University of Florida
- Full Time
Apply now (https://secure.dc4.pageuppeople.com/apply/674/gateway/default.aspx?c=apply&lJobID=526406&lJobSourceTypeID=796&sLanguage=en-us) Job no: 526406
Work type: Staff Full-Time
Location: Main Campus (Gainesville, FL)
Categories: Legal/Audit Services/Compliance
Department: 22020000 – GN-UNIVERSITY COMPLIANCE
Compliance Analyst III
Conduct timely investigations and breach analyses of privacy incidents, including the following tasks:
Follow protocols to gather facts by conducting thorough audits and interviews and document investigation reviews;
Analyze facts against the applicable privacy laws and policies;
Assists UF Information Security with privacy matters;
Coordinate with relevant department leaders and human resource liaisons to appropriately and consistently apply corrective measures for similar privacy violations;
Consult with SPD, PD, and Office of General Counsel, as needed;
Complete breach notification activities in a timely manner; and
Maintain accurate records by thoroughly documenting investigations and outcomes in a timely manner and within the designated incident management system.
Under the direction of the SPD and/or PD, support general programmatic activities of the Privacy Program, including:
Provide guidance and assist in the development, implementation, and maintenance of information privacy policies and procedures for UF-designated operations on all University of Florida campuses;
Assist the SPD and/or PD with special privacy-related projects;
Research emerging privacy regulations;
Conduct benchmarking for use in the development of privacy policies;
Participate in the coordination and monitoring of new privacy policies;
Collaborate and cooperate with all members of the Privacy Office team to enhance the group’s effectiveness;
Collaborate with Health Science Center organizations and other University stakeholders, including Information Risk Management, IT Security and Internal Audit, to mitigate risks identified during investigations and audits.
Conduct ongoing compliance monitoring and auditing activities in accordance with the UF Privacy Office’s compliance plan, including:
Plan, conduct, and manage privacy audits in accordance with general accepted auditing standards;
Draft formal reports and submit to SPD and/or PD for review and approval;
Develop audit tools and programs to evaluate and analyze UF privacy activities;
In conjunction with SPD, PD and other members of the Privacy Office, develop and implement an Audit and Monitoring Plan to identify, monitor, and assess privacy compliance risks.
Responsible for providing ongoing education and training on Privacy Policies and Procedures, and state, federal and international privacy laws to employees, faculty, contracted personnel, students and volunteers. This includes, but is not limited to, the following:
In collaboration with colleagues, work to develop effective training materials that comply with HIPAA, Florida State laws, and other applicable privacy law requirements;
Provide ongoing privacy compliance education and training to UF workforce members, contracted personnel, students and volunteers;
Provide accurate privacy compliance advice and guidance;
Interact with physicians, clinical and non-clinical staff, administration, and other UF personnel on a routine basis to keep them apprised of privacy requirements, policy updates and other privacy-related guidance.
Continually improve knowledge of data privacy and regulatory changes/requirements. Attend conferences and educational events on privacy and security to improve expertise in current and evolving privacy and security matters and maintain required certifications.
Perform other duties in support of the Privacy Program, as assigned.
Bachelor’s degree in an appropriate area and three years of experience in appropriate area; or an equivalent combination of education and experience.
Relevant professional certification(s), including CIPP, CHPC, CCEP, CHPS, CCEP, etc.;
Excellent interpersonal skills with demonstrated ability to function in a team setting;
Ability to successfully interact with persons in a variety of professional levels;
Strong verbal and written communication skills;
Demonstrated ability to work in a high-volume, fast-paced environment;
Knowledge and experience working with relevant privacy laws, including HIPAA, FERPA, FTC regulations, and various state and international data privacy laws;
Ability to research and understand complex regulations;
Prior experience in an academic medical environment;
Prior experience producing and delivering adult educational/training presentations;
Moderate (beyond basic) knowledge and skill with MS Office tools (including Excel, Word, and PowerPoint).
Special Instructions to Applicants:
In order to be considered, you must upload your cover letter and resume.
Application must be submitted by 11:55 p.m. (ET) of the posting end date.
Health Assessment Required:No
Advertised: 04 Apr 2023 Eastern Daylight Time
Applications close: 05 May 2023 Eastern Daylight Time