Job summary
Are you looking to make a difference and use your leadership and coaching skills? Then we want to hear from you as we have an excellent opportunity for you. We need experts in Data Protection and Security to help the Trust deliver an excellent Data Protection Office service.
You probably know the NHS is one of the largest employers in the UK and EU and it needs you. In return this role can offer you a fantastic opportunity for you to learn, grow and develop whilst being supported by experienced leaders within this field.
We've recently undertaken a full workforce change across the Data Protection Office service and are seeking strong, visible and competent leaders who can use their knowledge, skills and abilities to coach a team of staff to learn, develop and grow to achieve shared service wide objectives.
In addition to the brief list below you must familiarise yourself with the full job description and person specification attached to this advert prior to applying.
The post holder will be an experienced leader and specialist in relation to data protection, security, confidentiality, line management, service delivery and records managements. Responsible for the day to day management of the Data Protection Office / service.
Main duties of the job
Lead and promote data protection and security awareness and provide advice and guidance to the Trust, Employee's and Management in relation to the organisation achieving compliance with Data Protection Legislation. Provide Information Governance support in relation to commercial, informatics, and research projects.
Provide first line support for all data protection and security enquiries including commercial, data analytics and research to the Trust. Such as contracts and procurement process and due diligence, ISA, DPA, DPIAs and DTAC.
Work with managers, Heads of Service and Directors of operations to identify any new working practices required and to support the change programme to implement these utilising a Privacy by Design process.
Ensure Continuous Professional Development (CPD) of self and supervisee's.
Provide expert advice to the Trust in relation to relevant Information Security / Cyber Security frameworks such as ISO27001 compliance but not limited too. Keeping themselves up to date with relevant frameworks.
The post requires a mix of on-site and home working to suit the needs of our service. Typically, one or two days a week depending on the service needs. The service has an agile working approach and planned meeting schedules so the entire service can plan accordingly their home and work life balance accordingly.
About us
With over 20,000 staff, we are one of the biggest employers in the city with a central role in supporting the health and wellbeing of our local population. We play a leading role in research, education and innovation.
Come and join our wonderful team at NUH. We are big believers in diversity and welcome new ideas to help develop our team in order to deliver world class healthcare to the vast patient populations we serve. With endless personal development opportunities available, at NUH we will endeavour to turn your job into a career!
We particularly welcome applications from people who identify as Black, Asian and Minority Ethnic, or Disabled, as we are striving to be better represented at NUH.
Date posted
17 March 2025
Pay scheme
Agenda for change
Band
Band 7
Salary
£46,148 to £52,809 a year per annum
Contract
Permanent
Working pattern
Full-time, Flexible working
Reference number
164-6021640-2
Job locations
City and Queen's Medical Centre Hospital Campus, Hucknall Road, Nottingham, NG5 1PB
Person Specification
Commitment to Trust Values and Behaviours Essential
* Must be able to demonstrate behaviours consistent with the Trust's behavioural standards
Training & Qualifications Essential
* Significant post graduate level education in relevant field or able to demonstrate considerable experience and competencies within Data Protection & Security
* Experience and knowledge in Data Protection & Security and in interpretation and applications of legislation in a large public facing organisation
* Relevant Data Protection, Cyber Security and Information Technology qualifications. i.e. - Specific expert Data Protection and / Freedom of Information legislation practitioner - Specialist knowledge in relation to Data Protection and Security - Data / Information Security / Cyber Security Qualification
* Experience of Microsoft packages including Word, Excel, PowerPoint, Outlook.
* An understanding of the Data Protection Act / UK GDPR, Freedom of Information and Access to Health Records Legislation
* Must be willing to participate in any relevant training to develop skills required to carry out duties
* Evidence of continuing professional development in relevant area (s) (Records Management, Data Retention, Data Protection, Handling Information)
Experience Essential
* Experience of staff management including PDP, recruitment, disciplinary and capability etc.
* Supervisory / Line Management skills
* Considerable in-depth knowledge and experience of working within the Health and Social Care sector in relation to NHS Information Governance definitions and requirements; Caldicott Guardian role, Senior Information Risk Owner role, Confidentiality, Integrity and Availability and Data Security & Protection Toolkit requirements etc.
* Highly developed knowledge and understanding of Data / Cyber / Information Security requirements within an NHS environment
* Expert knowledge of Data Protection Act 2018 / relevant legislation, Freedom of Information Act 2000, Access to Health Records Act 1990, Network & Information Systems Regulations 2018, Computer Misuse Act 1990 and any other relevant legislation
* Knowledge of Data Protection & Security / Cyber Security Frameworks
* Knowledge and experience of supporting and completing all types of Contracts, Service Level Agreements (SLAs) and relevant Information Sharing / Data Processing Agreements alongside procurement due diligence requirements. Such as the Digital Technology Assessment Criteria (DATC)
* Knowledge, experience and practical application of data privacy impact assessments as set out within legislation above
* Knowledge, experience and practical applications of Data Breaches / Incidents in line with the Confidentiality, Integrity and Availability (CIA) Triad. As well as reporting to relevant commissioning bodies as set out within legislation
* Knowledge, experience and practical applications of auditing techniques desktop and onsite where required in relation to post
* Experience of delivering presentations to large and diverse groups
* Ability to work with and influence senior colleagues including negotiation and persuasion skills
* Ability to recognise own and others development needs and find appropriate solutions
* Self-motivated and ability to motivate others.
* Ability to foster and maintain positive working and service relationships
* Experience of writing policies and procedures
* Expert level of experience managing Data Protection enquiries and issues
Communication and Relationship skills Essential
* Excellent verbal and written communication skills and the ability to communicate specialist / complex issues effectively at all levels
* Ability to analyse complex information requiring interpretation in order to meet the service requirement e.g., Staff data on training, skills and competencies.
* Effective interpersonal and communications skills with the ability to produce clear concise communications
* Ability to provide contentious information to staff groups and to communicate business sensitive information to internal staff
* Able to develop, establish and maintain positive relationships with others both internal and external to the organisation
* Excellent presentation/ training skills
Analytical and Judgement skills Essential
* Competent IT skills in order to collect and interpret data, present reports and compile simple presentations
* Ability to work without direct supervision, prioritising work and acting on own initiative where appropriate; pre-empting problems and working to solve them in an appropriate manner
* Ability to operate to a variety of levels within the organisation and also external agencies
* Flexible approach to meet the conflicting demands of the job
* Effective time management skills in order to meet deadlines
* Ability to communicate at all levels, both written and verbally, with internal and external customers
* Ability to prioritise own workload autonomously
* Accuracy and attention to detail
* Ability to maintain confidentiality
* Ability to demonstrate tact and diplomacy
* Ability to work under pressure and to tight deadlines with changing priorities
* Ability to conduct audits and exercise judgement
* Ability to compile and initiate audits and present findings
* Ability to use professional judgement and advise others on best practice, national guidelines and legislation
* Ability to multi-task, deal with conflicting deadlines and prioritise workload appropriately
* Able to work on own initiative and as part of a team
* Sensitive to the needs of others and has an awareness and responsiveness to other people's feelings and needs
* Values differences; regards people as individuals and appreciates the value of diversity in the workplace
Planning and organisation skills Essential
* Ability to manage workloads of others and distribution throughout the service / team in a coaching style of leadership, leading by example
* Able to work as part of a team, co-operating to work together and in conjunction with others and willing to help and assist wherever possible and appropriate
* Able to work under pressure, dealing with peaks and troughs in workload
* Positive attitude to dealing with change; flexible and adaptable, willing to change and accept change and to explore new ways of doing things and approaches
* Highly motivated, reliable and resourceful with a proactive approach to problem solving and ability to work autonomously
* Has a strong degree of personal integrity; able to adhere to standards of conduct based on a sense of right and wrong and be dependable and reliable
* Ability to operate to a variety of levels within the organisation and also external agencies
* Excellent planning and organisational skills
Other requirements specific to the role Essential
* Strong visible leadership and coaching style provided onsite and online
* Ability and willingness to adopt an agile approach to work
* Willingness and ability to travel between sites and to external meetings
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Certificate of Sponsorship
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
#J-18808-Ljbffr