Data Protection Officer (Infected Blood Compensation Authority)
Dyddiad hysbysebu: | 31 Gorffennaf 2025 |
---|---|
Cyflog: | £55,403 i £61,939 bob blwyddyn |
Gwybodaeth ychwanegol am y cyflog: | Important information about pay - it is expected that from 1 October 2025 the pay for this role will be £58,655. In addition once the role holder has completed their probationary period (usually 6 months) they will become eligible to receive a pay premium |
Oriau: | Llawn Amser |
Dyddiad cau: | 13 Awst 2025 |
Lleoliad: | Newcastle-upon-Tyne |
Cwmni: | Government Recruitment Service |
Math o swydd: | Parhaol |
Cyfeirnod swydd: | 419846/2 |
Crynodeb
Opportunities to move to the new Infected Blood Compensation Authority (IBCA)
At the moment all IBCA roles are hosted by Cabinet Office within the Civil Service. However, once IBCA becomes operational, it is anticipated that most of these roles will transfer to IBCA, which is a new Arms Length Body (ALB) separate from the Cabinet Office. Roles that transfer to IBCA from Cabinet Office will maintain the same or substantially the same terms and conditions of employment that are overall no less favourable. It is anticipated that employees who move from Cabinet Office to IBCA will be able to continue to participate in the Civil Service Pension arrangements with no break in their pensionable service. Roles commencing after IBCA has become operational will be with IBCA itself on similar terms and conditions. All successful candidates will receive full details of the terms and conditions of employment for their role with their formal job offer.
Please note that the mission of IBCA means that it is likely to be operational for a period of approximately 5 to 7 years. When IBCA’s work begins to wind down, IBCA employees will receive support and practical guidance to find a new role, whether in the Civil Service, another Arms Length Body (ALB), or an external employer.
The Data Protection Officer will report to the Head of Data Governance, and will sit alongside the other Data Governance workstreams, which are:
- Knowledge and Information Management
- Information Rights and Disclosure
- Data Acquisition and Quality.
The post-holder will serve as the Authority’s statutory DPO.
The role will be dynamic and fast paced, so that IBCA is able to deliver a service that is underpinned by quality, trustworthy data.
The role includes line management responsibility for one member of staff, who in turn will support the DPO with their duties.
Main Responsibilities
The successful candidate will:
- Engage with operational teams and external stakeholders to deliver a data protection framework across the organisation and support its compliance with relevant legislation.
- Continue to develop IBCA’s data protection strategy and policy.
- Lead on the assurance of Data Protection Impact Assessments when new or alternative processing is proposed. Influence the development of systems and processes to adopt a privacy by design and default approach across the organisation to meet compliance with the strategic and organisational objectives.
- Ensure compliance with the UK GDPR and other data protection laws, developing our data protection policies, processes and procedures, including managing internal data protection activities and conducting compliance reviews.
- Deliver statutory data protection requirements, including providing advice and assistance on data security incidents to support decision making decisions on breaches and whether to report them to the Information Commissioner’s Office (ICO).
- Advise on the lawfulness of using IBCA’s statutory powers.
- Provide assurance of compliance re: IBCA’s policies, processes and digital tools.
- Determine lawful bases for processing and controllership.
- Safeguard and champion privacy issues insofar as IBCA’s use of personal data.
- Create and support with data protection products and procedures.
- Manage IBCAs data protection functions, including producing and maintaining clear, accessible, user-friendly procedures, processes, forms and guidance.
- Develop and deliver data protection training programmes.
- Any other relevant data protection issues the Authority may be required to address.
The post holder will work closely with the other Data Governance leads, particularly Knowledge and Information Management, to embed consistent, compliant information governance controls across the organisation, covering for example information asset ownership and retention.
Aelod balch o'r cynllun cyflogwyr Hyderus o ran Anabledd