Director, Privacy Compliance

The Opportunity :The Director will work with stakeholders to ensure the protection of information entrusted to the university and provide direction, guidance and support to administration, faculty, and staff in all aspects of privacy compliance. In coordination with the university's compliance and risk functions, the Director will conduct privacy risk assessments, develop policy, provide training, create and conduct ongoing privacy compliance monitoring activities, and lead or participate in privacy related university committees to maintain an effective data privacy compliance program. The Director also serves as the university's HIPAA Privacy Officer and HIPAA Security Officer. This role will report directly to the Assistant Vice President for Compliance and Ethics.Responsibilities:Develop and direct a privacy compliance program for the university.Serve as the university's GDPR data protection officer and oversight for FERPA and HIPAA compliance, partnering with the university registrar on FERPA and the associate general counsel on HIPAA.Additionally, serving as the university's HIPAA privacy officer and HIPAA security officer.Collaborate with the chief information security officer to ensure alignment between security and privacy compliance programs, including policies, practices, and investigations.Ensure that appropriate privacy and confidentiality authorization forms, consents, notices of privacy practices, and other materials reflect current university practices and are consistent with legal requirements.Coordinate with university departments and units to ensure proper implementation of all privacy-related audit and investigation recommendations.Conduct privacy risk assessments and ongoing privacy compliance monitoring activities in coordination with the university’s compliance and risk functions.Review and contribute to policies, procedures, and related processes to ensure the integrity of electronic Protected Health Information (ePHI) and help prevent, detect, contain, and correct breaches of ePHI while enforcing the HIPAA Privacy Rule and the HIPAA Security Rule across all university healthcare components.Develop privacy training materials and other communications to train employees on university privacy policies, data handling practices and procedures.Serve on the security incident response team, respond to incidents involving potential or actual exposure or disclosure of restricted data or confidential information, and conduct privacy investigations.In coordination with the office of general counsel, review contract language involving the collection, protection, transfer and/or use of regulated data, and offer guidance on ways to minimize privacy compliance risks.Provide highly specialized expertise to leadership on privacy and information protection; related state, federal, and international regulations and laws (including GDPR and FERPA); and industry standards.Additionally, lead or participate on privacy-related university committees and perform other duties as assigned.Minimum Qualifications :Bachelor's or Master's degree and 8+ years of relevant experience, including 3+ years of leadership experience. Or an equivalent combination of education and experience pursuant to Fla. Stat. 112.219.Preferred Qualifications:Demonstrated expertise in healthcare privacy regulations (HIPAA), educational data privacy laws (FERPA), or Federal, State and/or international privacy laws.Ability to thrive in a collaborative work environment.Possess a recognized privacy or compliance certification (CIPP or CCEP or similar certifications).Additional Application Materials Required:In addition to your application, please attach a cover letter and resume.Special Instructions to the Applicants:This is a reposted position. Previous applicants are still being considered and do not need to reapply.DepartmentUniversity Compliance, Ethics and RiskWork ScheduleMonday - Friday 8am - 5pm; OnsiteType of AppointmentRegularExpected Salary$104,664.00 to NegotiableEqual Employment Opportunity Statement:The University of Central Florida is an Equal Opportunity/Affirmative Action Employer including Disabled/Vets. The UCF affirmative action plans for qualified individuals with disabilities and protected Veterans are available for inspection in the Office of Institutional Equity, Monday through Friday, from 9:00 a.m. to 5:00 p.m., upon request.As a Florida public university, UCF makes all application materials and selection procedures available to the public upon request.The University of Central Florida is proud to be a smoke-free campus and an E-Verify employer.#J-18808-Ljbffr