Apply on Employer Site

UTHealth Houston · 1 day ago

Deputy Privacy Officer in Information Technology

Houston, TX

Full-time

Onsite

Senior Level

6+ years exp

UTHealth Houston is a leading institution in healthcare education and patient care, seeking a Deputy Privacy Officer to support its enterprise-wide privacy program. The role involves coordinating privacy compliance, risk assessment, policy development, training, and incident response to ensure adherence to privacy laws and regulations.

EducationHealth CareProfessional Services

No H1B

Responsibilities

Provides guidance and support to stakeholders on privacy laws, policies, and processes for UTHealth Houston's enterprise-wide privacy program

Regularly reviews data processing activities to identify potential privacy risks, ensuring compliance with data protection laws and internal privacy policies

Coordinates, develops and implements the University's privacy and data confidentiality compliance policies, standards and activities in collaboration with applicable offices and/or satellite campuses

Works with the Chief Privacy Officer to plan, develop, and implement privacy training programs, notifications and communications

Creates outreach programs that focus on campus-wide compliance and best practices with privacy and data confidentiality requirements

Works closely with different departments within UTHealth Houston and external partners to integrate privacy considerations into business operations

Assists in investigating and responding to potential data breaches or privacy incidents, including reporting to relevant authorities when necessary

Collaborates with information security and compliance teams to evaluate whether security incidents potentially involve personal or sensitive data

Monitors systems and processes for receipt of privacy and data confidentiality inquiries, concerns, and potential breaches of protected privacy data and information

Conducts timely investigations and breach analyses of incidents

Assists in the cooperation with outside agencies, Office of Civil Rights, other legal entities, and organization officers in any compliance reviews or investigations

Responsible for drafting and coordinating any data breach notifications

Maintains current knowledge of applicable federal and state privacy laws and accreditation standards

Coordinates on matters relating to data protection and/or classification

Conducts data privacy risk assessments to identify potential vulnerabilities and develop mitigation strategies

Manages data subject access requests, data correction requests, and data deletion requests in accordance with applicable regulations

Works with procurement, sponsored projects, and legal affairs in reviewing contracts with third-parties to ensure they comply with data privacy requirements

Manages Human Resources activities of department in regards to: recruiting and selection, hiring and termination, training, professional development, mentoring, counseling, performance evaluations, and salary planning

Performs other duties as assigned

Qualification

Privacy laws knowledgeData confidentiality complianceProject managementRisk assessmentPolicy developmentIncident responseCommunication skillsMicrosoft Office proficiencyLegal knowledgeHigher education experienceHealthcare experienceLicensed Attorney (SBOT)Collaboration skillsOrganizational skillsPresentation skills

Required

Bachelor's Degree in a related field required

At least 6 years of experience with privacy and data confidentiality compliance, or equivalent experience required

Understanding compliance and policies in the context of institutions of higher education or healthcare, and how that relates to privacy and data confidentiality regulation requirements

Demonstrated knowledge of privacy laws and regulations

Excellent oral and written communication skills and experience with preparing and performing informational presentations, including the ability to respond to questions from faculty, staff, students, patients, and the general public in both small and large group settings

Excellent organizational and project management skills and ability to perform all duties with accuracy, timeliness, and trust, in a professional, competent, and courteous manner, exercising independent judgment and sound decision-making skills

Ability to collaborate with multiple entities to plan and accomplish objectives, and coordinate multiple, large, and complex projects from conception to completion

Demonstrated experience with Microsoft Office suite, databases, and presentation software

Innovative, forward-thinking, and results-oriented with a passion to solve complex problems in a creative and pragmatic way and to translate laws and regulations into actionable policies and procedures that enable business objectives

Strong collaboration skills across all levels of the organization

Knowledge of privacy and data confidentiality regulations pertinent to higher education, including, but not limited to: FERPA, HIPAA, GDPR, state medical records privacy laws, and other privacy and data confidentiality-related laws and standards

Exerts up to 10 pounds of force occasionally and/or a negligible amount frequently to move objects

This position is a security-sensitive position pursuant to Texas Education Code 51.215 and Texas Government Code 411.094

Employees must permanently reside and work in the State of Texas

Preferred

Graduate of an education program approved by the credentialing body for the required credential(s)

Law or related field preferred

Experience as an investigator/administrator with the ability to read, understand, and explain law and policy to a diverse range of audiences is preferred

Licensed Attorney by the State Bar of Texas (SBOT) preferred