Overview:

Stanford University, a global leader in higher education, seeks an experienced professional to serve as the University’s Director of Research Privacy. This is a unique opportunity to work in a truly entrepreneurial academic community to support the University’s world-class research enterprise.

Stanford University has a sponsored research project budget of over $1.6 billion, including the SLAC National Accelerator Laboratory (SLAC), and manages 6,000 externally sponsored research projects.  A high volume of protected information is essential to support the research enterprise.   The collection, storage, use, and sharing of this information generates many privacy issues, particularly in projects that have human subjects. Given the large number of students, alumni, employees, and patients at the University’s affiliated medical center, research privacy issues affect a wide range of constituencies.

This position requires a subject matter expert in research privacy, domestically and internationally.  The director will serve as a key member of the Stanford University Dean of Research Office, reporting directly to the Associate Vice Provost for Research Policy and Integrity, and with dotted-line reporting to the University’s Chief Risk Officer.  The director must be able to support the University’s research mission while ensuring protection of personal information, in accordance with regulatory requirements and the University’s values, policies, infrastructure, and operations.

Principal Responsibilities:

• Work across the University to support research and to implement the University’s commitment to protect the privacy of personal information.   
• Work closely with major research stakeholders, including the Research Compliance Office (which oversees the institutional review boards), Office of Technology Licensing, Industrial Contracts Office, Research Management Group, Office of Sponsored Research, and Office of Research Administration.  Provide expert privacy consultation on data sharing agreements for research, research collaborations, clinical trial agreements, and other research projects and agreements.  Serve as a consultative resource to faculty and staff.
• Develop strong working relationship with and act as the research liaison to the Stanford Medicine privacy team (including at Stanford Health Care, Lucile Packard Children’s Hospital, and a community hospital and physician networks) to ensure protection of patient medical data used in research projects.
• Represent DoR and provide research privacy expertise in matters involving the University Privacy Office, Information Security Office (ISO), and related stakeholders, and serve as a research privacy expert on relevant committees.
• Develop strong working relationship with the Office of the General Counsel.
• Represent DoR and provide research privacy expertise in the Privacy/ISO Data Risk Assessment (DRA) process.
• Contribute as the research privacy expert on the University’s Student Data Oversight Committee.
• Provide privacy expertise in areas such as secondary use of information for research, data and tissue repositories, precision health, digital health/wearables and artificial intelligence (AI) research, and genetic research, among other areas.  Stay abreast of identifiability vs. de-identification of information in the context of research activities.
• This is a new position within the Dean of Research office, and the emphasis will be on consultative support and an operational, solution-oriented approach.  This position will handle research privacy specifically, and will be a consulting expert for, but will not replace, University Privacy Office functions such as enterprise privacy policy and procedure development, workforce training, investigation of non-research compliance/privacy incidents, breach management and prevention, and privacy across operations (including vendor relationships).  

Required Qualifications:

• Seven or more years of privacy research experience at or on behalf of institutions of higher education, academic medical centers, or research organizations.
• Experience applying privacy requirements to complex datasets, including “big data” research, clinical trials, digital health, wearable, and AI studies, and social/behavioral and educational research.
• Expert knowledge of HIPAA as applied to research.  This position is not a clinical care privacy position, and practical experience applying privacy laws to research is required.
• Expert knowledge of and experience with additional federal and state laws, including FERPA, and the California Confidentiality of Medical Information Act (CMIA) or comparable state laws protecting health information, including genetic and other sensitive health information.
• Expert knowledge of and experience with international privacy laws, including GDPR as applied to research.  Experience with privacy laws in other areas of the world, including Asia, is preferred.
• Excellent interpersonal and listening skills; ability to work well individually and as a team member.
• Excellent ability to analyze complex issues, organize, and make recommendations that are achievable within the University environment.  Solution-oriented approach.
• Excellent writing and communication skills. Ability to multi-task within necessary timeframes.
• Integrity and excellent judgment.
• Bachelor’s degree.

Preferred Qualifications:

• J.D., or appropriate combination of education and regulatory compliance experience.
• Privacy professional certification.

PHYSICAL REQUIREMENTS*:

• Constantly perform desk-based computer tasks.
• Frequently sitting.
• Occasionally stand/walk, reach/work above shoulders, use a telephone, writing by hand, lift/carry/push/pull objects that weigh up to 10 pounds;
• Rarely twist/bend/stoop/squat, sort/file paperwork or parts, lift/carry/push/pull objects that weigh 11-20 pounds.

* - Consistent with its obligations under the law, the University will provide reasonable accommodation to any employee with a disability who requires accommodation to perform the essential functions of the job.

WORKING CONDITIONS:

Occasionally work evenings and weekends.

WORK STANDARDS:

• Interpersonal Skills: Demonstrates the ability to work well with Stanford colleagues and clients and with external organizations.
• Promote Culture of Safety: Demonstrates commitment to personal responsibility and value for safety; communicates safety concerns; uses and promotes safe behaviors based on training and lessons learned.
• Subject to and expected to comply with all applicable University policies and procedures, including but not limited to the personnel policies and other policies found in the University’s Administrative Guide, https://adminguide.stanford.edu.

Compliance/Privacy Professional 3
Job Code: 2373
Grade: L

Additional Information

Schedule: Full-time
Job Code: 2373
Employee Status: Regular
Grade: L
Requisition ID: 84564