DIRECTOR, PRIVACY COMPLIANCE

The University of Southern California (USC) Office of Culture, Ethics and Compliance (OCEC) is seeking an experienced Director, Privacy Compliance to provide the strategic leadership, oversight and vision to build, enhance and sustain a comprehensive, university-wide privacy program, ensuring campus-wide compliance with all applicable privacy laws and regulations. Reporting directly to the Associate Vice President, Institutional Compliance, the Director, Privacy Compliance will develop, coordinate, and oversee data privacy and compliance programs, frameworks, and governance structures for the University, partner with key stakeholders to implement privacy compliance efforts and programs, and design and integrate communications strategies for privacy compliance information and training regarding university privacy policies, data-handling policies and procedures, and legal obligations.Job Accountabilities:Provide the strategic leadership, oversight, and vision to build, enhance and sustain a comprehensive university-wide data privacy program. Develop and implement a continuous, comprehensive review process to assess existing university data privacy policies and procedures and to ensure efficacy, to identify and remediate performance gaps, and to ensure alignment with applicable relevant laws and regulations. Develop and implement short- and long-term planning for the university-wide data privacy program, outlining recommended enhancements and prioritizing steps to continuously improve the university-wide data privacy program, governance structure, and frameworks. Develop and coordinate ongoing privacy compliance-monitoring activities and risk assessments to optimize the security posture of the university.Partner with key stakeholders to implement privacy compliance efforts and programs. Collaborate with information security to ensure operational alignment between security and privacy compliance programs. Partner with stakeholders to identify, document, and mitigate privacy risks arising from key business activities (e.g., clinical, research, records retention, billing and contracting). Lead and participate in privacy related university committees to support privacy-related initiatives, address and evaluate emerging risks, and serve as an expert resource. Review and advise on legal agreements regarding the collection, protection, transfer, and use of regulated and/or sensitive data, offering guidance on methods to minimize privacy compliance risk. In partnership with audit services, review prior privacy related audit results and recommendations and confirm any implemented remedial measures to close out the prior findings are still in place, effective, and sustainable.Manage privacy incidents and breach notifications required by federal and state law, serving as liaison with federal and state oversight agencies. Perform timely investigations in partnership with appropriate university investigative offices ensuring resolution for all privacy-related matters received. Assess metrics and leverage analytics to improve and enhance processes.Design and integrate communications strategies for privacy compliance information and training regarding university privacy policies, data-handling policies and procedures, and legal obligations. Support a mechanism for timely responses to privacy related inquiries. Develop strategic role-specific privacy training course content for target audience(s) and ensure that privacy-related training for USC faculty and staff are inventoried, documented, and supported by a consistent and effective program.Maintain current and operational knowledge of applicable federal and state privacy laws in a research university environment. Promote an environment that fosters inclusive relationships and creates unbiased opportunities for contributions through ideas, words, and actions that uphold principles of the USC’s unifying values and Integrity and Accountability Code.The university reserves the right to add or change duties at any time.Preferred QualificationsMaster's degree or J.D.Ten years of progressively responsible experience addressing privacy issues, or complex issues within a similar field. Experience in higher education and/or healthcare industries. Professional privacy specialist certification (e.g., CIPP, CIPM, CIPT, and/or FIP).In addition, the successful candidate must also demonstrate, through ideas, words and actions, a strong commitment to USC’s Unifying Core Values: integrity, excellence, diversity, equity and inclusion, well-being, open communication and accountability.The annual base salary range for this position is $186,708.56 - $205,000.00. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate’s work experience, education/training, key skills, internal peer equity, federal, state, and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.The University of Southern California is an Equal Opportunity EmployerMinimum Education: Bachelor's degreeMinimum Experience: 7 yearsMinimum Field of Expertise: Knowledge and operational experience with global privacy and data-protection compliance programs. Extensive experience and skill conducting investigations, writing policies and guidance documents supporting various business activities, and interacting with internal and external auditors. Knowledge of relevant federal, state and local regulations and laws, as well as ethical practices and policies (HIPAA, FERPA, PCI, etc.). Demonstrated communication skills and cultural awareness, and a record of leadership and collaborative efforts with diverse groups and stakeholders.USC is a smoke-free environmentUSC is an equal opportunity, affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other characteristic protected by law or USC policy. USC will consider for employment all qualified applicants with criminal records in a manner consistent with applicable laws and regulations, including the Los Angeles County Fair Chance Ordinance for employers and the Fair Chance Initiative for Hiring Ordinance, and with due consideration for patient and student safety. Please refer to the Background Screening Policy Appendix Dfor specific employment screen implications for the position for which you are applying.We provide reasonable accommodations to applicants and employees with disabilities. Applicants with questions about access or requiring a reasonable accommodation for any part of the application or hiring process should contact USC Human Resources by phone at (213) 821-8100, or by email at [email protected]. Inquiries will be treated as confidential to the extent permitted by law.Read USC’s Clery Act Annual Security ReportAffirmative Action and Equal Opportunity PlanPay Transparency Non-DiscriminationUSC is an E-Verify EmployerDigital AccessibilityIf you are a current USC employee, please apply to this  USC job posting in Workday by copying and pasting this link into your browser:https://wd5.myworkday.com/usc/d/inst/1$9925/9925$115317.htmldSummaryLocation: Los Angeles, CA - University Park CampusType: Full time