Do you have expert knowledge in data protection and information access legislation; such as the Freedom of Information Act 2000, and General Data Protection Regulation (GDPR)/Data Protection Act 2018? And are you knowledgeable in the exemptions and application of those requirements?
Do you have experience of leading the application data protection and information access law and practices for an organisation?
Would you like to facilitate and support the MCA’s compliance with Data Protection Legislations, ensuring a sensible and proportionate approach is taken to help the department do its business in a way that inspires staff and public trust and confidence?
If so, we are looking for a Head of Data Protection and Information Access to join us at the Maritime and Coastguard Agency (MCA) and we'd love to hear from you!
The Maritime and Coastguard Agency (MCA) implements the government’s maritime safety policy in the United Kingdom and works to prevent the loss of life and occurrence of pollution on the coast and at sea.
Safer lives. Safer Ships. Cleaner Seas .
Our vision is to be a world-leading organisation, accelerating the transition to sustainable shipping with non-negotiable safety standards. We put our people, our customers and our planet at the heart of everything we do.
We are committed to giving all our colleagues purpose, professionalism and pride in what we do. We work in supportive, diverse and inclusive teams.
We want everyone to feel valued and supported to achieve their potential at MCA.
This culture of inclusion is underpinned by our staff networks groups covering, Women’s, LGBTQI+, Race, Carers, Mental Wellbeing and volunteer Respect Ambassadors.
Whilst we welcome applications from candidates seeking part time/flexible working hours, there will be a business requirement for candidates to work a minimum of 30 hours per week. For further information please contact laura.badley@mcga.gov.uk.
What is the Data and Information Access team?
The Data Protection and Information Access team works as part of the Maritime and Coastguard Agency’s (MCA’s) Corporate Governance framework to inform the Agency’s compliance with Data Protection and Information Access Legislations.
The team provides independent, expert advice and guidance to the Agency, its staff, volunteers and third parties.
The team act as a point of contact to ensure lawful and compliant processing and disclosure of personal information under the relevant legislations.
The function acts to ensure that the MCA’s Executive Officers and Board are adequately informed and advised of Data Protection and Information Access risks, best practice and relevant updates or changes to the regulatory landscape.
Who is the Head of Data Protection and Information Access?
The Head of Data Protection and Information Access is responsible for carrying out the delegated statutory tasks of the Department for Transport (DfT) Data Protection Officer (DPO) in accordance with the DfT DPO Governance Framework.
They are the DPO’s principal point of contact within the MCA, able to operate within their business area with the independence and protections afforded to a DPO. The role will facilitate and support the MCA’s compliance with Data Protection Legislations, ensuring a sensible and proportionate approach is taken to help the department do its business in a way that inspires staff and public trust and confidence. They also act as the principal point of contact for the ICO and for Data Subjects for the MCA within the DfT controllership.
The role is also responsible for overseeing the Agency’s compliance with information access/information rights legislations; the Freedom of Information Act 2000 (FOIA), Environmental Information Regulations 2004 (EIR) and the Subject Access provisions of the General Data Protection Regulation (GDPR)/Data Protection Act 2018 (DPA), ensuring lawful and compliant processing of requests for the MCA.
Your responsibilities include but are not limited to:
* Providing expert, timely, risk-based advice to business areas and risk owners on DPIAs, privacy notices, data sharing, data processing contracts, overseas transfers and all other aspects of data protection compliance
* Ensuring you and team continue to develop expert knowledge of data protection law, and gain/maintain suitable professional qualifications
* Proactively promote data protection compliance across Agency – develop and maintain an annual Training & Awareness plan that provides for delivery of both general awareness-raising activities and targeted Training & Awareness according to nature of roles
* Implementing and maintaining effective guidance, policies and procedures, in line with ICO Accountability Framework expectations and overarching DfT Data Protection policy
* Assessing Agency against ICO Accountability Framework annually – provide DPO with update and action plan to address areas of non-compliance
* Oversee the compliant disclosure of information under the Freedom of Information Act/Environmental Information Regulations and the Subject access provisions of the General Data Protection Regulation (GDPR)/Data Protection Act 2018 (DPA), providing expert guidance to ensure lawful disclosures of information to data subjects or investigating authorities.
For further information about the role and responsibilities, please see the attached role profile.
Proud member of the Disability Confident employer scheme
Disability Confident
About Disability Confident
A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident .