Information Governance Officer
Job Title: Information Governance Officer
Line Management Responsibility: None
Job Purpose
To support the Council in ensuring that all information systems and services comply with current data protection legislation and statutory requirements, including the Freedom of Information Act (FOIA) and Subject Access Requests (SARs).
The role will act as Deputy Data Protection Officer (DPO) and Deputy point of contact for the Information Commissioner’s Office (ICO), providing expert advice and assurance on information governance, data protection, and compliance matters.
The postholder will model the Council’s values and behaviours, working collaboratively across services, partners, and stakeholders to deliver continuous improvement aligned with corporate objectives.
Key Responsibilities
1. Data Protection & Information Governance
Act as Deputy Data Protection Officer (DPO) and Deputy point of contact for the ICO.
Support the development, review, and implementation of data protection policies, standards, and procedures to ensure compliance with legislation.
Provide expert advice on data protection, FOI, and related information governance matters.
Support the council in meeting its statutory obligations under the Freedom of Information Act and other relevant legislation.
Manage and report on the Council’s data breach register.
Participate in risk management processes to mitigate compliance risks.
Escalate non-compliance risks appropriately to senior governance officers (DPO, SIRO, Caldicott Guardian, Monitoring Officer, S151 Officer, Chief Executive).
2. Requests & Compliance Management
Track and monitor compliance with Subject Access Requests (SARs), FOI requests, and related statutory returns within required timeframes.
Provide reporting and assurance to senior management and Members regarding compliance levels.
Support teams in producing timely and accurate statutory responses.
3. Risk & Assurance
Conduct risk assessments of internal and external systems and third-party working practices.
Support and advise on Data Protection Impact Assessments (DPIAs), data sharing agreements, and contractual data protection clauses.
Identify, document, and communicate risks and dependencies within formal governance structures.
4. Strategy & Continuous Improvement
Support implementation of the Council’s strategy for continuous service improvement in information management.
Identify opportunities to enhance information governance processes and embed sustainable improvements.
Contribute to service improvement plans with a focus on value for money.
5. Corporate & Partnership Working
Work collaboratively across departments and with external partners to strengthen service delivery and governance practices.
Support business change initiatives led by ICT & Digital Services.
Build effective relationships with internal and external stakeholders to promote compliance and best practice.
6. Compliance & Governance
Ensure adherence to the Council’s constitution, standing orders, financial regulations, safeguarding, and health & safety responsibilities.
Uphold and promote equality and diversity in all aspects of service delivery and workforce engagement.
Person Specification
Qualifications
Essential:
Degree or NVQ Level 6 qualification (or equivalent experience).
Desirable:
Data Protection qualification (e.g., BCS Practitioner in Data Protection, CIPP/E).
Management of Risk (MoR) Practitioner certification.
Experience
Essential:
Minimum 5 years’ experience in data protection and/or information governance.
Strong stakeholder management skills with the ability to influence senior leaders.
Experience managing and mitigating compliance risks within formal governance frameworks.
Ability to manage planned work alongside urgent statutory demands.
Experience working across multi-disciplinary teams and building effective working relationships.
Desirable:
Experience within local government or a public authority environment.
Skills & Knowledge
In-depth knowledge of data protection legislation and Freedom of Information requirements.
Skilled in negotiating outcomes that protect organisational interests while maintaining service efficiency.
Excellent written and verbal communication skills, including presentation and reporting.
Understanding of health and safety legislation and workplace good practice.
Commitment to equality, diversity, and inclusion principles.
Membership of relevant professional bodies (e.g., BCS) desirable.
Financial Responsibility
No direct budget management responsibility.