Information Governance Officer

Job summary

Bolton NHS Foundation Trust is seeking a proactive and knowledgeable Information Governance Officer to join our Information Governance team. In this pivotal role, you will support Trust-wide compliance with the Data Protection Act 2018, UKGDPR, and Freedom of Information Act 2000, ensuring the highest standards of information governance and data security.You will provide expert advice, develop and deliver training, support audits, and contribute to the ongoing improvement of information governance processes. The role involves working collaboratively with colleagues across the Trust, managing data subject access requests, supporting the Data Protection and Security Toolkit, and helping to maintain and develop our intranet and internet resources.We are looking for candidates with experience in information governance, excellent communication and IT skills, and a strong understanding of relevant legislation. If you are passionate about data protection, have a keen eye for detail, and enjoy working in a dynamic healthcare environment

Main duties of the job

  • Provide expert advice and guidance on Information Governance, Data Protection, and confidentiality across the organisation.
  • Support the development, implementation, and monitoring of policies and procedures to ensure compliance with UK GDPR, Data Protection Act 2018, and NHS standards.
  • Conduct Data Protection Impact Assessments (DPIAs) and advise on mitigating risks associated with new systems, projects, and processes.
  • Respond to Freedom of Information (FOI) requests and Subject Access Requests (SARs) in line with statutory requirements.
  • Deliver training and awareness sessions to staff on Information Governance and data protection best practices.
  • Investigate and manage data breaches, ensuring appropriate reporting and remedial actions.
  • Work collaboratively with internal teams and external partners to ensure robust data sharing agreements and secure handling of information.
  • Maintain accurate records and produce reports for the Data Protection Officer (DPO) and Information Governance Committee.

About us

Bolton NHS Foundation Trust is one of the North West's busiest healthcare providers, delivering high-quality care at Royal Bolton Hospital and across 20+ community sites. Serving around 320,000 people in Bolton and Greater Manchester, the Trust employs over 6,000 staff and is rated'Good' by the Care Quality Commission. Our services include emergency care, maternity, surgical specialties, and community health, all underpinned by our values: Vision, Openness, Integrity, Compassion, and Excellence.

Joining the Information Governance (IG) Team means playing a crucial role in safeguarding patient information and ensuring compliance with key legislation such as the Data Protection Act 2018 and Freedom of Information Act 2000. You'll work collaboratively across departments to maintain confidentiality, protect information assets, and champion best practice in Information governance--helping the Trust uphold its reputation for excellence and integrity.

What We Offer

  • Professional Development - Training opportunities and ongoing learning.
  • Supportive Culture - Collaborative team environment.
  • Impactful Work - Help safeguard sensitive information and uphold patient trust across the organisation.
  • Variety & Challenge - Policy development, audits, data flow management, and supporting technical projects.
  • Commitment to Equality & Wellbeing - Thrive in an inclusive, respectful workplace that champions diversity and prioritises your health, and overall wellbeing.

Job description

Job responsibilities

Planning and organisational task / duties

  • To support Trust wide staff in the development of action plans in liaison with Information Governance stakeholders to support achievement of Information Governance standards.
  • To provide support to ensure that the organisation complies with the Data Protection Act 2018 and the Freedom of Information Act 2000.
  • Planning Supervision, line management and development of junior staff as required using trust Policy and training and development opportunities.
  • To be as source of expertise on matters relating to Information Governance.
  • To be involved in ad hoc clinical informatics projects.
  • To be involved in Trust wide development of internet and intranet and disseminate training to staff.
  • To develop e-learning modules for Information Governance and IT security.
  • To manage, co-ordinate, plan and actively participate in Information Governance meetings and associated project meetings relating to Clinical Informatics.

Provide reports to the relevant Trust Committees such as Information Governance and IT Committees.

Provide evidence and provide input into Trust annual reports and annual DoH / CQC returns.

  • Support the Head of Information Governance with the Data Protection and Security Toolkit.
  • Workload planning for self and others (including but not exhaustive of) the Registration Authority Agent and freedom of information requests.
  • To contribute to Information Governance strategy, plans and achievements in order to support the IM&T Business Plans and Trusts Informatics Strategy.
  • Assist in the development, implementation and monitoring of technical information security projects, including the encryption programme.
  • To develop and maintain improvement plans for the various areas of Information Governance..

Patient / service user related tasks / duties

To ensure that information contained on the Information Governance website and intranet page is accurate, of high quality and up to date.

Help with promotion, training and development of Trust website.

To help produce information publications, e.g. leaflets / posters, for public relating to information governance.

Undertake patient and staff awareness surveys.

To monitor, audit and report regarding the security and use of personal data across the Trust in line with information governance principles, providing advice and guidance to all staff groups on the development of good practice.

Development of policies / procedures relating to Information Governance standards.

  • To assist in collating and compiling the evidence for the annual Data Protection and Security Toolkit return and action plans for year on year service improvement.
  • Liaise with internal colleagues on regular basis using a variety of media.
  • Develop and maintain links with external organisations, including local health and social care partners, local and regional interest groups and national contacts.

Produce progress monitoring reports that reflect Information Governance work programme and other clinical informatics projects.

  • To demonstrate exemplary behaviour as regards data protection and act as Trust wide consultant for advice and guidance.
  • To development an audit function to check local compliance against declared standards prior to formal inspection.
  • To undertake & analyse audits on the use of Trust systems as required.
  • Support the department in completing the Data Protection Impact Assessments (DPIAs) and the Capital, Revenue and Investment Group (CRIG) processes.
Responsibilities for physical and / or financial resources

  • Responsible for appropriate use of the office equipment and software, including administration/maintenance of specialised software required for the role.
  • To advise on security measures to reduce the risk of confidential information being subject to loss/theft or damage, across the Trust, in order to reduce the risk of business disruption and financial penalties.
  • Participate in the management of financial resource allocations within the department and budget settings for future planning.
  • Generate ideas for cost improvement schemes.

Responsibilities for information resources

  • To assist in the development of information governance reporting systems within the Trust for example Freedom of Information requests reporting, Access Requests Reporting, providing information within strict legal timeframes.
  • Manage the full lifecycle of complex Data Subject Access Requests (DSARs), including verifying requestor identity and assessing the scope of each request. Retrieve, review, and redact personal data as necessary, ensuring compliance with legal requirements. Provide timely responses, maintain detailed records, and handle any follow-up queries or appeals
  • Undertake data analysis of raw data such as audit data, producing draft and final outcome reports for relevant Trust Committees.

To develop systems of recording data such as database and spreadsheet development.

To manage and co-ordinate the system of continuous monitoring and feedback on action points arising from IG Committee meetings and project meetings.

Lead the mapping, maintenance, and comprehensive risk assessment of all organisational information, with a particular focus on Personally Identifiable Information data flows, ensuring a proactive and strategic approach to managing data risks at both the organisational and departmental levels.

Oversee the management of Data Flow recording systems, continuously assessing and optimising their effectiveness to ensure compliance, security, and operational excellence across the Trust.

Promote the role of Information Asset Owner, ensuring regular communication between information asset administrator, information asset Owner and SIRO.

  • To analyse queries or concerns received from staff and public and assess the appropriate options/solutions.

Research & audit

Develop reports for clinical and senior management staff.

Co-ordinate activities regarding the establishment of Information Sharing Agreements with NHS and non- NHS external agencies.

Research and audit areas of good practice in other Trusts to disseminate internally and make recommendations.

To administer ad-hoc audits relating to other areas such as Information security, Records Management.

Responsibilities for human resources and leadership
  • To be responsible for the day-to-day management and development of Information Governance support staff within the department.
  • To support staff at all levels across the Trust in developing and promoting an Information Governance culture.

To monitor compliance of all Trust Staff with regards to national and local policies, guidance and legislation.

Teaching

  • To develop core training materials for use in staff induction, mandatory and e-learning training and ongoing education in respect of Information Governance issues and legislation.
  • To provide training, guidance and advice to staff on the development of appropriate policies / procedures and internal audit arrangements that will achieve adherence to the Information Governance standards. This can be either one-to one sessions, groups and / or presentations.
  • To create awareness and ongoing development of education scheme to promote Information Governance.

To produce content regarding Information Governance for the e-learning teaching module.

Communications
  • Communicate policy and changes to working practices to staff of all levels, including matters of a technical nature, to non-technical staff.
  • Promote an open and transparent culture across the Trust and be prepared to do so in a challenging environment.
  • Communicate sensitive data to staff and public, including information relating to incidents where some or all of this information may need to be redacted.
  • Communicate highly complex information, with several important aspects, to other staff members relating to legislation and exemptions, where these may not be easily accepted or easily established/understood, extensive consideration may therefore be necessary before a decision can be made.
  • Taking responsibility, in part, to ensure the Information Governance Committees fully informed and updated on the relevant issues.
  • Train staff in various subject areas including Data Protection, Freedom of Information, Information Security and other relevant legislation.
  • Take responsibility to ensure that the Information Governance Intranet sites content is maintained and with up to date and information.
  • To establish effective systems and processes to monitor compliance with relevant standards, legislation and guidance, across the Trust.
  • To ensure that accurate audit trails in all areas are maintained and that Trust staff are aware of this requirement.
  • Ensure compliance with the NHS Records retention guidelines.

Physical Skills and Effort

Required to use a personal computer and associated peripherals for a significant part of the working day.

Work tasks frequently require concentration for long periods whilst carrying out statistical analysis and calculations in order to meet deadlines.

Performs the majority of tasks within an office environment.

Attends meetings, sometimes off-site, providing input and obtaining user requirements.

Performing complex and detailed work requiring high concentration whilst using systems analysis.

Person Specification

Essential

Essential
  • GCSEs C or above incl English Language OR relevant knowledge and experience within an informatics/Information Governance environment
  • Experience of working in an Information Governance Role
Desirable
  • Educated to A-level/degree standard
  • Information Governance qualification

Essential

Essential
  • GCSEs C or above incl English Language OR relevant knowledge and experience within an informatics/Information Governance environment
  • Experience of working in an Information Governance Role
  • Experience of delivering training and presenting to large groups of people
  • Excellent IT skills, including Microsoft Word, Excel, Outlook and PowerPoint
  • Excellent verbal and written skills (with the ability to train and deliver presentations, and the ability to write clear, concise reports)
  • Good organisation skills, with the ability to work under pressure and to deadlines
  • Good working knowledge of the Data Protection Act 2018 and UKGDPR
  • Knowledge of the Data Protection and Security Toolkit
  • NHS Code of Confidentiality, EIR and other related IG legislation and standards
  • NHS Code of Confidentiality, EIR and other related IG legislation and standards
  • Specialist Knowledge of Caldicott principles, patient confidentiality, information security, records management, information sharing, CQC process and dealing with ICO
  • There is an occasional requirement to travel across the wide footprint of the Trust to attend meetings and events relevant to the role.
  • Flexibility in hours to meet the needs of the service
Desirable
  • Educated to A-level/degree standard
  • Information Governance qualification
  • Experience of supporting the delivery of the Data Protection and Security Toolkit
  • Experience of Data Flow mapping
  • Experience of working within the NHS or similar organisation or environment
  • Ability to use intranet to store, monitor, retrieve and carry out document control on behalf of team members.

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website.

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants.

Employer details

Employer name

Bolton NHS Foundation Trust

Address

Royal Bolton Hospital

Minerva Road

Farnworth, Bolton

BL4 0JR


Employer's website

http://www.boltonft.nhs.uk/

Apply Now
Apply Now

Job Details

Company
Bolton NHS Foundation Trust
Location
Farnworth, Bolton, BL4 0JR, United Kingdom
Salary
£31049.00 to £37796.00
Posted