Director, Privacy Program Services

Job Summary

The Office of Privacy Program Services' mission at Drexel University is to support the education, research, and health mission of the University providing operational guidance and support to the University community in compliance with applicable privacy laws, regulations, and standards in concert with the University policies and standards.

The Director, Privacy Program Services, in collaboration with the Executive Director of Privacy Program Services, is responsible for the development, implementation and oversight of the University privacy program including the Health care covered entity and research. This includes the creation, implementation, maintenance, and oversight of policies, procedures, standards, and controls to ensure compliance with applicable privacy laws, standards, and regulations including but not limited to HIPAA, FERPA, State Privacy Laws and relevant International requirements.

The Director is a collaborative and strategic partner and works closely with the Office of General Counsel, Risk Management, Information Security and Senior Leadership and, also serves as a privacy subject matter expert to university business units including but not limited to those engaged in healthcare and research.

Essential Functions

• Privacy Program Leadership: Develop, implement, manage, and monitor components of a comprehensive university-wide data privacy program, in collaboration with the Executive Director of Privacy Program Services, to ensure the protection and responsible handling of sensitive and confidential information used in research (including, IRB) and institutional operations. Serve as a subject matter expert.
• Privacy Incident Management: Lead and coordinate the investigation, analysis, and corrective action and response to reported privacy incidents. Coordinate when appropriate with Legal Counsel, Information Security, and Risk Management to ensure appropriate reporting, remediation, and compliance with policies, procedures applicable regulations. Use of Navex/EthicsPoint System.
• Program Governance/Policies and Procedures: Develop, implement, and maintain a comprehensive privacy program aligned to organizational strategy, risk appetite, and regulatory obligations. Provide oversight, training, education and proactive assistance.
• Strategic Governance/Risk Management: Support the identification, assessment and mitigation of privacy risks across the University's research, healthcare, and operational environments in partnership with the Office of General Counsel, Risk Management, Information Security, and other relevant areas. This work may also include evaluating privacy implications associated with emerging technologies such as AI.
• Contractual Oversight/Input: Review, provide feedback, negotiate, and approve privacy provisions during the University contract process.
• Regulatory Landscape: Monitor developments in the privacy regulatory landscape at the federal, state, and international levels, identify opportunities for improvement and provide guidance on maintaining institutional compliance and readiness.
• Policy Development and Continual Process Improvement: Identify opportunities to enhance Privacy Program policies and procedures as well as actively review current policies and procedures, develop new policies and procedures, as needed, in concert with new legal Privacy requirements, standards, and policies required by Federal, State, or applicable International Law.
• Management: Manage and oversight of direct report(s) including temporary staff.
• Presentations & Reporting: Assist in the preparation of executive level reports for presentation including PowerPoint decks.

Required Qualifications

• Minimum of a Bachelor's Degree in a related field or the equivalent combination of education and work experience. (Please review the Equivalency Chart for additional information.)
• Minimum of 7+ years of experience in privacy (including HIPAA), investigations, compliance or related roles.
• Advanced knowledge of privacy laws, regulations and best practices.
• Proven ability to manage complex initiatives and projects
• Excellent communication, collaboration, leadership and interpersonal skills

Preferred Qualifications

• University experience a plus.

Location

• Remote

Additional Information
This position is classified as Exempt, grade N. Compensation for this grade ranges from $ 90,430.00 to $ 135,640.00 per year. Please note that the offered rate for this position typically aligns with the minimum to midrange of this grade, but it can vary based on the successful candidate's qualifications and experience, department budget, and an internal equity review.

Applicants are encouraged to explore the Professional Staff salary structure and Compensation Guidelines & Policies for more details on Drexel's compensation framework. For information about benefits, please review Drexel's Benefits Brochure.

Special Instructions to the Applicant
Please make sure you upload your CV/resume and cover letter when submitting your application.

A review of applicants will begin once a suitable candidate pool is identified.

#LI-Remote