The Head of Digital Assurancewill be the Data Protection Officer for the organisation,and experienced leader with a comprehensive understanding of health and social care services, the significance of clinical and corporate data, and data protection regulations. The role demands a proven track record in applying information governance (IG) related national legislation.
The post holder will provide leadership and expert advice on IG, records management, and data quality across the Trust and its strategic partnerships. They will develop and implement frameworks to achieve the digital strategy goals, aligning with the Trust's values, objectives, and national standards. The post holder will have confidence in assuring existing and emerging technologies and employing appropriate governance techniques to support the safe adoption of innovative technology.
The post holder will lead an advanced digital assurance service supporting the mental health Trust and its partnerships with academic, local authority, and voluntary sector partners. They will actively participate in national and regional health and social care initiatives, promoting the Trust’s expertise and ensuring compliance with UK GDPR, Data Protection Act (2018), and other relevant legislation. The successful candidate will establish and maintain high-quality arrangements for data protection, freedom of information, data subject access requests, records management, clinical coding, and data quality/strategy activities.
· Lead the development, delivery and management of the digital assurance function that is fit to support the vision and digital aspirations of a mental health trust to empower service users, support clinicians, enable research, improve productivity, and support organisational performance with digital tools, technology and best use of data.
Greater Manchester Mental Health (GMMH) Foundation Trust employs over 7000 members of staff, who deliver services from more than 160 locations.
We provide inpatient and community-based mental health care for people living in Bolton, the city of Manchester, Salford, Trafford and the borough of Wigan, and a wide range of specialist mental health and substance misuse services across Greater Manchester, the north west of England and beyond.
Greater Manchester is one of the world's most innovative, original and exciting places to live and work. From the beauty of the surrounding countryside to the heart of the vibrant inner city with great shopping, entertainment and dining options.
Wherever you go you will experience a great northern welcome with people famed for their warmth, humour and generosity.
Our people enjoy their work, have opportunities to learn and develop their skills and are encouraged to generate new ideas that improve care for our service users.
· Lead the collation, completion and submission of the Data Security and Protection Toolkit submission.
· Develop strategies and plans to promote and develop good digital assurance practice within the organisation and to embed such good practice in organisational culture.
· Develop, manage and coordinate a robust IG programme of work within the organisation in line with the Data Protection Act 2018, Freedom of Information Act 2000, Caldicott requirements, Information Sharing Processes and other related legislation and guidance.
· Promote the good IG practice based on the Trust’s relevant strategies in key partnerships such the GM ICS, strategic regional and national groups and collaborative networks.
· Provide updates and expert advice to senior leaders in the Trust and in strategic partnerships on issues that relate to information governance.
· Work closely with the Caldicott Guardian, the Chief Clinical Information Officer, the SIRO, and the CIO to lead the development and delivery of the Trust digital assurance Framework in line with relevant legislation, health and social care standards.
· Monitor and manage compliance with IG related national legislation (Data Protection Act, Freedom of Information Act etc), industry security standards (such as ISO27001, Cyber Essentials Plus) and health and social care IG standards.
· Advise the organisation and key partnerships / strategic networks to design, develop and monitor processes, policies and strategies to enable effective, lawful and secure use of clinical information for secondary uses such as research to maximise the value of such information for the benefit of service users.
· Lead the development of Trust-wide IG and other relevant Digital policies that are compliant, clear and easy to understand.
· Ensure the organisation successfully manages the risk associated with information and technology through Trust wide standards and compliance with those standards.
· Ensure processes and awareness are in place for information related incidents to be appropriately reported, escalated and investigated, lessons learnt are disseminated across the organisation.
· Lead reviews and advise on breaches of information security and confidentiality.
· Provide expert advice and guidance to members of staff and other stakeholders on digital assurance matters.
· Provide expert advice on national strategies and complex legislation affecting the IG of the organisation ensuring the organisation is aware of changes that may require adjustments in the Trust approach.
· Lead, participate and contribute in organisational, regional and national committees, groups and networks to determine and implement national and local policies, protocols and procedures.
· Lead the monitoring of information processing against agreed standards by undertaking inspections and assurance audits of information security and confidentiality arrangements within the organisation.
· Engage service users and carers in the development of organisational digital assurance policies to ensure increased awareness of information rights, purposes for which information is to be used and shared and obtaining consent.
· Lead the development of regular reports and communications on digital assurance matters within and beyond the organisation.
· Lead the development and delivery an IG awareness and training programme of activities that meets the needs of the Trust workforce, and complies with the requirements of the Data Protection and Security Toolkit (DSPT).
· Promote professional and corporate responsibility to safeguard confidential clinical information handled and exchanged within the Trust and with partner organisations.
· Lead the training of large groups of staff in confidentiality, information security, freedom of information and other digital assurance subjects.
· Lead the investigation and response to formal information requests, complaints, regulatory notices from external organisations and regulators.
· Provide lead point of contact with the Information Commissioner’s Office on behalf of the Trust.
· Manage the processes to enable effective sharing of information within the organisation and with partner organisations in line with national legislation and policies.
· Develop assurance checks on compliance to internal Digital Services and Trust processes and national best practice standards.
· Contribute to the development of a culture of openness allowing appropriate information to flow freely.
· Ensure the development and effective administration of a document management system.
· Act as the Data Protection Officer fulfilling their statutory duties and responsibilities under the GDPR and the Data Protection Act 2018.
· Monitor the compliance of the Trust with the data protection legislation and reporting any issues or risks to the Caldicott Guardian, the SIRO, and the IG Steering Group.
· Provide advice and guidance to the Trust staff on data protection matters, such as data subject rights, data breach notification, data protection impact assessment, data sharing agreements, and data minimisation principles.
· Raise awareness and promoting a data protection culture within the Trust through training, communication, and engagement activities.
This advert closes on Wednesday 2 Apr 2025