Director, Privacy Compliance Program

Company: Emory University
Location: Atlanta
Posted on: June 2, 2025

Job Description:

Discover Your Career at Emory UniversityEmory University is a leading research university that fosters excellence and attracts world-class talent to innovate today and prepare leaders for the future. We welcome candidates who can contribute to the diversity and excellence of our academic community.DescriptionThis position oversees and manages Emory University's Privacy Compliance Program. Under the supervision of the Chief Compliance Officer, oversees and manages Emory University's privacy compliance program.KEY RESPONSIBILITIES:

• The program addresses compliance with federal, state, local, and international laws and regulations regarding privacy and confidentiality of information and data.
• Takes the lead in identifying and prioritizing privacy and security risks and develops compliance initiatives to address these issues.KEY DUTIES:
  • Maintains primary oversight of University's program for compliance with HIPAA, FERPA, GDPR, and other federal, state, and international laws and University policies regarding information privacy and security, including retaining and reporting on metrics.
  • Oversees process for receiving, tracking, investigating, resolving, and reporting on privacy incidents involving University privacy matters in coordination with key stakeholders such as the Office of Information Technology and the Office of the General Counsel, and appropriately coordinates with outside counsel when needed.
  • Assesses, monitors, and reports on the effectiveness and compliance of the University's privacy program.
  • Oversees all applicable privacy laws and related policies, procedures, training and other efforts to strengthen the University's compliance efforts.
  • Reviews and manages all privacy related inquiries received by the Office of Ethics and Compliance directly, as well as those from Procurement, Grants and Contracts, the Office of Sponsored Programs, the Emory IRB, the Office of the Registrar, the Office of Technology Transfer, the Office of Information Technology, Emory Data Governance, and other Emory offices, schools, and units, including, but not limited to, issues related to data subject requests, BAAs, DUAs, technology licensing, FERPA, and other privacy related matters.
  • Collaborates closely with the key stakeholders, including offices such as Emory Healthcare Compliance Office, the University Information Security Officer, the Emory IRB and the University Breach Notification Team to coordinate privacy and security compliance efforts, including handling of potential breaches.
  • Serves as member of, or liaison to, institutional committees and working groups, providing consultation on privacy issues, and supporting privacy compliance.
  • Assists with the Office of Ethics and Compliance communications and outreach and other initiatives as needed.
  • Performs other related duties as required.MINIMUM QUALIFICATIONS:
    • A bachelor's degree and five years of professional compliance and/or audit experience, including experience in regulations governing information privacy and confidentiality, OR an equivalent combination of education, training, and experience.PREFERRED QUALIFICATIONS:
      • JD; additional professional certification (e.g., CHRC, CHPP, IAPP, etc.) is highly desirable.
      • Experience in a compliance role at an institution of higher education or corporation in a highly regulated industry.
      • Experience with HIPAA, FERPA and GDPR. Strong analytical and written communication skills.
      • Significant experience in policy drafting, performing, and evaluating risk assessments, and evaluating internal controls and processes in a complex decentralized environment.NOTE: This role will be granted the opportunity to work from home regularly but must be able to commute to Emory University on a flexible weekly schedule based upon business needs. Schedule is based on agreed upon guidelines of department. This role requires residency in the state of GA. Emory reserves the right to change remote work status with notice to employee.Additional DetailsEmory is an equal opportunity employer, and qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by state or federal law. Emory University does not discriminate in admissions, educational programs, or employment, including recruitment, hiring, promotions, transfers, discipline, terminations, wage and salary administration, benefits, and training. Students, faculty, and staff are assured of participation in university programs and in the use of facilities without such discrimination. Emory University complies with Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veteran's Readjustment Assistance Act, and applicable executive orders, federal and state regulations regarding nondiscrimination, equal opportunity, and affirmative action (for protected veterans and individuals with disabilities). Inquiries regarding this policy should be directed to the Emory University Department of Equity and Civil Rights Compliance, 201 Dowman Drive, Administration Building, Atlanta, GA 30322. Telephone: 404-727-9867 (V) - 404-712-2049 (TDD).Emory University is committed to providing reasonable accommodations to qualified individuals with disabilities upon request. To request this document in an alternate format or to request a reasonable accommodation, please contact the Department of Accessibility Services at 404-727-9877 (V) - 404-712-2049 (TDD). Please note that one week's advance notice is preferred.
        #J-18808-Ljbffr

Keywords: Emory University, Marietta , Director, Privacy Compliance Program, Executive , Atlanta, Georgia