Senior Information Rights Officer Grade: Newham PO3 Location – Newham or Havering. The post holder must be flexible and work across sites in both councils. Accountable to: Information Governance Manager Accountable for: Job Purpose: • Responsible for ensuring the council responds to Freedom of Information, Environmental Information, Data Subject Access Requests, disclosure requests and other individual information rights requests within the statutory timeframes. • The post holder will require extensive knowledge of the Freedom of Information Act 2000, Environmental Information Regulations 2004,Data Protection Act 2018 and GDPR to ensure requests are dealt with accurately and lawfully. They will be able to highlight and apply any exemptions that may be applicable before carrying out the request. • The post holder will embed standards and be part of the team that is the lead point of contact to provide guidance and advice to colleagues across the Council to increase understanding on information rights requests and the legislation that supports them. • The post holder will build good working relationships with services across the Council and external agencies as this will be key when liaising and collaborating with services to gather the data requested and fulfil the requests. The post holder will uphold the Council’s reputation in responding to Information Rights requests. They will work to ensure requests meet statutory deadlines and that complex exemptions and exceptions are correctly applied to FOIs, EIRs, SARs and all other individual information rights requests. Specific Responsibilitie s 1. Responsible for maintaining a reliable record on the Council’s information rights reporting tool for receiving, tracking and responding to external requests under the Freedom of Information Act 2000, the Environmental Information Regulations 2004 and Data Protection Act 2018 and GDPR. 2. Responsibility for responding to subject access requests (historic requests over six months since closure) and individual rights requests made by members of the public responsibility for responding to disclosure requests made to the Council by external agencies. responsibility for ensuring compliance with and responding to Freedom of Information requests made by members of the public and external agencies 3. responsibility for ensuring compliance with and responding to Environmental Information regulations made by members of the public and external agencies 4. Work collaboratively with information asset owners in order to gather the information requested and respond to the requester within the statutory timeframes. Independently research and source complex and detailed data across specific council systems in order to draft responses and any exemptions or exceptions applicable 5. Provide expert specialist advice and guidance to colleagues at all levels of the council on their obligations to provide access to information 6. Provide expert specialist advice and guidance to information asset owners and council services on exemptions and their correct application. 7. Promote a culture of information rights compliance across all areas of the council 8. Respond to queries from the public on the applicable legislation, process and progress of submitted requests and advise them on their requests and individual information rights. 9. Assist Information Governance colleagues’ internal reviews relating to information rights requests where appropriate 10. Assist in drafting and updating policies, procedures and guidance on information rights. 11. Assist in developing assurance reports for the Information Governance Board and ad hoc KPI reports and service update reports. 12. Complete personal development and ensure an up to date knowledge of current legislation relevant to information rights and share with the wider team as appropriate 13. Use insights as a learning loop to enable efficiencies within the service and better ways of working resulting in an improved resident experience. 14. Promote service development - where appropriate identify and advise/make recommendations across council services where requests may give rise to issues relating to records held, gaps in reporting capabilities, accuracy and missing information. 15. Pro-actively identify and advise senior IG colleagues and other key stakeholders (e.g. Monitoring Officer) of potentially sensitive, political or reputational damaging responses and possible legal implications on disclosure. 16. To promote and identify where data quality issues need to be rectified in line of business applications to the appropriate service leads to be rectified oneSource Corporate Critical Success Factors • Provision of and delivery of quality services – ensuring a high level of service that is reflective of all customer needs and value for money • Anticipates different customer needs – delivering a customer focused shared service which is a cultural ‘fit’, is flexible and proactive in approach • Delivers a resilient business, which continuously improves and innovates with healthy revenue streams • Operates an ethos of joint working and operates across the board regardless of location • Delivers capacity and capability to operate business as usual with the capacity and capability to innovate and project manage to support this • Delivers a flexible and scalable platform to innovate, enhance market knowledge and continuously improve • Invests in people and skills to deliver a sustainable business • Provides a transactional service that is multi-channelled, face to face, local and nationwide General • OneSource is committed to and champions equality and diversity in all aspects of employment and service provision. All employees are expected to understand and promote this approach in their work. • Adherence to Health and Safety requirements and proper risk management is required from all employees in so far as is relevant to their role. All employees are expected to understand and promote good health and safety practices and manage risks appropriately • Deal with any Safeguarding issues that might arise, in line with the Council’s policies and procedures. • Comply with Health and Safety Regulations associated with your employment. • Be aware of the council’s responsibilities under the Data Protection Act 2018 for the security, accuracy and relevance of all personal data held on such systems and ensure that all processes comply with this. • To treat all information acquired through your employment, both formally and informally, in strict confidence. Person Specification Able to demonstrate and evidence a highly developed Competence in: Skills (from Skills Framework for the Information Age) Information Management (level 4) Supports the implementation of information and records management policies and standard practice. Monitors the implementation of effective controls for internal delegation, audit and control relating to information and records management. Reports on the consolidated status of information controls to inform effective decision-making. Identifies risks around the use of information. Recommends remediation actions as required. Personal Data Protection (level 5) Contributes to the development of policy, standards and guidelines related to personal data legislation. Provides expert advice and guidance on implementing personal data legislation controls in products, services and systems. Investigates major data breaches and recommends appropriate control improvements. Creates and maintains an inventory of data that are subject to personal data legislation. Conducts risk assessments, business impact analysis for complex information systems and specifies any required changes. Ensures that formal requests and complaints are dealt with according to approved procedures. Prepares and submits reports and registrations to relevant authorities. Quality Assurance (level 4) Plans, organises and conducts assessment activity and determines whether appropriate quality control has been applied. Conducts formal assessments or reviews for given domain areas, suppliers, or parts of the supply chain. Collates, collects and examines records, analyses the evidence and drafts all or part of formal compliance reports. Determines the risks associated with findings and non-compliance and proposes corrective actions. Provides advice and guidance in the use of organisational standards. Specialist Advice (level 4) Provides detailed and specific advice regarding the application of their specialism to the organisation's planning and operations. Actively maintains knowledge in one or more identifiable specialisms. Recognises and identifies the boundaries of their own specialist knowledge. Where appropriate, collaborates with other specialists to ensure advice given is appropriate to the organisation's needs. Specialist advice: Level 5 Provides definitive and expert advice in their specialist area. Actively maintains recognised expert level knowledge in one or more identifiable specialisms. Oversees the provision of specialist advice by others. Consolidates expertise from multiple sources, including third-party experts, to provide coherent advice to further organisational objectives. Supports and promotes the development and sharing of specialist knowledge within the organisation. Stakeholder Relationship Management (level 4) Deals with problems and issues, managing resolutions, corrective actions, lessons learned, and the collection and dissemination of relevant information. Implements stakeholder engagement/communications plan. Collects and uses feedback from customers and stakeholders to help measure the effectiveness of stakeholder management. Helps develop and enhance customer and stakeholder relationships. Able to demonstrate and evidence Knowledge and experience in: • As this role involves processing all information rights requests substantial knowledge of the UK General Data Protection Regulation (relating to information rights), the Data Protection Act 2018, the Freedom of Information Act 2000 and the Environmental Information Regulations 2004 is essential. • Ability to interpret and apply legislation to complex requests. Skilled in interpreting and applying legislation to complex requests, including the application of exemptions and exceptions. Proficient in preparing and delivering redacted document bundles to support requests • FOI Practitioner certificate or equivalent years working experience • Extensive experience responding to Subject Access Requests, including those that require additional specialist knowledge .e.g social care Behaviours and personal qualities • Builds appropriate and effective business relationships across the organisation and with users, suppliers and partners. • Creates and supports collaborative ways of working across groups/ areas of responsibility. Facilitates collaboration between stakeholders who have diverse objectives. • Possesses detailed knowledge of key case management systems and line of business applications where data could be held. • a strong understanding of how to assess credibility and analyse data effectively. Demonstrates sound judgment and a systematic approach to work, ensuring strict compliance with relevant regulations and standards • Excellent customer experience especially when dealing with sensitive requests e,g. Social care • Demonstrates effective oral and written communication skills when engaging on issues with colleagues, users, suppliers and partners. • Understands and effectively applies appropriate methods, tools, applications and processes. • Demonstrates judgement and a systematic approach to work. • Integrity: Upholds confidentiality and ethical standards when managing personal and sensitive data. • Organisational Skills: Manages multiple requests and tasks efficiently, maintaining systematic records and meeting deadlines. • Resilience: Handles high-pressure situations and complex cases with professionalism and composure. • Effectively applies digital skills and explores these capabilities for their role. • Learning and professional development takes the initiative to develop own knowledge and skills by identifying and negotiating appropriate development opportunities. • Ability to demonstrate, understanding and apply our HEART values. These are embedded in all roles and that applicants must evidence their values as part of the application process: o Honesty o Equality o Ambition o Respect o Together Applicants must have experience of working collaboratively with service managers/social workers in relation to the processing of Children’s SARs and wider experience of dealing with FOI’s/disclosure requests would be an advantage as they will be working within the wider Information Rights Team. Responsible for ensuring the council responds to Freedom of Information, Environmental Information, Data Subject Access Requests, disclosure requests and other individual information rights requests within the statutory timeframes. The post holder will require extensive knowledge of the Freedom of Information Act 2000, Environmental Information Regulations 2004,Data Protection Act 2018 and GDPR to ensure requests are dealt with accurately and lawfully. They will be able to highlight and apply any exemptions that may be applicable before carrying out the request. The post holder will embed standards and be part of the team that is the lead point of contact to provide guidance and advice to colleagues across the Council to increase understanding on information rights requests and the legislation that supports them. The post holder will build good working relationships with services across the Council and external agencies as this will be key when liaising and collaborating with services to gather the data requested and fulfil the requests. The post holder will uphold the Council’s reputation in responding to Information Rights requests. They will work to ensure requests meet statutory deadlines and that complex exemptions and exceptions are correctly applied to FOIs, EIRs, SARs and all other individual information rights requests.