Director, Privacy Compliance

The University of Southern California (USC) Office of Culture Ethics and Compliance (OCEC) is seeking an experienced Director Privacy Compliance to provide the strategic leadership oversight and vision to build enhance and sustain a comprehensive university-wide privacy program ensuring campus-wide compliance with all applicable privacy laws and regulations. Reporting directly to the Associate Vice President Institutional Compliance the Director Privacy Compliance will develop coordinate and oversee data privacy and compliance programs frameworks and governance structures for the University partner with key stakeholders to implement privacy compliance efforts and programs and design and integrate communications strategies for privacy compliance information and training regarding university privacy policies data-handling policies and procedures and legal obligations.

Job Accountabilities:

• Provide the strategic leadership oversight and vision to build enhance and sustain a comprehensive university-wide data privacy program. Develop and implement a continuous comprehensive review process to assess existing university data privacy policies and procedures and to ensure efficacy to identify and remediate performance gaps and to ensure alignment with applicable relevant laws and regulations. Develop and implement short- and long-term planning for the university-wide data privacy program outlining recommended enhancements and prioritizing steps to continuously improve the university-wide data privacy program governance structure and frameworks. Develop and coordinate ongoing privacy compliance-monitoring activities and risk assessments to optimize the security posture of the university.

• Partner with key stakeholders to implement privacy compliance efforts and programs. Collaborate with information security to ensure operational alignment between security and privacy compliance programs. Partner with stakeholders to identify document and mitigate privacy risks arising from key business activities (e.g. clinical research records retention billing and contracting). Lead and participate in privacy related university committees to support privacy-related initiatives address and evaluate emerging risks and serve as an expert resource. Review and advise on legal agreements regarding the collection protection transfer and use of regulated and/or sensitive data offering guidance on methods to minimize privacy compliance risk. In partnership with audit services review prior privacy related audit results and recommendations and confirm any implemented remedial measures to close out the prior findings are still in place effective and sustainable.

• Manage privacy incidents and breach notifications required by federal and state law serving as liaison with federal and state oversight agencies. Perform timely investigations in partnership with appropriate university investigative offices ensuring resolution for all privacy-related matters received. Assess metrics and leverage analytics to improve and enhance processes.

• Design and integrate communications strategies for privacy compliance information and training regarding university privacy policies data-handling policies and procedures and legal obligations. Support a mechanism for timely responses to privacy related inquiries. Develop strategic role-specific privacy training course content for target audience(s) and ensure that privacy-related training for USC faculty and staff are inventoried documented and supported by a consistent and effective program.

• Maintain current and operational knowledge of applicable federal and state privacy laws in a research university environment. Promote an environment that fosters inclusive relationships and creates unbiased opportunities for contributions through ideas words and actions that uphold principles of the USCs unifying values and Integrity and Accountability Code.

The university reserves the right to add or change duties at any time.

Preferred Qualifications

• Masters degree or J.D.

• Ten years of progressively responsible experience addressing privacy issues or complex issues within a similar field.

• Experience in higher education and/or healthcare industries.

• Professional privacy specialist certification (e.g. CIPP CIPM CIPT and/or FIP).

In addition the successful candidate must also demonstrate through ideas words and actions a strong commitment to USCs Unifying Values.

The annual base salary range for this position is $186708.56 - $205000.00. When determining an offer the University of Southern California considers factors such as the scope and responsibilities of the role the candidates experience education training key skills internal peer alignment applicable laws contractual requirements grant funding and market conditions.

Minimum Education: Bachelors degree
Minimum Experience: 7 years
Minimum Field of Expertise: Knowledge and operational experience with global privacy and data-protection compliance programs. Extensive experience and skill conducting investigations writing policies and guidance documents supporting various business activities and interacting with internal and external auditors. Knowledge of relevant federal state and local regulations and laws as well as ethical practices and policies (HIPAA FERPA PCI etc.). Demonstrated communication skills and cultural awareness and a record of leadership and collaborative efforts with diverse groups and stakeholders.

USC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin protected veteran status disability or any other characteristic protected by law or USC policy. USC observes affirmative action obligations consistent with state and federal law. USC will consider for employment all qualified applicants with criminal records in a manner consistent with applicable laws and regulations including the Los Angeles County Fair Chance Ordinance for employers and the Fair Chance Initiative for Hiring Ordinance and with due consideration for patient and student safety. Please refer to theBackground Screening Policy Appendix Dfor specific employment screen implications for the position for which you are applying.

We provide reasonable accommodations to applicants and employees with disabilities. Applicants with questions about access or requiring a reasonable accommodation for any part of the application or hiring process should contact USC Human Resources by phone at or by email at. Inquiries will be treated as confidential to the extent permitted by law.

• Notice of Non-discrimination
• Employment Equity
• Read USCs Clery Act Annual Security Report
• USC is a smoke-free environment
• Digital Accessibility

If you are a current USC employee please apply to thisUSC job posting in Workday by copying and pasting this link into your browser:

Experience:

Director