Data Protection Officer At Healthcare Business Solutions, we offer and provide numerous healthcare-based solutions to a variety of clientele. Whether it be patients, clinicians, or corporate businesses, we are always innovative. We consistently provide tomorrow’s solutions, today. In the role of Date Protection Officer, you will be highly organised, have a proven track record or excellent performance under pressure and demonstrate excellent leadership and communication skills. You will support the on-going development of Data Protection processes, that meet the current and future requirements. You will thrive in an environment of accountability, freedom of though and rapid growth. Every day will be different and together we will strive for excellence – always supporting each other to go the extra mile, never forgetting our mission. To be considered for the the role you will require the following: Essential Criteria; EDUCATION, QUALIFICATION AND TRAINING Information Technology, Data Protection, Data Science, Law, or Business Administration Degree. EXPERIENCE At least 5-7 years of experience in data protection, privacy, and AI governance roles Experience in conducting DPIAs and AI privacy risk assessments Experience in handling data protection issues during procurement due diligence, including reviewing DPIAs Experience in conducting data protection reviews for project and process changes Experience in completing and submitting data protection maturity assessments KNOWLEDGE AND SKILLS Ability to explain how AI technologies work and their implications for data privacy Familiarity with AI governance structures and frameworks Understanding of GDPR requirements and how to incorporate them into contracts Experience in implementing and managing BCRs within an organization Knowledge of data privacy governance models and standards Skills in identifying and mitigating risks during the remediation process Ability to ensure day-to-day data protection activities align with established corporate standards Experience in maintaining annual registrations and acting as a point of contact for the ICO Skills in handling investigations of complaints and liaising with regulatory bodies Ability to identify areas for improvement and implement changes based on assessment results Skills in collating submitting and presenting monthly reports executive/board level requirements Desirable EDUCATION, QUALIFICATION AND TRAINING Relevant certifications such as Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), or Artificial Intelligence Governance Professional (AIGP) EXPERIENCE Experience in enhancing data protection practices, transitioning from smaller companies to achieving compliance within larger corporate organisations KNOWLEDGE AND SKILLS Knowledge of GDPR compliance and data protection laws related to vendor management Skills in providing data protection support and guidance during the contracting process with suppliers Experience in implementing and completing actions from post-acquisition remediation plans Skills in performing due diligence on third parties to highlight and mitigate key risks OTHER JOB-RELATED REQUIREMENTS Ability to work in a fast paced environment Within this position, you will mainly be; Assisting with data protection issues in the HBSUK’s procurement due diligence process including reviewing any DPIAs. Providing data protection support and guidance in the contracting process with suppliers. Leading on the implementation of Group Binding Corporate Rules Implementation/completion of any outstanding actions from the post-acquisition remediation plan Provide business support to ensure Data Protection reviews are undertaken of project and process change activity including DP due diligence of Third Parties to highlight and mitigate key risk ICO liaison: ensuring annual registrations are maintained, acting as ICO point of contact for investigation of complaints Completion and submission of the annual Group DP Maturity Assessment Collation and submission of monthly reporting to UK/Group Ability to lead on DPST internal audit and annual submission Co-ordinate and ensure ROPA’s are kept up to date Implement data retention schedule and execution program Lead on ROPA Audits Able to respond to and manage GDPR SAR requests and maintain the SAR register Review all DPIA’s and DSA’s for existing contracts and any new contracts Manage any data breach incidents, learning and actions needed to prevent recurrence Able to manage and monitor of all IG related policies including privacy notices etc. Work with Quality Assurance & Compliance manager on ISO27001 audit Ability to review training for GDPR and IG, ensuring that it is fit for purpose, up to date examples, completed and delivered. Developing HBSUK’s AI governance structure for use of AI tools internally and via service providers including carrying out DPIAs and AI privacy risk assessments. Ensuring day to day data protection activity aligns with established UK Privacy framework, Group Standards and AI Policy Our Commitment to you We are committed to building a diverse team of HBSUK who are smart, nice, and get things done where everyone at HBSUK is empowered to bring their authentic self to their work. We are all responsible for stewarding a high-performance culture in which all HBSUK employee's belong and thrive. We are proud to be an equal opportunity employer and welcome applications from people of all backgrounds and experiences. If this opportunity is something which appeals to you, get in touch today, so we can ensure you have the best experience throughout your search.