Data Protection Officer
| Posting date: | 06 November 2025 |
|---|---|
| Salary: | £37,000.00 to £40,963.00 per year |
| Additional salary information: | £37000.00 - £40963.00 a year |
| Hours: | Full time |
| Closing date: | 25 November 2025 |
| Location: | Taunton, TA1 5HA |
| Company: | NHS Jobs |
| Job type: | Permanent |
| Job reference: | B0386-25-0032 |
Summary
Remain up to date with relevant legislation and maintain expert knowledge of UK GDPR, Data Protection Act and associated guidance, advising the Executive Team, Board, data controllers, data processors, staff and volunteers of their obligations Act as the main point of contact for internal and external stakeholders (including staff, volunteers, data subjects, regulators and third parties) on data protection issues Design, implement and evaluate internal control and assurance systems to monitor compliance with data protection legislation; plan and deliver compliance audits, assess risks and assign responsibilities to address areas of non or partial compliance Conduct or oversee investigations into data breaches and near-misses, ensure appropriate notification and reporting to the ICO, ensure actions and learning are implemented Embed a culture of data protection and information governance compliance; develop and deliver training, induction and education Draft, develop and review data protection policies, procedures, protocols and guidance to reflect current legislation and organisational need in consultation with key stakeholders Co-ordinate and process subject requests and requests under the Access to Health Records Act, ensure timely and lawful responses Ensure an effective system for completion and review of Data Protection Impact Assessments (DPIAs), provide expert advice where required and advise on high-risk processing Maintain accurate and comprehensive records of processing activities, prepare formal quarterly reports and annual returns Provide expert review of contracts, service level agreements and data sharing agreements to ensure data protection safeguards are included and implemented Chair the Data Protection Group, contribute to relevant governance and risk meetings and provide briefings to the Executive Team and Board Work collaboratively with teams to ensure an integrated approach to information governance and organisational assurance Contribute to the development and delivery of quality and risk management, provide team cover for governance related tasks, such as, incident reporting and general advice Horizon-scan for emerging risks, regulatory changes and new technologies which may impact data protection, assess implications and make recommendations