Job summary Working within our IT & Compliance team, based at Fair Havens in Southend on Sea, and Little Havens in Thundersley, this role plays a key part in progressing and monitoring procedures and processes, ensuring that the Charity remains compliant with all relevant Data Protection and Information Governance regulations. Please be aware that, unfortunately, Havens Hospices is unable to offer UK visa sponsorship at this time. This role is predominantly office-based in Southend on Sea, Essex. Previous applicants for this position need not apply. Main duties of the job Reporting to the Head of IT & Compliance, you will provide expert IG advice and guidance to the charity and its trustees. You will be responsible in ensuring that we remain compliant with all applicable legislation, including GDPR and the DPA 2018. This role is also responsible for processing and managing information requests as per the FOI Act, and Environmental Information Regulations. About us At Havens Hospices, we care for children, young people and adults with complex or incurable conditions. Our specialist Care Teams can support them and their family living throughout illness, death and bereavement in the comfort of their own home and through our hospice services, Fair Havens and Little Havens. Working at Havens Hospices allows you to give the gift of time to patients and families, creating memories. Although you may not be giving direct care to our patients, your contribution will have an immediate effect on our care services. In return for your expertise and passion, you will receive a competitive salary package, and most of all, by making the most of every day you work at Havens Hospices you'll be helping us continue 'Making every day count' for those who need us most. At Havens Hospices we are committed to safeguarding and promoting the welfare of our employees and patients and expect all colleagues to share this commitment. We value diversity and welcome applications from all sections of the community. Date posted 05 March 2025 Pay scheme Other Salary £36,050 a year FTE, £21,630.00 pro rata per annum. Contract Permanent Working pattern Part-time Reference number Trac ID 6964996 Job locations Fair Havens 226 Priory Cresecent Southend SS2 6PR Job description Job responsibilities To ensure the Charity has an accurate, complete and maintained data protection registration with the Information Commissioners Office as a Data Protection Officer. To ensure the Charity complies with all relevant legislation in relation to information governance, including the General Data Protection Regulation and Data Protection Act 2018. To support with information requests under current Data Protection Legislation and the Freedom of Information Act/Environmental Information Regulations, ensuring that requests are dealt with in accordance with legislation and within agreed timescales To conduct a programme of audits and report on the auditing of compliance across the Charity, To provide advice and take action, where necessary in response to audit findings and recommendations in respect of Information Governance. To ensure Data Privacy Impact Assessments are carried out in line with Charity policy and monitor progression of all associated action plans and audits. To support in maintaining a comprehensive suite of policies and procedures to ensure the Charity has a comprehensive Information Governance framework To keep up to date on legislation relevant to information Governance and ensure that the necessary changes to Charity policies and procedures are proactively addressed. To ensure the Charity has a well-maintained information asset register, with assets being risk assessed and asset owners being trained appropriately for their role. To ensure appropriate action is taken where compliance issues are flagged. To ensure appropriate risk assessments are conducted in relation to personally identifiable information held by Charity suppliers and seek advice from the Charitys IT external contractors in relation to cyber security and general IT security risks. To work with Managers, Heads of service and Directors to identify any new working practices required and to support the change programme to implement these. To support in the implementation of the overarching Charity Information Governance Strategy and Framework in support of statutory and regulatory requirements (e.g., Data Security and Protection (DSP) Toolkit and PCI DSS). Job description Job responsibilities To ensure the Charity has an accurate, complete and maintained data protection registration with the Information Commissioners Office as a Data Protection Officer. To ensure the Charity complies with all relevant legislation in relation to information governance, including the General Data Protection Regulation and Data Protection Act 2018. To support with information requests under current Data Protection Legislation and the Freedom of Information Act/Environmental Information Regulations, ensuring that requests are dealt with in accordance with legislation and within agreed timescales To conduct a programme of audits and report on the auditing of compliance across the Charity, To provide advice and take action, where necessary in response to audit findings and recommendations in respect of Information Governance. To ensure Data Privacy Impact Assessments are carried out in line with Charity policy and monitor progression of all associated action plans and audits. To support in maintaining a comprehensive suite of policies and procedures to ensure the Charity has a comprehensive Information Governance framework To keep up to date on legislation relevant to information Governance and ensure that the necessary changes to Charity policies and procedures are proactively addressed. To ensure the Charity has a well-maintained information asset register, with assets being risk assessed and asset owners being trained appropriately for their role. To ensure appropriate action is taken where compliance issues are flagged. To ensure appropriate risk assessments are conducted in relation to personally identifiable information held by Charity suppliers and seek advice from the Charitys IT external contractors in relation to cyber security and general IT security risks. To work with Managers, Heads of service and Directors to identify any new working practices required and to support the change programme to implement these. To support in the implementation of the overarching Charity Information Governance Strategy and Framework in support of statutory and regulatory requirements (e.g., Data Security and Protection (DSP) Toolkit and PCI DSS). Person Specification Qualifications Essential Data Protection Officer related Certification (such as British Standard or ISO Standard) GCSE/A Level/Degree in English & Maths, or equivalent qualification Evidence of continuing professional development within similar or same role. Skills & Experience Essential In depth knowledge of GDPR regulations Demonstrable experience working as a Data Protection Officer Ability to use Microsoft Office (including Word, PowerPoint, Outlook, Teams), databases, other relevant software and systems, and the internet to an intermediate level Skilled in understanding and interpreting data and data analytics, including advanced excel skills. Demonstrable understanding of good practice (and the practical application thereof) in risk management. Desirable Cyber Essentials Plus certification Power Automate/Power BI experience Experience Desirable Full driving licence and own car to enable travel between sites Person Specification Qualifications Essential Data Protection Officer related Certification (such as British Standard or ISO Standard) GCSE/A Level/Degree in English & Maths, or equivalent qualification Evidence of continuing professional development within similar or same role. Skills & Experience Essential In depth knowledge of GDPR regulations Demonstrable experience working as a Data Protection Officer Ability to use Microsoft Office (including Word, PowerPoint, Outlook, Teams), databases, other relevant software and systems, and the internet to an intermediate level Skilled in understanding and interpreting data and data analytics, including advanced excel skills. Demonstrable understanding of good practice (and the practical application thereof) in risk management. Desirable Cyber Essentials Plus certification Power Automate/Power BI experience Experience Desirable Full driving licence and own car to enable travel between sites Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. Employer details Employer name Havens Hospices Address Fair Havens 226 Priory Cresecent Southend SS2 6PR Employer's website https://www.havenshospices.org.uk/ (Opens in a new tab)