HealthNet Homecare are specialists in delivering homecare services for patients, from medical deliveries to nursing support for patients in their own homes. Working with over 180,000 patients across numerous different therapy areas, our dedicated team offer support to patients with rare and orphan diseases right through to more common conditions. Our aim is to make patients' lives easier by taking the stress out of managing their medication and ensuring they are confident they are in safe hands with HealthNet. We are looking for a Data Protection Officer to join our busy Digital team If you are a passionate and caring individual, seeking a role with a mission statement you can truly get behind, where you can help to make a difference to patients' everyday lives, then this is the opportunity for you Main Responsibilities The role of the Data Protection Officer is to be responsible for strategic and operational management of Information Governance and Data Protection activities at HealthNet, and lead in the development, interpretation and companywide implementation and monitoring of Information Governance Frameworks, in support of the achievement of the Organisation's Strategic and Corporate Objectives. This role will be a member of the Digital Management Team. Act as the Data Protection Officer for HealthNet Monitor companywide compliance with UK General Data Protection Regulations and other local data protection laws, HealthNet data protection policies, awareness-raising, training, and audits. Initiate actions to address areas of non-compliance, reporting on progress and risks to the Board in recognition of their accountability for data protection obligations Develop and implement processes to resolve and improve compliance issues across the Company, offering a range of options which are suitable both for service provision and for legislative compliance. Be the recognised authority on all Information Governance (IG) matters within the company and as such provide an organisational wide advisory and guidance service on highly complex information legislation matters where there can be differing interpretations. Have due regard to the risk associated with processing operations, and take into account the nature, scope, context, and purposes of processing by HealthNet. Assess the impact of changes to national IG requirements and initiatives and to the NHS England Data Security and Protection Toolkit, advising the Company of such changes, making recommendations and ensuring actions plans are prepared, agreed and implemented in order for the company to maintain all regulatory compliance, NHS and national IG requirements. Act as the Contact Point for the Information Commissioner's Office (ICO) on Data Protection matters, including during prior consultations under Article 36(4) of the GDPR. Oversee the process for handling data subject requests, including requests for access, rectification, erasure, and objection. Ensure timely and accurate responses to data subject requests, maintaining documentation of all requests and actions taken. Establish and manage an incident response process to promptly identify, assess, and report any data breaches or privacy incidents. Coordinate the response efforts, including notification to affected individuals, regulatory authorities, and other relevant stakeholders as required. Maintain and review HealthNet's Privacy Notices Review and advise on Data Protection Impact Assessments (DPIAs) wherever required to support company data processing activity, new initiatives, and changes. Monitor all business process requiring a DPIA. Collaborate with relevant stakeholders to ensure data protection requirements are incorporated from the design phase. Ensure appropriate Data Sharing Agreements are in place and maintained for all HealthNet business partners, clients and customers as needed Review and advise on client and other business contracts in relation to Data Processing, Data Retention, and Information Governance clauses Ensure understanding across the business and compliance with the company's Information Governance and Data Protection Policy at all times. Provide specialist advice on all IG and Data Protection matters to Board, Senior Management, and other relevant groups across the business. Communicate and educate staff members on their responsibilities and obligations regarding data protection Be easily accessible as a point of contact for all employees, individuals and the ICO Manage and co-ordinate completion of the annual company Information Governance self-assessment with Company lead, using the NHS Digital Data Security and Protection Toolkit Ensure constant improvement in competence and standards through personal development. Support the HealthNet Caldicott Guardian in fulfilling their role What experience and skills are we looking for? Essential Expert knowledge of information governance in a range of corporate disciplines, including business, strategy, healthcare, clinical and operational service delivery Significant knowledge and experience of the practical application of the fundamental principles of risk management and information governance Significant experience identifying, collecting, and analysing, comparing, and interpreting highly complex data from numerous different sources to produce information risk intelligence reports Qualifications? Educated to degree level (essential) Degree in law, information technology, healthcare administration or a related field (desirable) In-depth knowledge of data protection laws and regulations, particularly Data Protection Act (2018) and UK GDPR, as they relate to the healthcare industry. Experience working in a healthcare setting and familiarity with healthcare data management and information systems. Able to demonstrate a level of relevant senior professional experience gained within an Organisation Certified Data Protection Officer or Certified Information Privacy Professional Key Competencies Self-motivated, dedicated with a committed approach showing interest in understanding the Company and industry Ability to develop and sustain internal and external relationships by showing mutual respect, honour and integrity, strong professional image, and personal credibility Strong understanding of data privacy principles, risk assessment methodologies, and data protection best practices. Well-honed issue resolution, negotiation, and communication skills with a flexible approach Strong interpersonal skills capable of building, developing, and maintaining a positive working environment Excellent communication and interpersonal skills, with the ability to educate and influence stakeholders at all levels of the organization. Ability to deliver projects and answer enquires on time whilst, at all times working in an efficient manner Proactive and motivated responding positively to new challenges Demonstrated experience in developing and implementing data protection policies, procedures, and training programs. Strong analytical and problem-solving skills, with the ability to assess complex situations and provide practical recommendations. High level of integrity and commitment to maintaining the confidentiality and security of sensitive data What we offer: Competitive salary structure 25 days holiday bank holiday Pension Scheme Ongoing training and development Professional registration fees paid Employee Assistant Programme including 24/7 hour access to remote GP appointments. Refer a friend scheme Uniform provided Kit bags for all Homecare Nurses Eyecare Vouches Perks and benefits via Perkbox Long service awards. If the role sounds of interest, and you want to be a part of a company who truly places our patients at the heart of everything we do, please feel free to apply through our careers page and join us in making a difference. Please note: Due to a high volume of applications, we usually receive, we are unable to contact each applicant individually regarding the status of their application. If you are selected for an interview, we will shortly be in touch.