Information Governance Officer
| Dyddiad hysbysebu: | 22 May 2024 |
|---|---|
| Cyflog: | £30,000 to £40,000 per year |
| Oriau: | Full time |
| Dyddiad cau: | 21 June 2024 |
| Lleoliad: | 10 Nottingham Road, Derby |
| Gweithio o bell: | Hybrid - gweithio o bell hyd at 2 ddiwrnod yr wythnos |
| Cwmni: | Totally |
| Math o swydd: | Permanent |
| Cyfeirnod swydd: | Req #158 |
Crynodeb
About the Role
We are looking for a highly motivated individual to join our Corporate Assurance Team.
The role includes working with the Director of Corporate Assurance & DPO and colleagues to ensure the business is compliant with the current & future legislative requirements of data protection (GDPR) and Digital Information Bill [2024]. It includes the investigation of information governance related incidents and complaints, providing reports and recommendations to service managers within the business. The successful candidate will also work within the Corporate Assurance Team providing organisational wide advice and guidance on matters related to subject access requests, confidentiality, information sharing, information rights, data protection policies and information security.
The post holder will have the opportunity of a mix of working remotely (from home) and from our Derby head office (minimum 3 days expected).
The role requires individuals who have the ability to multi task and provide an efficient service under pressure whilst ensuring regulatory and statutory obligations in relation to current data protection legislation and information security are met.
Your Day to Day:
Previous relevant experience and knowledge of leading information governance and security system, policies and process.
Good knowledge and understanding of GDPR, Data Protection Act, Caldicott/SIRO, confidentiality including forthcoming legislative requirements.
Knowledge and understanding of data subjects' rights in regarding to the processing of their information (SARs), particularly requests for information and completion of data protection impact assessments/data sharing agreements.
Knowledge and understanding of current associated national Legislation (e.g., Freedom of Information, Human Rights Act, Environmental Information Regulation, Privacy and Electronic Communications Regulations) and ISO 27001.
Knowledge of information governance requirements such as the Data Security and Protection Toolkit submission.
Awareness of the privacy by design agenda and requirements for data protection impact assessments.
Ability to multi task efficiently and effectively. Effective interpersonal skills at all levels. Computer literate - general knowledge base and keyboard skills.
Information Security
To assist, maintain and support continuous development & compliance of the information security ISO 27001: 2022 management programme, partnership working with our internal and external audit to manager the audit plan and assessments.
To assist with the ISO 27001 information security documentation process to make progress auditable and ensure the management of change, continual improvement, learning, awareness & training and risk assessment is completed in a timely manner for external assessment reviews.
Qualification, Experience & Training
Essential
Good experience, skill, knowledge and understanding of current Data Protection Act 2018, General Data Protection Regulation & Digital Information Bill [2024], Caldicott/SIRO, confidentiality including any forthcoming new legislative requirements
Knowledge of information governance requirements such as the Data Security and Protection Toolkit, NHS requirements
Good knowledge of information assurance requirements i.e., SARS, Datix, ISO 27001
Experience in a similar role
Knowledge and understanding of current associated national Legislation (e.g., Freedom of Information, Human Rights Act, Environmental Information Regulation, Privacy and Electronic Communications Regulations)
Awareness of the privacy by design agenda and requirements for data protection impact assessments and managing subject access requests
Good knowledge and understanding of GDPR, Data Protection Act 2018, Caldicott, confidentiality including forthcoming legislative requirements
Desirable
Information Governance/Data Protection Qualification
Knowledge of ISO 27001: 2022 process
Knowledge of relevant statutory and regulatory requirements of the role
Implementing ISO 27001 accreditation and certification
Reward & Benefits
28 days annual leave (plus 3 buy back days)
Salary £30,000 to £40,000 per annum depending on experience
My Totally Rewards (online discount portal),
6% Employer Pension contribution,
Share save scheme,
Opportunities for career development,
Employee assistance program,
Virtual GP Services – 24/7 GP Appointments,
WeCare Wellbeing
We are looking for a highly motivated individual to join our Corporate Assurance Team.
The role includes working with the Director of Corporate Assurance & DPO and colleagues to ensure the business is compliant with the current & future legislative requirements of data protection (GDPR) and Digital Information Bill [2024]. It includes the investigation of information governance related incidents and complaints, providing reports and recommendations to service managers within the business. The successful candidate will also work within the Corporate Assurance Team providing organisational wide advice and guidance on matters related to subject access requests, confidentiality, information sharing, information rights, data protection policies and information security.
The post holder will have the opportunity of a mix of working remotely (from home) and from our Derby head office (minimum 3 days expected).
The role requires individuals who have the ability to multi task and provide an efficient service under pressure whilst ensuring regulatory and statutory obligations in relation to current data protection legislation and information security are met.
Your Day to Day:
Previous relevant experience and knowledge of leading information governance and security system, policies and process.
Good knowledge and understanding of GDPR, Data Protection Act, Caldicott/SIRO, confidentiality including forthcoming legislative requirements.
Knowledge and understanding of data subjects' rights in regarding to the processing of their information (SARs), particularly requests for information and completion of data protection impact assessments/data sharing agreements.
Knowledge and understanding of current associated national Legislation (e.g., Freedom of Information, Human Rights Act, Environmental Information Regulation, Privacy and Electronic Communications Regulations) and ISO 27001.
Knowledge of information governance requirements such as the Data Security and Protection Toolkit submission.
Awareness of the privacy by design agenda and requirements for data protection impact assessments.
Ability to multi task efficiently and effectively. Effective interpersonal skills at all levels. Computer literate - general knowledge base and keyboard skills.
Information Security
To assist, maintain and support continuous development & compliance of the information security ISO 27001: 2022 management programme, partnership working with our internal and external audit to manager the audit plan and assessments.
To assist with the ISO 27001 information security documentation process to make progress auditable and ensure the management of change, continual improvement, learning, awareness & training and risk assessment is completed in a timely manner for external assessment reviews.
Qualification, Experience & Training
Essential
Good experience, skill, knowledge and understanding of current Data Protection Act 2018, General Data Protection Regulation & Digital Information Bill [2024], Caldicott/SIRO, confidentiality including any forthcoming new legislative requirements
Knowledge of information governance requirements such as the Data Security and Protection Toolkit, NHS requirements
Good knowledge of information assurance requirements i.e., SARS, Datix, ISO 27001
Experience in a similar role
Knowledge and understanding of current associated national Legislation (e.g., Freedom of Information, Human Rights Act, Environmental Information Regulation, Privacy and Electronic Communications Regulations)
Awareness of the privacy by design agenda and requirements for data protection impact assessments and managing subject access requests
Good knowledge and understanding of GDPR, Data Protection Act 2018, Caldicott, confidentiality including forthcoming legislative requirements
Desirable
Information Governance/Data Protection Qualification
Knowledge of ISO 27001: 2022 process
Knowledge of relevant statutory and regulatory requirements of the role
Implementing ISO 27001 accreditation and certification
Reward & Benefits
28 days annual leave (plus 3 buy back days)
Salary £30,000 to £40,000 per annum depending on experience
My Totally Rewards (online discount portal),
6% Employer Pension contribution,
Share save scheme,
Opportunities for career development,
Employee assistance program,
Virtual GP Services – 24/7 GP Appointments,
WeCare Wellbeing