AI GOVERNANCE ANALYST

Position Highlights:

The AI Governance Analyst is the operational backbone of the AI governance program, responsible for managing the AI Model Registry, coordinating risk evaluations, supporting AIGC operations, and overseeing vendor due diligence for AI-specific terms. This role ensures no AI tool goes live without proper registration, risk scoring, and governance documentation. The Analyst works closely with requestors, risk stewards, legal, compliance, and IT to keep governance workflows moving efficiently.

Responsibilities:

AI Model Registry and Inventory

• Maintain and administer the enterprise AI Model Registry, ensuring all AI applications (92+ existing, 18+ planned, and all new submissions) are registered, classified, and current.
• Enforce the "no go-live without registration" requirement across all domains (clinical, research, business).
• Track AI tool lifecycle status (active, under review, paused, retired) and maintain audit-ready documentation.
• Prepare and maintain Model Information Sheets for each registered AI tool.

Risk Evaluation Coordination

• Administer the 7-question risk scoring instrument for incoming AI tool requests, calculate tier assignments, and route to appropriate review tracks.
• For Tier 2 tools: coordinate focused supplemental reviews with 3-4 relevant risk stewards, track responses, and compile findings.
• For Tier 1 tools: support the Director in coordinating parallel specialist review tracks, managing timelines and deliverable tracking across Clinical Safety, Data & Privacy, Operational & Strategic, and Legal & IP tracks.
• Maintain the risk evaluation process documentation, templates, and scoring logic
• Identify the IT/Infrastructure and domain sponsor team members for the AI tool and coordinate deployment and monitoring activities with them.

AIGC Operations Support

• Prepare meeting agendas, briefing materials, and decision packages for monthly AIGC meetings and workgroup sessions.
• Document AIGC decisions, action items, and follow-ups; maintain governance records.
• Produce quarterly portfolio reports and dashboards for CEO Cabinet presentation.
• Coordinate logistics for AIGC workgroups (Lifecycle Governance, Regulatory & Compliance, Policy, Quality & Safety).

Vendor Due Diligence and Contract Oversight

• Manage AI-specific vendor due diligence questionnaires and documentation collection.
• Review vendor contracts for required AI governance terms (performance guarantees, data handling, model update notifications, transparency provisions, exit/portability clauses).
• Track vendor compliance with contractual AI governance requirements post-deployment.
• Maintain a vendor AI risk profile database linked to the Model Registry.

Regulatory Tracking and Documentation

• Monitor developments in AI regulation relevant to healthcare (FDA, Joint Commission, state legislation, CMS).
• Maintain a regulatory mapping document linking Moffitt's governance controls to external requirements.
• Support patient disclosure and transparency documentation per framework requirements.

Credential and Qualifications:

• Bachelor's Degree in health informatics, healthcare administration, public health, business administration, information systems, or related field required.
• 3+ years of experience in healthcare compliance, risk management, governance, health informatics, project coordination, or a related operational role.
• Experience with structured data management - maintaining registries, inventories, databases, or tracking systems.
• Experience coordinating multi-stakeholder processes (e.g., committee support, cross-functional reviews, vendor assessments).
• Working knowledge of healthcare regulatory requirements (HIPAA, Joint Commission, FDA basics).

Preferred Experience

• Experience in an NCI-designated cancer center or academic medical center.
• Experience with vendor management or third-party risk assessment in healthcare.
• Experience supporting governance committees, compliance programs, or quality improvement initiatives.
• Familiarity with AI/ML concepts (model types, training data, bias, drift) at a conceptual level.
• Experience with GRC platforms (ServiceNow, Archer, or similar).