The Information Governance officer will be supporting the Trust's main IG activities in ensuring the Trust remains compliant with the Data Protection and information rights legal framework.
The IG Officer will work closely with the head of Information Governance/DPO to support all Trust staff, advising on information governance best practices, data privacy, data protection and other records and information governance issues.
Main duties of the job
The Information Governance Officer operationally supports the Information Governance Manager and Data Protection Officer to maintain and deliver information governance, its core work activities whilst meeting compliance deadlines including but not limited to:
1. NHSE Data Security and Protection Toolkit DSPT/ Cyber Assurance Framework
2. Data Protection
3. Data Protection Impact Assessment coordination and review
4. Information Security
5. UK GDPR
6. Common Law Duty of Confidentiality
7. Records Management
8. Information sharing and Data Processing
9. Record Of Processing Activity and Information Asset Register coordination and review
Working for our organisation
We are one of the largest hospital trusts in England, with five hospitals and community clinics serving a local population of around 800,000 people. Our vision is 'great healthcare from great people'. Everything we do is guided by our values: 'People feel cared for, safe, respected and confident that we are making a difference’. We have a new way of working at East Kent Hospitals, called 'We care'. It's about empowering frontline staff to lead improvements day-to-day. We're looking for compassionate people to be part of our improvement journey for the patients, families and carers we care for every day.
Detailed job description and main responsibilities
Individual rights requests
Processes straightforward subject access requests in accordance with GDPR requirements as applicable. Maintains compliance with appropriate timeframes, any allowed charges or refusals.
Caldicott Guardian/SIRO and DPO advice and support
Provides straightforward advice and support to the Caldicott Guardian and Senior Information Risk Owners. Provides support to the DPO as required.
Data security and protection toolkit (DSPT)/Cyber Assurance Framework (CAF)
Uses the Data Security & Protection Toolkit (DSPT) to provide assurance that information assets are secure and handling personal information correctly.
Advice and guidance
Provides straightforward information governance advice and guidance to colleagues and suppliers to ensure they effectively manage information.
Follows standard approaches for the timely review & assessment of Trust IG policies and data flows against latest national regulatory updates and Trust business objectives.
Assists in teaching, instruction and/or training of students/learners in order to develop knowledge, techniques and skills using appropriate methods, tools, online environments, equipment and materials.
Supports risk assessment following standard procedures. Maintains and monitors risk assessment documentation.
Regulatory compliance
Reviews and assists own organisation to maintain a privacy notice and record of processing activities (ROPA). Advises and, where necessary, assists on the application of data protection impact assessments (DPIA) and maintain records for compliance within regulatory access requirements.
Develops and builds effective relationships
Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans.
Review findings
Collates evidence and examines for compliance with standards, statutory controls, or management directives. Identifies, escalates and documents issues of non-compliance.
Communications
Communicates effectively by competent use of email, telephone, written and face-to-face communication according to guidelines and customer care standards. Acts as a touchpoint for internal and external contacts.
Threats and breaches
Responds to data security breaches in line with security and information governance policies. Supports any investigation that takes place as a result of a breach. Supports action to categorise and limit damage, according to the organisation's security policy, which may include escalation and reporting the incident to the Information Commissioner's Office, and records the incident and action taken.
Person specification
Skill/Knowledge
* Demonstrable knowledge of Information Governance and using it in the workplace.
* Problem-solving skills and ability to respond to sudden unexpected demands.
* Ability to pull together comprehensive draft reports.
Experience
* Experience of working in an NHS organisation.
#J-18808-Ljbffr