Data Protection Advisor
| Posting date: | 24 June 2024 |
|---|---|
| Salary: | £37,670 to £49,571 per year |
| Additional salary information: | London £41,055 - £49,571, National £37,670 - £45,217 + benefits. |
| Hours: | Full time |
| Closing date: | 04 July 2024 |
| Location: | SW1A 2BQ |
| Company: | Government Recruitment Service |
| Job type: | Permanent |
| Job reference: | 358774/2 |
Summary
The role is based within the Technology, Assurance, Cyber Security & Assurance Team (TACT) that forms part of wider corporate services included in the Digital, Data and Technology (DDaT) directorate. TACT is managed by DCMS’s Chief Technology Officer who is responsible for the following functions: Technology Services (IT Operations), Architecture & DevOps, Cyber Security and the Operational Data Protection Team (ODPT).
These are exciting times at DCMS. As part of the small ODPT, the successful applicant will play a key role in supporting the Data Protection Manager in delivering our core function of promoting compliance with the Data Protection Act (DPA) 2018, the UK General Data Protection Regulation (GDPR) and Privacy and Electronic Communications Regulations (PECR) 2003 across policies, projects, processes and services involving personal data.
ODPT works closely with the DCMS Data Protection Officer to help ensure good data governance.
Further information about the role can be found in the candidate pack attached below
This role will have exposure to all functions and directorates within DCMS. You will be working with departments, enabling internal implementation of departmental policies and shaping future strategy and innovation, helping business groups across DCMS to manage and use personal data in a manner compatible with the law. You will be the first point of contact for data protection related enquiries and will develop strong working relationships with key stakeholders. You will do this through the provision of bespoke advice, guidance and training in an economically heavyweight, data-driven, inclusive and delivery-focused department.
Responsibilities of the role include:
- Successfully handling information rights requests (including SARs) within legal deadlines, collaborating with stakeholders as appropriate to achieve this
- Advising the department on handling personal data by:
○ Attending regular team & project meetings to advise on data protection and privacy by design considerations including conducting data protection impact assessments
○ Advising on data mapping, data sharing and processing activities & agreements, wording of privacy notices, consents, surveys, etc.
○ Working closely with IT, Knowledge and Information Management and Cyber Security colleagues to implement best practice in personal data management and handling
○ Responding to routine operational data protection enquiries
- Supporting the Data Protection Manager in the:
○ maintenance and publication of the Personal Information Charter
○ keeping data protection guidance, self-help tools and evidence hubs up to date
○ delivery of data protection training & awareness across the organisation
○ production of monthly and annual reporting, and keeping and maintaining record of dataprotection compliance activities
- Maintaining and completing casework, DPIA, & subject access logs, web compliance (cookies), etc.
- Providing the Information Asset Owners with support with their responsibilities in the maintenance of RoPAs
- Supporting the Data Protection Officer with internal compliance audits
- Undertaking any other duties as may reasonably be required of you in the post