Skip to main content

Talent Network

Talent Network Sign Up

Duke Health requires team members to receive the COVID-19 and influenza vaccines. After you have officially accepted a position at Duke Health, you may request a religious or medical accommodation.

Compliance Research Auditor DUHS- Remote

Regular Full Time Durham, North Carolina
Requisition Number: 205808

General Description of the Job Class

Identify and monitor potential privacy risks and create corrective action. Work with DUHS Departments to develop effective privacy education and training programs, including orientation and annual training. Monitor regulatory change, assist appropriate DUHS areas to implement or revise process to ensure compliance with privacy regulations. Perform other related duties incidental to the work described herein. 

Duties and Responsibilities of this Level

  • Manage privacy audits of operational staff’s access to patient information; and investigate and resolve policy violations.

  • Identify privacy risk areas, particularly in the area of clinical research, conduct focused privacy reviews, conduct trending analysis, and direct facility/departments to implement corrective action. 

  • Develop internal controls, policies, and procedures to ensure compliance with appropriate Duke Health policies, State and Federal guidelines.

  • Investigate patient/research participant complaints and inquiries.

  • Collaborate with administrators and HR staff to implement corrective action to address violations of policy and regulations and manage completion of corrective action.

  • Support DUHS privacy activities, specifically as it relates to clinical research operations, including the following:

  • Develop and maintain policies and procedures related to use and disclosure of individually identifiable health information, in accordance with Duke Health policies, procedures, state/federal laws and best business practices.

  • Assist and coordinate development and delivery of departmental privacy/research trainings concerning privacy policies and procedures, protecting patient protected health information and release updates on new or updated policies, procedures and regulations.

  • Routinely present privacy trainings to bring awareness to privacy-related changes/updates to rules and regulations. Work with staff to modify workflows to ensure compliance and best practices are utilized.

  • Provide guidance to Duke Health workforce members, including clinical research units, Duke Office of Clinical Research (DOCR), and Duke Clinical Research Institute (DCRI), on privacy-related questions, and timely address privacy-related issues and/or concerns that may arise during patient/study participant engagement, patient encounters, research studies and/or exempt/quality improvement projects.

  • Write privacy-related articles in monthly departmental newsletter, Compliance Quarterly, as well as DOCR Newsletter. Notify staff of privacy/compliance updates, announcements and informational guides for staff via Compliance intranet.

  • Perform other related duties incidental to the work described herein. 

Required Qualifications at this Level


Work requires a general business background generally equivalent to a Bachelor's degree in a business administration, accounting, management, healthcare administration, other related degree.

Strongly preferred: a graduate degree in information security, law, life sciences, or other related degree. 


Four years of experience related to legal, regulatory compliance, patient advocacy, supervisory role in patient financial services or HIM services, or other relevant experience.

Strongly preferred: Five years of experience related to legal, clinical research, regulatory compliance, or other relevant experience.

Degrees, Licensure, and/or Certification

Knowledge, Skills, and Abilities

  • In depth and working knowledge and experience with applicable federal regulations including, HIPAA, Common Rule, FDA Clinical Trials (drug/device), is preferred.

  • Strong oral and written communication skills. 

  • Demonstrated experience with problem solving, analytical, critical thinking, managing a busy caseload; functions as a strong team player; effective written and oral communication skills; working knowledge of privacy regulations; strong knowledge of MS applications including excel and a general understanding of technology.

  • Experience conducting investigations in a healthcare-related field is preferred.

  • Certification in HIPAA Privacy/Security, Healthcare compliance, or applicable experience is preferred.

Distinguishing Characteristics of this Level

  • Skilled at spotting health research-related compliance issues and thoroughly investigating issues to their conclusion without supervision.

  • Experienced navigating large academic health research organizations.

  • Holds a certification in one or more of the following: CIP, CHPS, RHIT, CHRC, CIPP/US, or similar research and privacy certifications.

  • At least 5 years’ experience submitting or reviewing human subject research to an IRB involving retrospective health information.

  • At least 5 years’ experience auditing electronic files, data flows, folder permissions for HIPAA-related audits.

  • At least 5 years’ experience coordinating and developing auditing processes; developing and implementing policies and procedures; conducting investigations and drafting recommendations for corrective measures.

  • A graduate degree in information security, law, or life sciences.

Duke is an Affirmative Action/Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or veteran status.

Duke aspires to create a community built on collaboration, innovation, creativity, and belonging. Our collective success depends on the robust exchange of ideas—an exchange that is best when the rich diversity of our perspectives, backgrounds, and experiences flourishes. To achieve this exchange, it is essential that all members of the community feel secure and welcome, that the contributions of all individuals are respected, and that all voices are heard. All members of our community have a responsibility to uphold these values.

Essential Physical Job Functions: Certain jobs at Duke University and Duke University Health System may include essentialjob functions that require specific physical and/or mental abilities. Additional information and provision for requests for reasonable accommodation will be provided by each hiring department.

Jobs For You

As you search for opportunities that fit your skills, any jobs you view will appear here.

You haven’t saved any jobs yet, but when you find an opportunity that seems right for you, bookmark it so you can return to it easily.

As you explore and apply to career opportunities with Duke Health, we want to alert you of possible fraudulent scams and phishing schemes targeted at job seekers. Duke Health will never ask for any financial contribution or to provide sensitive personal information outside of our application and background check process.