IG Privacy and Risk Manager

Job summary

The key objective of this role is to provide data security assurance by undertaking Data Protection Impact Assessment and assurance for existing and upcoming service, application, system developments across the Trust and in key partnerships. The post holder will be responsible for the Trust's compliance with privacy and data protection principles and champion patient and public privacy across the organisation with an enabling and supportive approach.

The post holder will be an enthusiastic data privacy and risk practitioner, self-motivated, innovative professional with good understanding of patient confidentiality, privacy, data security, social media and digital health applications in health and social care services with a satisfactory track record of monitoring compliance with the Data Protection and health and social care information governance standards.

Career Progression

We are committed to get the very best out of our staff and support staff in their career aspirations. We have career pathways available, where you will be able to develop your skills and build on your experience to progress into other roles across different specialties. In addition, we offer ongoing training and development in conjunction with the BCS membership.

Main duties of the job

  • Lead a privacy by design approach by assessing and managing privacy design, impact and outcome of existing and upcoming service, application, system developments across the Trust and in key partnerships.

  • Develop, implement and monitor data processing agreements, data sharing agreements; data transfer agreements and non-disclosure agreements.

  • Manage the Information Security Committee to include management of action plan

  • Co-ordinate, negotiate and influence design of existing and upcoming service, applications, system developments across the Trust and in key partnerships to enhance privacy

  • Develop, design, co-ordinate dissemination of privacy notices that are clear, concise and in line with Data Protection Principles

  • Manage Data Protection impact assessments ensuring delivery of the agreed actions through liaison with the stakeholders in order to provide the Trust via the Head of Information Governance and the CDIO adequate privacy assurance.

  • Undertaking assurance and compliance work to support GDE projects.

  • Support the Head of IG in collaborative work with the SLP and the STPs

  • Ensure monitoring and review of IG Policies

Flexible working

As one of the few Trusts in London we are proud to offer flexible working as part of our new ways of working, and we are happy to talk flexible working at the interview stage. In this role you will be able to work Monday to Friday in the time frames from 8am to 6pm, giving you the very best of good work life balance.

About us

About the team:

We are looking to recruit a dynamic, efficient and reliable person to our Information Governance team into the role of Privacy and Risk Manager - Band 7 to implement and actively monitor the Trust's compliance with privacy and data protection principles and champion patient and public privacy across the organisation with an enabling and supportive approach.

Information governance (IG) provides a framework to bring together all the legal rules, guidance and best practice that apply to the handling and security of information.

IG is about setting a high standard for the handling of information through a robust IT security assurance and complyingwith the law and national standards.

We ensure a high standard of information handling across the Trust, covering information security,data protection,freedom of information and privacy.

About the location:

Our Trust headquarters is located at Denmark Hill less than 5 minutes from the train station (zone 2). We also provide services and operate across other locations, such as London boroughs of Croydon, Lambeth, Lewisham and Southwark; and substance misuse services for residents of Bexley, Lambeth, Greenwich and Wandsworth.

Job description

Job responsibilities

  • Lead a privacy by design approach by assessing and managing privacy design, impact and outcome of existing and upcoming service, application, system developments across the Trust and in key partnerships.
  • Develop, implement and monitor data processing agreements, data sharing agreements; data transfer agreements and non-disclosure agreements.
  • Manage the Information Security Committee to include management of action plan
  • Co-ordinate, negotiate and influence design of existing and upcoming service, applications, system developments across the Trust and in key partnerships to enhance privacy
  • Develop, design, co-ordinate dissemination of privacy notices that are clear, concise and in line with Data Protection Principles
  • Manage Data Protection impact assessments ensuring delivery of the agreed actions through liaison with the stakeholders in order to provide the Trust via the Head of Information Governance and the CDIO adequate privacy assurance.
  • Undertaking assurance and compliance work to support GDE projects.
  • Support the Head of IG in collaborative work with the SLP and the STPs
  • Ensure monitoring and review of IG Policies
  • Manage Incident process, including monitoring Datix, giving advice and escalating serious incidents to the IG Operations Lead
  • Support the Head of Information Governance and the IG Operations Lead in the development, delivery and management of the Trusts IG function with a vision to empower service users, support clinicians, enable research, improve productivity and support organisational performance.
  • Support the Head of Information Governance, the Caldicott Guardian and the Chief Digital Information Officer/SIRO for the successful delivery of the Information Governance Action Plan
  • Provide a deputy function to cover the responsibilities of the Information Governance Privacy and Risk and IG Operations Leads and when required.
  • The Trust encourages and welcomes applications from people with lived experience of mental health challenges. We see this as valuable and recognise the positive impact this experience can have on the work we do.

Person Specification

Qualifications

Essential
  • Educated to Degree level or equivalent experience, plus additional specialist knowledge
  • Evidence of professional/managerial development
Desirable
  • Prince 2, Agile or other Project Management methodologies

Skills and Knowledge

Essential
  • Relevant experience in ad hoc data queries / reports to meet the business needs of the organisation including clinical data quality, performance management and reporting issues
  • The facilitation of a customer focussed culture within a team
  • Knowledge of national data sets and their application
  • Excellent written, verbal, and other media communications /Presentation skills
  • A logical and sensible approach to problem solving
  • Have the ability to organise and prioritise their workload, and be able to work under pressure
  • Negotiation, influencing and persuading skills
  • Ability to express complex issues, both orally and in writing in an easily understood manner for a range of audiences
  • Pro-active and self-motivated in completing work to a high standard in conjunction with other staff
  • Excellent team skills and ability to work with members of own and other teams and departments at all levels of the organisation.
  • Specialist knowledge and clear understanding and experience of working in accordance with information governance standards operating to high ethical and quality standards at all times
  • Thorough knowledge and understanding of the Data Protection Act (2018) and the Freedom of Information Act (2000)
  • Good knowledge and understanding of Information Security and risk
  • Knowledge and good understanding of the Information Governance Toolkit
  • Experience of undertaking standards, procedures and policies reviews.
  • Experience of full range of Microsoft packages
  • Excellent numeracy skills including the ability to undertake statistical analysis and to interpret data
  • Thorough knowledge and experience of privacy by design
Desirable
  • Knowledge of mental health services
  • Use of ITIL in a work environment
  • Ability to gain commitment from Digital Services to becoming active participants in internal reviews
  • To analyse and apply user information to Digital Services problem solving
  • Relevant expertise in latest digital tech with a can-do and digital-first attitude

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website.

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants.

Employer details

Employer name

South London and Maudsley NHS Foundation Trust

Address

Maudsley

London

SE5 8AZ

Employer's website

https://www.slam.nhs.uk/



Apply Now
Apply Now

Job Details

Company
South London and Maudsley NHS Foundation Trust
Location
London, SE5 8AZ, United Kingdom
Salary
£56276.00 to £63176.00
Posted