New

UIC Privacy Director

University of Illinois Chicago
United States, Illinois, Chicago
Apr 22, 2025
UIC Privacy Director UIC Privacy Director Hiring Department: Technology Solutions Location: Chicago, IL USA Requisition ID: 1033587 Posting Close Date: May 12, 2025. Salary: The budgeted salary range for the position is $120,000 to $140,000 About the University of Illinois Chicago UIC is among the nation's preeminent urban public research universities, a Carnegie RU/VH research institution, and the largest university in Chicago. UIC serves over 34,000 students, comprising one of the most diverse student bodies in the nation and is designated as a Minority Serving Institution (MSI), an Asian American and Native American Pacific Islander Serving Institution (AANAPSI) and a Hispanic Serving Institution (HSI). Through its 16 colleges, UIC produces nationally and internationally recognized multidisciplinary academic programs in concert with civic, corporate and community partners worldwide, including a full complement of health sciences colleges. By emphasizing cutting-edge and transformational research along with a commitment to the success of all students, UIC embodies the dynamic, vibrant and engaged urban university. Recent "Best Colleges" rankings published by U.S. News & World Report, found UIC climbed up in its rankings among top public schools in the nation and among all national universities. UIC has over 300,000 alumni, and is one of the largest employers in the city of Chicago. Benefits eligible positions include a comprehensive benefits package which offers: Health, Dental, Vision, Life, Disability & AD&D insurance; a defined benefit pension plan; paid leaves such as Vacation, Holiday and Sick; tuition waivers for employees and dependents. Click for a complete list of Employee Benefits. The UIC Privacy Director at the University of Illinois Chicago (UIC) is responsible for developing, implementing, and overseeing the university's comprehensive privacy program. This position ensures compliance with applicable federal and state privacy laws, regulations, and university policies, including but not limited to HIPAA, FERPA, GDPR, PIP, and other emerging global and US privacy legislation. The UIC Privacy Director will serve as the subject matter expert on privacy matters, providing guidance and training to faculty, staff, and students, and fostering a culture of privacy awareness across the institution. This role requires a strategic thinker with strong leadership, communication, and analytical skills, capable of navigating a complex academic and research environment. Duties & Responsibilities Program Development and Implementation: Develop, implement, and maintain a comprehensive university-wide privacy program, including policies, procedures,standards, and guidelines that align with applicable laws and regulations. Develop and implement a privacy by design (PbD) program with responsibility for students and personally identifiable information (PII) and protected health information (PHI) through the full data life cycle. Compliance Oversight: Monitor and ensure institutional compliance with federal and state privacy laws, regulations, and university policies. Conduct regular privacy risk assessments and audits to identify potential vulnerabilities and implement corrective actions. Incident Response: Develop and manage the university's privacy incident response plan. Investigate and respond to privacy breaches and incidents across university, units, hospital, and Healthcare Covered Components (HCCs) ensuring timely and appropriate notification and remediation. Training and Awareness: Develop and deliver comprehensive privacy training and awareness programs for faculty, staff, and students. Promote a culture of privacy and data protection across the university. Consultation and Guidance: Serve as the primary point of contact and subject matter expert for privacy-related inquiries. Provide guidance and advice to university departments and units on privacy implications of new initiatives, technologies, and research projects. Stakeholder Collaboration: Collaborate effectively with various university stakeholders, including legal counsel, information technology services, research administration, human resources, and academic units, to ensure a coordinated and consistent approach to privacy. Vendor Management: Participate in the review and assessment of third-party vendor contracts to ensure appropriate privacy and data protection safeguards are in place. Monitoring and Adaptation: Stay abreast of changes in privacy laws, regulations, and best practices. Adapt the university's privacy program accordingly to maintain compliance and mitigate risks. Reporting: Prepare and present regular reports on the status of the university's privacy program to senior leadership and relevant committees. Investigations and Inquiries: Manage and respond to privacy-related complaints, inquiries from regulatory agencies, and internal investigations. Perform other related duties and participate in special projects as assigned. Minimum Qualifications Bachelor's degree in a relevant field such as law, information security, healthcare administration, public policy, or a related discipline. A Juris Doctor (JD) or other relevant advanced degree is highly preferred. CIPP/US, CIPM or other relevant certification. Minimum of 3 years of progressive experience in privacy program management, compliance, or a related field, preferably within a higher education or healthcare environment. Must include experience drafting and implementing short and long-term program strategy including developing and implementing policies, programs, and procedures to guide university and units' privacy compliance initiatives. Must have ability to identify and assess privacy risks and navigate a decentralized environment and knowledge of the legislative process and the regulatory environment that influence higher education and R01 institutions. Preferred Qualifications 3+ years of experience with privacy risk rating and modeling. Experience conducting privacy risk-based compliance assessments and root cause analysis. Experience working directly with internal or external auditors and with committee structures and forming committees. Prior experience with management systems and business analysis activities. Ability to interpret and explain complex privacy regulations and translate legal and regulatory requirements into clear and effective communications, policies, processes, and practices. Willingness to engage on difficult issues and work with others with transparency and fairness. In-depth knowledge of privacy frameworks and best practices (e.g. GDPR, , FERPA, HIPAA). Proven track record of developing and leading comprehensive privacy programs in complex, global organizations. Excellent communication, collaboration, and leadership skills to work effectively with cross-functional teams. Strong analytical and problem-solving abilities to assess risks, develop mitigation strategies, and implement solutions. Experience in training development and promoting privacy awareness across an organization. Privacy certification (e.g. CIPP/US, CIPP/E, CIPT) preferred. The University of Illinois System is an equal opportunity employer, including but not limited to disability and/or veteran status, and complies with all applicable state and federal employment mandates. Please visit Required Employment Notices and Posters to view our non-discrimination statement and find additional information about required background checks, sexual harassment/misconduct disclosures, and employment eligibility review through E-Verify. The university provides accommodations to applicants and employees. Request an Accommodation To apply, visit https://uic.csod.com/ux/ats/careersite/1/home/requisition/14649?c=uic Copyright 2025 Jobelephant.com Inc. All rights reserved. Posted by the FREE value-added recruitment advertising agency jeid-a11979cedfbcac4baad6ecfcf254aa77