner.
William Osler, Central West CCAC and Headwaters. FIPPA and CASL in the hospital world, privacy impact assessments across EMRs and clinical assessment tools, and breach investigation under PHIPA.
Privacy Analyst, during the implementation of eReferral, OntarioMD.
Privacy Specialist, then Lead Privacy Advisor on a hospital-wide Epic implementation — building audit and compliance, use cases, and remediation as a Health Information Custodian.
Privacy impact assessments behind provincial public-health infrastructure: the Immunization Repository, COVID-19 vaccine systems, and Case & Contact Management — mapping how personal health information is collected, used, disclosed, and protected and raised concerns on Informed Consent.
Led a privacy team and delivered privacy programming to Grand River Hospital in Kitchener Waterloo area
Inventoried and catalogued applications, physical repositories and provided privacy advisory on systems processing personal information across a multinational organization in building materials
Bringing that same enterprise rigor to the clinics, practitioners, and small businesses that can't justify a full-time privacy officer — in plain language.
When I tell a clinic where their data is exposed, it's because I've assessed the systems that data lives in — at the provincial scale.
Self-serve assessments that produce real, usable documents — grounded in the same legislation and enforcement I work with every day.
Answer a short assessment, get a compliance tier, and generate a privacy policy plus a 30/60/90-day roadmap — tailored to your jurisdiction.
A structured PIA with a background severity calculation, cross-referenced to your regulatory college and governing legislation.
A behavioural checklist that finds the gap between what your policy says and what actually happens day to day.
Profession-by-profession retention, destruction, and storage requirements for Ontario and Canada.
Start with a tool, or reach out for a plain-language conversation about your practice. No jargon, no scare tactics — just a clear picture of where you are and what to do next.