Duke University Health System Job Description: PRIVACY DIRECTOR (5331)
Job Code: 5331
Job Title: PRIVACY DIRECTOR
Supervisory Responsibility: Yes
General Description of the Job Class
The Privacy Director works with the Chief Compliance & Privacy Officer across DUHS, Duke University Schools of Medicine and Nursing and their affiliates (Duke Health) to develop, operate and monitor an effective privacy program. The Privacy Director will develop and monitor compliance with federal and state privacy regulations, as well as general industry privacy standards related to protected health information and other restricted or sensitive information collected, used, and/or retained. Assumes management responsibilities of a team of Privacy professionals.
Duties and Responsibilities of Privacy Director
The Privacy Director will specifically serve as healthcare privacy subject matter expert for Duke Health and its Affiliated Covered Entity, working closely with clinical and research faculty and staff to create compliance with healthcare and research privacy laws and regulations.
Lead privacy evaluation and collaborate with staff to maintain data uses are in compliance with agreements including business associate agreements and other contractual restrictions, and applicable laws, regulations, and policies.
Collaborate with Procurement, IT Security and business with the review and negotiation of business associate agreements and privacy language as needed, particularly for HIPAA and privacy issues.
Complete audits, risk assessment activities, analysis, and corrective actions.
Continuously learn about new regulatory requirements and industry trends and incorporate within the privacy program.
Manages and oversees privacy-related investigations and complaints and the resolutions in collaboration with other compliance leaders, team members, and counsel, as appropriate.
Assists with the development and implementation of privacy policies and procedures.
Assists with the creation of, and conducts as appropriate, system-wide compliance training and education programs and outreach to continuously build relationships and awareness around importance of privacy.
Prepares and reviews privacy related tracking reports, incidents, and data analytics to identify opportunities for educational opportunities and policies, procedures and process improvement.
Oversee the breach notification process, including any follow-up with affected individuals (e.g., call teams in response to reported breach) and external agencies' investigations, including drafting responses and remediation and implementing corrective action.
Maintains knowledge of rules and regulations (HIPAA, HITECH, state privacy laws and Identity Theft laws) that impact specific ministries and the organization and acts as a subject matter expert to support and provide guidance to workforce members.
Preferred Qualifications at this Level
Work requires organizational, analytical and communication skills acquired through the completion of a bachelor's degree program in Business Administration or Health Administration. A Juris Doctor degree, CPA, Master's degree in Hospital Administration, Business Administration or a related field is preferred.
Privacy Director Specific: Advanced Degree or Juris Doctor degree and privacy certifications including IAPP's CIPP or CIPM, preferred.
Required Qualifications at this Level
Education: Work requires organizational, analytical and communication skills acquired through the completion of a bachelor's degree program.
Work requires a minimum of four years' experience in compliance within the healthcare industry, to include leadership experience in project management and process improvement.
OR AN EQUIVALENT COMBINATION OF RELEVANT EDUCATION AND/OR EXPERIENCE.
Duke is an Affirmative Action/Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or veteran status.
Duke aspires to create a community built on collaboration, innovation, creativity, and belonging. Our collective success depends on the robust exchange of ideas—an exchange that is best when the rich diversity of our perspectives, backgrounds, and experiences flourishes. To achieve this exchange, it is essential that all members of the community feel secure and welcome, that the contributions of all individuals are respected, and that all voices are heard. All members of our community have a responsibility to uphold these values.
Essential Physical Job Functions: Certain jobs at Duke University and Duke University Health System may include essential job functions that require specific physical and/or mental abilities. Additional information and provision for requests for reasonable accommodation will be provided by each hiring department.
As a world-class academic and health care system, Duke Health strives to transform medicine and health locally and globally through innovative scientific research, rapid translation of breakthrough discoveries, educating future clinical and scientific leaders, advocating and practicing evidence-based medicine to improve community health, and leading efforts to eliminate health inequalities.