Senior Director - Privacy Officer
Caris Life SciencesAt Caris, we understand that cancer is an ugly word—a word no one wants to hear, but one that connects us all. That’s why we’re not just transforming cancer care—we’re changing lives.
We introduced precision medicine to the world and built an industry around the idea that every patient deserves answers as unique as their DNA. Backed by cutting-edge molecular science and AI, we ask ourselves every day: “What would I do if this patient were my mom?” That question drives everything we do.
But our mission doesn’t stop with cancer. We're pushing the frontiers of medicine and leading a revolution in healthcare—driven by innovation, compassion, and purpose.
Join us in our mission to improve the human condition across multiple diseases. If you're passionate about meaningful work and want to be part of something bigger than yourself, Caris is where your impact begins.
Position Summary
Under the direction of the Sr. Director, Compliance and Privacy Operations, the Senior Director, Privacy Officer will manage and enhance the company’s enterprise privacy program, ensuring compliance with HIPAA, GDPR and applicable state privacy laws. This position provides operational oversight of privacy activities, leads specialized initiatives, and serves as the organization’s designated authority for all privacy requirements. As the Privacy Officer, this role is responsible for establishing, coordinating, and monitoring controls that ensure the proper handling and protection of protected health information across the organization. The Senior Director partners closely with the Director, GINA Officer, Compliance, Legal, HR, IT, and Operations to implement safeguards, reduce risk, and support the company’s obligations as a publicly traded healthcare organization.
Job Responsibilities
Partners with the Privacy Director in maintaining and advancing the company’s privacy policies, processes, and frameworks.
Develop, review, and update departmental procedures to ensure alignment with HIPAA, GDPR, state privacy laws, and organizational requirements.
Oversee day-to-day privacy operations including privacy incident intake, assessment, documentation, and recommended corrective actions.
Conduct and manage privacy risk assessments, data mapping exercises, and privacy impact assessments (PIAs).
Assist with investigation of privacy complaints and breaches and support all regulatory reporting obligations in collaboration with the GINA Officer.
Partners with the Privacy Director in monitoring completion and effectiveness of mandatory privacy training.
Monitor changes in federal and state privacy and genetic information laws; brief the Sr. Director, Compliance and Privacy Operations and business leaders on impacts and required actions.
Participate in internal auditing and monitoring activities related to privacy compliance.
Assist with preparation of reports, dashboards, and presentations for senior leadership and the Board, as directed by the Sr. Director, Compliance and Privacy Operations.
Offers cross-functional support.
Collaborate with IT and Security to ensure technical safeguards and access controls align with privacy standards.
Partner with Legal, Compliance, HR, Operations, and other departments to embed privacy-by-design principles in new initiatives and technologies.
Provide subject matter expertise during internal investigations, vendor assessments, and business process reviews.
Provides any other departmental support as needed.
Required Qualifications
Bachelors Degree in related fields.
12–15+ years of progressive experience in healthcare compliance, privacy, or legal roles.
Significant leadership experience in a public healthcare company or highly regulated environment.
Deep knowledge of HIPAA, GDPR, HITECH, OIG guidelines, FDA/EMA regulations (if applicable), and healthcare fraud/abuse laws.
Strong familiarity with SEC and SOX requirements as they intersect with compliance/privacy.
CHC, CHPC Certification.
Preferred Qualifications
JD, Master’s in Healthcare Administration.
Physical Demands
Must possess ability to sit and/or stand for long periods of time.
Must possess ability to perform repetitive motion.
Ability to lift up to 25 pounds.
Majority of work is performed in a desk/cubicle environment.
Training
All job specific, safety, and compliance training are assigned based on the job functions associated with this employee.
Other
This position requires periodic travel.
This job description reflects management’s assignment of essential functions. Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.
Conditions of Employment: Individual must successfully complete pre-employment process, which includes criminal background check, drug screening, credit check ( applicable for certain positions) and reference verification.
This job description reflects management’s assignment of essential functions. Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.
Caris Life Sciences is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, gender identity, sexual orientation, age, status as a protected veteran, among other things, or status as a qualified individual with disability.