Director, Privacy Initiatives - Office of University Compliance

Company: Emory University
Location: Atlanta
Posted on: March 20, 2023

Job Description:

Discover Your Career at Emory University
Emory University is a leading research university that fosters excellence and attracts world-class talent to innovate today and prepare leaders for the future. We welcome candidates who can contribute to the diversity and excellence of our academic community.
Description
This position is on the Emory University side of the enterprise and will work in partnership with Emory Healthcare. -
Works under the Chief and Deputy Chief Ethics and Compliance Officers to oversee University compliance with federal, state, local, and international laws and regulations regarding privacy and confidentiality of information and data.
JOB DESCRIPTION:

• 
  
• Takes the lead in coordinating, assessing, monitoring, auditing, and reporting on the effectiveness of the University's privacy program.
  
• Identifies and prioritizes information privacy and security risks and develops compliance initiatives in these areas.
  
• Maintains primary oversight of University's program for compliance with HIPAA, FERPA, GDPR and other federal, state, and international laws and University policies regarding information privacy and security.
  
• Oversees GDPR related efforts including policies, procedures, processes for agreements, and training.
  
• Works with campus partners on issues related to FERPA including policies, procedures, and other materials and training.
  
• Works closely with the Emory Healthcare Compliance Office, the University Information Security Officer, and the University Breach Notification Team to coordinate privacy and security compliance efforts, including handling of potential breaches.
  
• Investigates complaints of non-compliance with respect to information privacy and security.
  
• Works with the Institutional Review Board in its capacity as Privacy Board to ensure that policies, processes, and forms for HIPAA compliance are appropriate and up to date.
  
• Assists and facilitates the performance of risk assessments.
  
• As a member of the Office of Ethics and Compliance, also provides support to other non-privacy related ethics and compliance projects as needed.
  
• Performs related responsibilities as required.
  
  MINIMUM QUALIFICATIONS:
  
  • 
    
  • A bachelor's degree and seven years of professional compliance and/or audit experience, including experience in regulations governing information privacy and confidentiality.
    
  • Additional professional certification (e.g., CHRC, CHPP, IAPP, etc.) is highly desirable.
    
  • Experience in a compliance role at an institution of higher education or corporation in a highly regulated industry.
    
  • Experience with HIPAA, FERPA and GDPR.
    
  • Strong analytical and written communication skills.
    
  • Significant experience in policy drafting, performing and evaluating risk assessments, and evaluating internal controls and processes in a complex decentralized environment preferred.
    
  • Juris Doctorate is preferred.
    
    NOTE: This role will be granted the opportunity to work from home regularly but must be able to commute to Emory University on a flexible weekly schedule based upon business needs. Schedule is based on agreed upon guidelines of department of work. Emory reserves the right to change remote work status with notice to employee.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -#LI-EMORY002
    Emory Supports a Diverse and Inclusive Culture
    The COVID-19 vaccine or an approved exemption is currently only required for individuals working in a clinical setting. For more information on the University or Hospital policies, including exemptions, please see our website.
    Emory University is dedicated to providing equal opportunities and equal access to all individuals regardless of race, color, religion, ethnic or national origin, gender, genetic information, age, disability, sexual orientation, gender identity, gender expression, and veteran's status. Emory University does not discriminate in admissions, educational programs, or employment on the basis of any factor stated above or prohibited under applicable law. Students, faculty, and staff are assured of participation in University programs and in the use of facilities without such discrimination. Emory University complies with Executive Order 11246, as amended, Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veteran's Readjustment Assistance Act, and applicable executive orders, federal and state regulations regarding nondiscrimination, equal opportunity and affirmative action. Emory University is committed to achieving a diverse workforce through application of its affirmative action, equal opportunity and nondiscrimination policy in all aspects of employment including recruitment, hiring, promotions, transfers, discipline, terminations, wage and salary administration, benefits, and training. Inquiries regarding this policy should be directed to the Emory University Department of Equity and Inclusion, 201 Dowman Drive, Administration Building, Atlanta, GA 30322.
    Emory University is committed to providing reasonable accommodations to qualified individuals with disabilities upon request. To request this document in an alternate format or to request a reasonable accommodation, please contact the Department of Accessibility Services at 404-727-9877 (V) - 404-712-2049 (TDD). Please note that one week advance notice is preferred.

Keywords: Emory University, Atlanta , Director, Privacy Initiatives - Office of University Compliance, Executive , Atlanta, Georgia