Logo of Huzzle

Home

Matches

Explore

Manage

Information Governance Specialist & Compliance Officer

image

The Christie NHS Foundation Trust

1mo ago

  • Job
    Full-time
    Senior Level
  • Manchester

AI generated summary

  • You must have expertise in data protection, compliance auditing, incident investigation, and managing information governance processes, with strong leadership and time management skills.
  • You will ensure compliance with IG policies, manage FOI requests, deliver training, lead data processing activities, conduct audits, and collaborate with stakeholders on information governance.

Requirements

  • As an IG Specialist you will have a proved track record in providing advice and guidance on use and security of processing personal data as part of projects and systems.
  • A range of compliance duties are required to maintain standards of data protection and Caldicott principles across the trust, from staff understanding to correct access to audit of personal data held in systems.
  • Investigating incidents and horizon scanning for upcoming standards and case reviews.
  • This is a senior IG role and you will have a chance to input and influence the strategic direction of our Trust's Data Protection thinking and policy.
  • Additionally, skills and experience in managing and testing compliance against set standards would be drawn upon to help Digital Services Leads and Information Asset Owners demonstrate assurance and improvement against the standards they are responsible for.
  • You will be expected to work independently, to review Data Protection Impact Assessments and wider Data Protection compliance standards.
  • Carry out audits, challenge local processes and produce reports with recommendations and track action plans to control risks.
  • Support the Data Protection Officer and Caldicott Guardian.
  • Provide Line Management support for the Freedom of Information staff and provide advice around application of exemptions.
  • Be experienced in leading Caldicott and Data Protection meetings, with production of papers and facilitating the meetings.
  • We are looking for someone with enthusiasm, eye for details and excellent admin and time management skills.
  • The Role will also play a part in supporting the Senior Information Risk Owner (SIRO), Caldicott Guardian (CG) and Data Protection Officer (DPO) in discharging their responsibilities relating to safeguarding personal data.
  • Support specialist confidentiality and privacy by design advice on the implementation of the IG legal framework, IG national policy requirements, new Statutory Guidance, organisational standards, policies and controls across internal and external facing operational services.
  • Draft and publish IG advice in response to IG queries received, emerging trends and new national guidelines from across the organisation.
  • Support strategic advice to the Freedom of Information (FOI) lead and key stakeholders on complex requests, internal reviews and ICO investigations.
  • Provide line management responsibilities for the Freedom of Information lead ensuring that all aspects of performance, attendance, training and appraisal are addressed in accordance with Trust Policy.
  • Expected to Deputise for the IG Lead as necessary, on matters within scope of expertise.
  • Plan and progress work to ensure that IG policies and procedures are embedded in the programmes, divisions across the organisation.
  • Reporting assurances/gaps on outcomes of best practice and standards set out in policy and procedures to Divisional leads and Caldicott panel.
  • Plan and deliver training to Trust staff at all levels, through a variety of formats designed to meet the specific needs of the organisation with reference to GDPR and FOI.
  • Provide leadership in managing the statutory information requests function of the IG Team, including FOI, information rights requests.
  • Provide assurance on Information Governance and Statutory Guidance compliance through a schedule of assurance reviews and activity, including in respect of high-risk processing, internal data protection audits, and audits of data use and sharing, both internal and external to the Trust.
  • Assist assurance for Digital Services Leads and Information Asset Owners in their compliance against standards, through peer reviews, engagement with audits, advice and guidance of compliance management.
  • Drive compliance with the Confidentiality elements of the Data Security & Protection Toolkit (DSPT or equivalent) requirements and support work to co-ordinate and assure the Trust annual DSPT or equivalent submission.
  • Work Collaboratively with Divisions to evidence their compliance with principles of the DSPT and the Digital teams on wider components.
  • Lead on maintenance of the Trust Register of Processing Activities (RoPa) including reviews of Data Flows, within Divisions, from Systems and provision of data sets supporting audit/research/analysis.
  • Being the lead for establishing correct legal basis for any processing of data, inclusive of use of consent and national data opt out.
  • Collaborate with key Stake Holders (internal and external to the Trust) on Supply Chain Risks. Considering current supplier due diligence requirements, on boarding the Information Asset Owners (IAO’s) with key programmes of assurance and maintaining accuracy of the Information Asset Register.

Responsibilities

  • Support specialist confidentiality and privacy by design advice on the implementation of the IG legal framework, IG national policy requirements, new Statutory Guidance, organisational standards, policies and controls across internal and external facing operational services.
  • Draft and publish IG advice in response to IG queries received, emerging trends and new national guidelines from across the organisation.
  • Support strategic advice to the Freedom of Information (FOI) lead and key stakeholders on complex requests, internal reviews and ICO investigations.
  • Provide line management responsibilities for the Freedom of Information lead ensuring that all aspects of performance, attendance, training and appraisal are addressed in accordance with Trust Policy.
  • Expected to Deputise for the IG Lead as necessary, on matters within scope of expertise.
  • Plan and progress work to ensure that IG policies and procedures are embedded in the programmes, divisions across the organisation. Reporting assurances/gaps on outcomes of best practice and standards set out in policy and procedures to Divisional leads and Caldicott panel.
  • Plan and deliver training to Trust staff at all levels, through a variety of formats designed to meet the specific needs of the organisation with reference to GDPR and FOI.
  • Provide leadership in managing the statutory information requests function of the IG Team, including FOI, information rights requests.
  • Provide assurance on Information Governance and Statutory Guidance compliance through a schedule of assurance reviews and activity, including in respect of high-risk processing, internal data protection audits, and audits of data use and sharing, both internal and external to the Trust.
  • Assist assurance for Digital Services Leads and Information Asset Owners in their compliance against standards, through peer reviews, engagement with audits, advice and guidance of compliance management.
  • Drive compliance with the Confidentiality elements of the Data Security & Protection Toolkit (DSPT or equivalent) requirements and support work to co-ordinate and assure the Trust annual DSPT or equivalent submission. Work Collaboratively with Divisions to evidence their compliance with principles of the DSPT and the Digital teams on wider components.
  • Lead on maintenance of the Trust Register of Processing Activities (RoPa) including reviews of Data Flows, within Divisions, from Systems and provision of data sets supporting audit/research/analysis. Being the lead for establishing correct legal basis for any processing of data, inclusive of use of consent and national data opt out.
  • Collaborate with key Stake Holders (internal and external to the Trust) on Supply Chain Risks. Considering current supplier due diligence requirements, on boarding the Information Asset Owners (IAO’s) with key programmes of assurance and maintaining accuracy of the Information Asset Register.

FAQs

What is the main purpose of the Information Governance Specialist & Compliance Officer role?

The main purpose is to provide essential support for data protection and confidentiality work, ensuring patient privacy and compliance with legal and national policy requirements.

What qualifications are required for this role?

A proven track record in providing advice on data processing and security, experience in compliance management, and strong administrative and time management skills are required.

What types of tasks will I be performing in this role?

You will conduct audits, review Data Protection Impact Assessments, draft IG advice, deliver training, and provide line management support, among other responsibilities.

How does this role contribute to the Trust's strategic direction?

As a senior IG role, you will have the opportunity to input and influence the Trust's data protection thinking and policy.

Will I be working independently in this role?

Yes, you are expected to work independently on various tasks, including reviewing compliance standards and conducting audits.

What support will I provide to other governance roles?

You will support the Data Protection Officer, Caldicott Guardian, and Senior Information Risk Owner in their responsibilities related to personal data safeguarding.

Is there a requirement to engage with stakeholders?

Yes, collaboration with internal and external stakeholders is essential for managing risks and ensuring compliance across the Trust.

What type of training will I be responsible for delivering?

You will plan and deliver training on Data Protection and Freedom of Information topics tailored to the needs of Trust staff at all levels.

How is performance management handled for the Freedom of Information lead?

You will provide line management responsibilities, ensuring all aspects of performance, attendance, training, and appraisal are addressed in accordance with Trust policy.

Will I be involved in audits related to data protection?

Yes, you will be responsible for conducting internal audits to assure compliance with data protection standards and policies.

What is the work environment like at the Trust?

The role offers a positive and collaborative working environment with a mix of on-site and remote work arrangements in a dynamic Governance Team.

Are there opportunities for advancement in this role?

Yes, this senior role allows for influence and input into strategic direction, potentially leading to further career advancement within the Trust.

What kind of projects will I be involved in?

You will participate in a range of projects across the Trust, focusing on data risks, compliance, and implementing governance best practices.

Do I need experience in handling Freedom of Information requests?

Experience in managing Freedom of Information requests and providing strategic advice on complex requests is desirable but not explicitly stated as mandatory.

image

The Christie NHS Foundation Trust

The Christie NHS Foundation Trust is one of Europe’s leading cancer centres, treating more than 44,000 patients a year.

Science & Healthcare
Industry
1001-5000
Employees
1932
Founded Year

Mission & Purpose

The Christie NHS Foundation Trust, based in Manchester, specializes in cancer care and provides a range of services including treatment, research, and support for cancer patients. Their mission is to deliver world-class, patient-centered care and to lead in cancer research and innovation. The Trust aims to improve cancer outcomes and quality of life through cutting-edge treatments, comprehensive care, and a commitment to advancing cancer research.