Find More Than 10K+
United Kingdom Jobs

Job description

Jackson Hogg are looking to recruit a Data Protection Officer for a fantastic charity based in Sunderland.

Job Purpose of the Data Protection Officer

You will be responsible for leading on the Information Governance Framework and Risk Management Framework. The Information and Risk Lead will act as the Data Protection Officer and subject matter expert; informing and advising all employees of obligations to comply with the UK GDPR and other data protection laws.

Duties to include for the Data Protection Officer

Information Governance

• To fulfil the role of Data Protection Officer in line with Information Commissioner’s Office (ICO) guidance, and act as a point of contact for the ICO.
• To develop and deliver the companies Information Governance Framework.
• To review the management and reporting of recorded Information Governance incidents; leading on recommendations/actions (as and when required) and the production of investigation reports.
• To receive and respond to data subject access requests from external parties relating to data processed by the company, ensuring compliance with statutory requirements.
• To produce and advise on the development of Data Protection Impact Assessments and Information Sharing Agreements.
• Propose and present recommendations on working practices that will enable the client to maintain compliance with legislation and national standards set by the Information Commissioner’s Office, NHS Digital, Care Quality Commission, National Cyber Security Centre and others, leading on continuous improvement.
• To lead on identifying areas of risk and gaps in compliance with Information Governance standards and identifying and implement controls.
• To contribute to the development of new/revised Information Governance related controlled documents (policies, procedures, standard operating procedures).
• To write reports to the Information Governance board, and Audit and Risk Committee and any other working group with responsibility for Information Governance.
• To lead on all external Information Governance standards, including the Data Security and Protection Toolkit and Cyber Essentials.
• To chair the Information Governance Committee.
• To conduct internal and external Information Governance audits, ensuring that any recommended action plans are implemented in a timely manner, monitored and reviewed.
• Establishing working groups, to co-ordinate the activities of staff given Information Governance responsibilities and progress initiatives.
• To manage a central register of information governance records to include but not limited to: information asset register, contracts assurance register, information sharing agreements.

Corporate Risk

• Leading on the collaboration and development of the Corporate Risk Register, together with the Director of Strategy and Performance/Director of Finance and Technology, through regular dialogue with corporate risk owners.
• Work collaboratively to ensure that the companies risk management framework is delivered.
• Manage the maintenance of the operational risk registers through regular dialogue with the risk register owners.
• Identify high priority risks, providing support to risk owners to manage mitigation and reduce overall risk to the company
• Ensure that risk assessments and controls are developed in line with the companies risk appetite.
• Develop and produce a risk management reporting pack for the Audit and Risk Committee.
• Develop and maintain an up-to-date risk management recording and reporting system.
• Propose and present improvement solutions and initiatives to risk management arrangements.

Skills and Knowledge Required

• Strong knowledge of UK and EU data privacy and data protection regulation, and a good understanding of other major privacy frameworks.
• Sufficient knowledge of information technology and data management systems.
• Ability to develop and sustain collaborative working relationships and coordinate and consult with others.
• Understand how complex information and communication technology systems support an organisation.
• Ability to assess and manage corporate risk at all levels.
• Ability to analyse, understand and process information.
• Excellent prioritisation skills and ability to manage workload .
• Ability to work well under pressure, with a methodical approach and attention to detail.
• Ability to use own initiative to ensure objectives are achieved.
• Excellent communication, presentation, ICT and report writing skills.
• Detailed knowledge of legal frameworks applicable to information governance (including Data Protection, General Data Protection Regulations Freedom of Information) and their application.
• Thorough understanding of records management principles and practice and experience of writing polices.
• Experience within a compliance, audit and/or risk function, with recent experience in privacy compliance and wider broad-spectrum compliance programmes.
• Experience in developing policy and compliance training.
• Practical experience of similar role within Health and Social Care sector.
• Experience of applying effective information governance practices within health and/or social care setting.
• Experience of using an evidence-based approach to make informed decisions.
• Experience of leading independent audits/ investigations and identifying remedial recommendations

Job Types: Permanent, Full-time

Schedule:

• Monday to Friday

Work Location: In person