Director of Privacy, Ethics & University Compliance Officer
The University Compliance Officer (UCO) is the Director of the Duke University Privacy, Ethics and Compliance Program. This role is responsible for guiding an effective federated compliance structure through a combination of centralized assurance, compliance liaison oversight and coordination, ongoing evaluation of compliance program performance to reduce risks of noncompliance, and methods to detect and prevent conduct that may represent noncompliance or nonconformity with defined institutional risk tolerance.
The UCO reports to the Executive Director of Audit, Risk and Compliance (the chief audit and compliance officer). The UCO provides regular updates tothe Audit, Risk and Compliance Committee of the Duke University Board of Trustees and, upon request, may speak privately with the committee.
The UCO plays a vital role in supporting Duke's commitment to excellence and integrity and fulfillment of its commitments to stakeholders. The UCO provides leadership and guidance in establishing and implementing an effective compliance and privacy program that addresses regulatory requirements applicable to an elite international university, first tier research institution and academic medical center conducting clinical trials.
The UCO leads the compliance and privacy program through consultative and constructive interaction with the compliance risk owners, managers and liaisons. Success depends on a risk-based approach to define priorities; a commitment to foster strong relationships and open communication among the stakeholders; and dedication to cultivating behaviors and actions that uphold and reinforce integrity, accountability and transparency. The UCO conducts periodic risk assessments to identify potential areas of compliance vulnerability and risk, and acts as an advisor to the institutional compliance risk owners and decentralized compliance risk management leadership.
In support of the institutional risk management program, the UCO conducts an annual facilitated compliance risk assessment with senior leaders responsible for various aspects of statutory and regulatory activities. Based on the annual risk assessment and the prevailing enforcement landscape, the UCO coordinates assurance reviews and monitoring activities to evaluate policies, processes, responsibilities and outcomes that support compliance with applicable statutory, regulatory and other standards. The UCO sets priorities and supervises teams dedicated to executing the compliance program responsibilities for research compliance assurance, privacy, institutional ethics and compliance monitoring.
The UCO serves on various internal working groups, steering committees and advisory boards in the role of compliance advisor and/or compliance program oversight. These include standing and ad hoc groups for research protocol reviews, occupational and environmental safety, conflict of interest, privacy, policy development, international activities, and emerging risks.
The UCO must exhibit independence and objectivity in reviewing and evaluating compliance policy, programs, processes, activities, and reported issues or concerns. The UCO must also demonstrate creativity, foresight and exceptional judgment in thought, actions and relationships.
- Manage the university privacy, ethics and compliance program
- Maintain an ongoing compliance risk assessment process
- As requested or necessary, provide consultation to senior management regarding risks or potential noncompliance events
- Identify and develop initiatives to address and resolve areas of compliance concerns or emerging risks
- Coordinate resolution of issues with senior leadership and/or management of the compliance areas or business units
- Maintain a working understanding of the contemporary compliance landscape
- Cultivate relationships with peers and subject matter experts to facilitate anticipatory evaluation of new regulations, enforcement focus or other compliance initiatives
- Serve as primary point of contact for the ethics and compliance hotline, including coordinating investigations and follow-up activities
- Administer the compliance program and coordinate with the internal audit function
- Recruit, develop and supervise staff
- Prepare updates and reports for senior leadership, steering committees and governing boards
- Represent the privacy, ethics and compliance program on internal working committees and review boards
- Maintain a close working relationship with general counsel and the information security office
- Ensure program effectiveness by addressing governmental and governing body requirements, including Federal Sentencing Guidelines criteria
- Apply sound and balanced risk evaluation and risk mitigation perspective Required Qualifications Education:
Bachelor's degree required; advanced degree preferred. Demonstrated collaborative leadership, thoughtful communication and sincere interpersonal style. Significant experience in assessing compliance risks, evaluating compliance program performance and leading high- performing teams in a complex environment. Working knowledge of university, research and academic medical center activities.
Minimum of 10 years of compliance experience and progressive leadership responsibilities in an academic, research or other complex compliance environment, with working knowledge or experience in sponsored program management, human subjects research, privacy requirements, clinical trials, responsible conduct of research, regulatory affairs, lab safety and biosafety, environmental health and safety, athletics compliance, and international activities.
Duke University is an Affirmative Action/Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, genetic information, gender, gender expression, gender identity, national origin, race, religion, sexual orientation, or veteran status.
Essential Physical Job Functions: Certain jobs at Duke University and Duke University Health System may include essential job functions that require specific physical and/or mental abilities. Additional information and provision for requests for reasonable accommodation will be provided by each hiring department.