Compliance and Privacy Manager - SCRI

About The Position

Requirements

• 4 or more years of experience in healthcare privacy, compliance, audit, or a related field.
• Working knowledge of healthcare privacy and compliance programs, with emphasis on HIPAA and research-related data use.
• Familiarity with federal and state privacy regulations applicable to healthcare providers and research organizations.
• Be capable of conducting workloads and projects in a self-directed manner, with minimal oversight, while delivering superior results in a timely manner.
• Demonstrate ability to communicate effectively with a broad spectrum of business segment personnel and senior management.
• Possess effective written and verbal communication skills as demonstrated by the ability to articulate ideas, thoughts, and information in a logical manner and sequence to summarize issues clearly and succinctly.
• Ability to independently assess risk and apply sound professional judgment within established frameworks.
• Strong written and verbal communication skills, including the ability to present issues clearly to business and legal partners.
• Demonstrated ability to collaborate across legal, technical, and operational teams.
• Strong analytical and organizational skills, with attention to documentation and follow-through.

Nice To Haves

• Experience supporting healthcare research, clinical trials, or oncology data environments.
• Professional certifications such as CHC, CHPC, or CIPP.

Responsibilities

• Execute privacy and compliance risk assessments across SCRI data flows and research activities, contributing to risk-based monitoring and workplans.
• Implement and monitor privacy and compliance controls, policies, and procedures within SCRI to meet regulatory, contractual, and McKesson requirements.
• Lead privacy incident investigations for SCRI, including documentation, root cause analysis, remediation actions, and coordination with enterprise partners.
• Respond to privacy-related inquiries, concerns, and complaints, escalating issues as appropriate.
• Conduct privacy audits and targeted monitoring activities based on identified risks.
• Partner with Information Security to align SCRI privacy practices with security controls and incident response processes.
• Drive ongoing compliance monitoring activities that support SCRI business objectives and research operations.
• Deliver privacy and data governance training tailored to SCRI workforce roles and data use cases.
• Monitor adherence to approved privacy and data governance documentation and standards.
• Maintain effective working relationships with Internal Audit, Legal, HR, IT, and other enterprise partners.
• Support additional privacy and data governance initiatives as assigned.

Benefits

• competitive compensation package
• Total Rewards
• annual bonus
• long-term incentive opportunities