Data Security and Protection Advisor

Job description

Job responsibilities

The primary role of the Data Security and Protection Advisor is to support the DSP Team Leader with the overall delivery of the Data, Security & Protection (DQSP) strategy and work programme, ensuring that the Group is compliant with all legislation and codes of conduct relevant to Information Governance and Data Security and Protection, including the UK General Data Protection Regulation and the Data Protection Act 2018.

The post holder will:Provide advice and guidance and act as the first point of contact for responding to and dealing with routine Data Security and Protection (DSP) related enquiries.

Work with the DSP Team Leader supporting a programme of work to ensure that the Group achieves the standards mandated within the Data Security and ProtectionToolkit (DSP Toolkit),and assist in the recognition and mitigation of any areas of risk.

Work with the DSP Team Leader to ensure the Group is compliant with the UK GDPR and Data Protection Act 2018 and assist in the recognition, reporting and mitigation of any areas of risk.

Raise awareness and understanding of Data, Security & Protection issues and why they are important to all staff groups in the Group.

Deliver Data Security and Protection training via various methods including classroom based, small groups and virtually via MS Teams.

Manage Data Security and Protection breaches and incidents via the Trusts Incident Management system Datix.

Support the DSP Manager and DSP Team Leader with the management of externally reportable incidents and serious incidents.

Maintain each Trusts Information Asset Register.

Maintain the Information Sharing Gateway to ensure it is up to date, and accurately records Information Sharing Agreements, Group Assets, Data Protection ImpactAssessments and third parties assurance

Person Specification

Educations, Training and Qualifications

• Educated to degree level or equivalent level of education, training or experience
• Professional relevant qualification, for example GPDR Foundation
• Evidence of continuous professional development

• Additional professional relevant qualification, for example, GDPR Practitioner
• Formal Data Protection Act Training
• Relevant professional qualification in training development/ training delivery

Knowledge and Experience

• Specialist knowledge of the Data Security and Protection Toolkit and its application.
• Demonstrable understanding of data security and protection.
• Working knowledge of Data Protection Act 2018, UK GDPR,
• Evidence of up to date knowledge of data security and protection guidelines and legislation relevant to the NHS
• Knowledge of the information governance roles within the Trust (e.g. Senior Information Risk Owner, Caldicott Guardian and Information Asset Owner).
• Experience in identifying and investigating data security and protection issues and incidents.
• Experience in developing and delivering training sessions
• Experience of conducting training needs analysis.
• Experience of documenting and implementing Information Sharing Agreements.
• Experience of supporting the completion of Data Protection Impact Assessments and identifying information risks.
• Experience in reviewing and updating Policies and Procedures
• Experience of working with the DSP Toolkit in an acute NHS setting.
• Experience in working with Patient Administration Systems, e.g. CAMIS, Careflow
• Analytical and judgement skills for problem solving.
• Experience developing and delivering communication campaigns.
• Experience of writing and presenting complex reports and presentations.
• Previous experience of the Information Sharing Gateway

• Working knowledge of Freedom of Information Act 2000 and Records Management.
• Experience of working in the NHS

Skills

• Excellent written and verbal communication skills.
• Able to maintain confidentiality at all times.
• Developed attention to detail and accuracy
• Excellent IT skills, including experience of Microsoft Word, Excel, PowerPoint, Outlook and Visio
• Organisational skills and the ability to work methodically and prioritise.
• Ability to deliver clear and effective training to staff at all levels and of all abilities
• Ability to cope under pressure and meet strict deadlines e.g. FOI responses, Incident response times.
• Ability to help build effective working relationships at all levels, both within NGH and externally.
• Ability to communicate appropriately and effectively with all levels of staff
• Ability to take accurate meeting notes including action and decision logs.

• Able to learn and utilise new systems quickly and effectively
• Advanced Excel skills, including data presentation.
• Data analysis skills
• Negotiation skills.
• Ability to interpret and judge conflicting views.

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website.

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants.

Employer details

Employer name

Northampton General Hospital

Address

Kettering General Hospital

Rothwell Road

Kettering

NN16 8UZ

https://www.northamptongeneral.nhs.uk/Home.aspx