Data Use Agreement Manager

** Data Use Agreement Manager**
* ** Position Number:
** 6687255
* *
* Location:

** Stony Brook, NY
* ** Position Type:
** Computer and Information Technology
** Data Use Agreement Manager*
* ** Required Qualifications (as evidenced by an attached resume):
** Bachelor's degree (foreign equivalent or higher) in a relevant field such as Business, Law, Health Science, or a related discipline. Four (4) years of full-time directly related experience in contract management. Significant experience drafting, analyzing, and negotiating contracts. In depth knowledge of regulations governing sensitive data, such as the Health Insurance Portability and Accountability Act (HIPAA) and institutional regulations (e.g., regulations pertaining to the Institutional Review Board (IRB).

Demonstrated knowledge of legal and intellectual property issues related to data sharing related agreements. Experience working in a hospital or higher education setting.

*
* Preferred Qualifications:

** Master's degree (foreign equivalent or higher) in a relevant field such as Business, Law, Health Science, or a related discipline. Juris Doctor (J.D.) (or foreign equivalent). Relevant professional certifications (e.g., Certified Information Privacy Professional - CIPP). Proficiency with contract lifecycle management (CLM) software.

Experience with data management concepts and systems.

** Brief Description of Duties:
** The Data Use Agreement Manager reports to the Director for Research Security in the Office of Research Security part of the Office for Research and Innovation. The DUA Contract Manager is responsible for the full lifecycle management of Data Use Agreements (DUAs), Data Transfer Agreements, Membership Agreements, Participation Agreements, Consortium Agreements, and related data sharing contracts. The manager ensures that all data exchanges with external parties comply with federal regulations, privacy laws (such as HIPAA and GDPR), institutional policies, and contractual obligations.

This role involves reviewing, drafting, negotiating, and executing agreements to facilitate the secure and compliant use of data.
The incumbent must have excellent written and verbal communication skills with the ability to explain complex legal and regulatory concepts to diverse audiences. Strong organizational skills and the ability to maintain meticulous records. Aptitude for identifying and resolving contractual and regulatory issues efficiently. Ability to work effectively in a team-oriented, fast-paced environment and build trust with both internal and external stakeholders.

Capability to stay updated on evolving data privacy laws and adjust internal procedures accordingly.

* ** Agreement Management:**   + Manage the end-to-end process for data sharing related agreements including initial review of agreement and IRB submission/approval, negotiation, execution, and close-out.
* ** Risk Assessment:**   + Evaluate and mitigate risks associated with data sharing, including regulatory, privacy, and security risks.
* *
* Cross-functional Collaboration:

**   + Work closely with principal investigators, research teams, legal counsel, IT security, Office of Research Compliance, SBU Chief Privacy Officer, Office of Compliance, Audit and Privacy and other internal stakeholders to ensure that data use aligns with project goals and organizational policy.
* ** Negotiation:**   + Negotiate contract terms with external institutions and organizations to ensure favorable terms that protect the organization's interests and comply with data privacy laws.
* ** Documentation and Reporting:**   + Maintain detailed and accurate records of all data sharing related agreements in a central repository, track key dates and obligations, and provide regular reports to stakeholders.
* ** Compliance Monitoring:**   + Monitor and audit data sharing practices to ensure ongoing compliance with executed agreements and regulatory requirements. Investigate and report any breaches or non-compliant activities in coordination with the Chief HIPAA Privacy Officer.
* ** Policy and Procedure Development:**   + Assist in developing and updating internal policies and procedures related to data sharing related agreements and data management.
* ** Training and Support:**   + Educate internal staff and research teams on best practices for data privacy and security, as well as the DUA process. Launch mandatory training for principal investigators, research staff, and relevant administrative personnel on compliant data use, agreement initiation, and role-specific responsibilities within the governance framework.
* ** Resource Development:**   + Develop and maintain a central guidance website housing flowcharts, FAQs, and standard agreement templates to streamline researcher access to process and policy information.
* ** Governance and Oversight:**   + Lead the DUA Working Group. Serve as a key member of the Research Data Privacy Governance Subcommittee as a subcommittee of the Executive Compliance Governance Committee…