Privacy Director

Privacy Director – Duke University Health System

Join to apply for the Privacy Director role at Duke University Health System

Duke Hospital, Duke Cancer Center Institute (Remote). Must reside in one of the following states:

• Indiana, Michigan, Maine, Ohio, New Hampshire, Arizona, Hawaii, Illinois, Montana, Colorado, Massachusetts, New Jersey, Pennsylvania, California, Florida, Georgia, Maryland, New York, South Carolina, Tennessee, Texas, Virginia, Washington, DC

The Privacy Director works with the Senior Director, Privacy across Duke Health to develop, operate, and monitor an effective privacy program. The role develops and monitors compliance with federal and state privacy regulations, as well as industry privacy standards related to protected health information and other restricted or sensitive information. The Privacy Director manages a team of privacy professionals and reports to the Senior Director.

• Collaborate with Procurement, IT Security, and business units to review and negotiate business associate agreements and privacy language.
• Complete audits, risk assessments, analysis, and corrective actions.
• Continuously learn about new regulatory requirements and industry trends and incorporate them within the privacy program.
• Manage and oversee privacy-related investigations and complaints, resolving them in collaboration with compliance leaders, team members, and counsel.
• Prepare and review privacy-related tracking reports, incidents, and data analytics to identify opportunities for educational initiatives, policies, and process improvements.
• Oversee the breach notification process, including follow-up with affected individuals and external agencies, drafting responses, remediation, and corrective action.
• Maintain knowledge of rules and regulations (HIPAA, HITECH, state privacy laws, and Identity Theft laws) that impact the organization and act as a subject matter expert to support workforce members.

• Education – Bachelor’s degree in Business Administration, Health Administration, or related field. Preferred:
  Juris Doctor, CPA, or Master’s in Hospital Administration, Business Administration. Privacy Director:
  Juris Doctor and privacy certifications (IAPP CIPP or CIPM).
• Experience – Minimum five years of compliance experience in healthcare, including leadership roles. Demonstrated ability to identify and manage risks, develop internal controls, and knowledge of health care compliance laws and standards. Outstanding analytical, written, and verbal communication skills.
• Equivalency – Combination of relevant education and experience may be considered.

Duke is an Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex (including pregnancy and pregnancy‑related conditions), sexual orientation, or military status. Duke aspires to create a community built on collaboration, innovation, creativity, and belonging. All members of the community are expected to uphold these values.

Essential Physical

Job Functions:

Certain jobs at Duke University and Duke University Health System may include essential job functions that require specific physical and/or mental abilities. Additional information and accommodation provisions will be provided by each hiring department.