This role forms part of the wider Information Governance service and is functionally responsible for the Information Rights and Records Management departments. This role will provide strategic leadership and subject matter expertise to the departments and wider trust. This role will be required to undertake broader Information Governance duties in support of the Corporate Information Governance department.
Main duties of the job
The main duties for this role include:
* Management of the Information Rights and Records Management departments
* Providing expert advice in all matters relating to Information Governance
* Advising and leading of complex Data Protection Impact Assessments
* Budget management
* Contract management
* Supporting the trusts wider Information Governance agenda.
Job description
Job responsibilities
The Head of Information Governance (Information Rights and Records Management will:
Establish and maintain the trust as a leading provider for Information Rights And Records Management.
Develop and deliver training and guidance specific to the context of the trust accounting for the new requirements and structures under the Health and Social Care Act 2012.
Outline, in conjunction with colleagues, the requirements of assurance and risk management on information governance and to ensure that particular stakeholder demands are met.
Support the development of a community of practice between stakeholder leadership and staff to ensure they are able to evaluate assurance and requirements across the information governance agenda (information asset owner audit returns)
Develop a systematic approach to information governance with clear systems of prioritisation, change management and control.
Ensure stakeholder understand the standards required for information governance and risk management and their implementation in standard working practice.
The co-ordination and leadership of an information governance assurance model, ensuring that where services are provided by a third party that an assurance model is in place and is supported by contractual (or equivalent) terms.
Deliver the expected standard of investigation and action on information incidents or potential breaches of the data protection act or confidentiality, in line with the relevant organisations controls.
Deliver operational support and assistance on site with stakeholder and engagement in routine business and development, to support the appropriate, proportionate and timely consideration of information governance issues in strategic and operational decisions.
To be able to assess the quality of assurance provided on information governance and advise or escalate as required by circumstances and agreements.
Where required to act as Privacy Officer, ensuring that the appropriate requirements of the registration authority service are outlined.
Manage and/or co-ordination of information incident escalation and investigation.
Respond to complex complaints from distressed and upset patients and staff in regards to data protection.
Engagement with national and regional bodies and forums, as required.
Support, training and assistance to key post holders including but not limited to Senior Information Risk Owner (SIRO), Information Asset Owners (IAO), Caldicott Guardian, Privacy Officer, executive responsible for Registration Authority, executive responsible for records management, Information Governance Group, other Board (as required).
Manage and support the delivery of information asset register.
Support Information Asset Owners and SIRO in the management of Risk, through the delivery of information risk register and associated action plans. Monitor actions delivered by key providers and escalate as necessary.
Support the nominated Information Security Officer(s) in delivering the information security assurance programme. Provide updates on key risks and priorities arising from ICT environment and changing requirements.
Provide advice on guidance on changes to be considered to improve patient outcomes and business efficiency, through process review and technology.
Lead on information incident management and investigation, managing ICO complaints and support functions in managing incidents from providers.
Support and delivery of guidance for contracts (with third party suppliers) and commissioning of services to ensure IG elements are incorporated and best practice is followed where possible.
Management of delivery of Data Processing Agreements and contract terms where necessary and in conjunction with legal advice.
Support IT service in the provision of appropriate filing structures, access control and management of electronic information.
Highlight and management of risk to the stakeholder (where supported by terms of contract with providers).
Provide data protection expertise (legal/statutory requirements) where necessary including: design and delivery of privacy information, guidance on the required consent model and engagement with patients.
Receive and manage data relating to extremely sensitive matters regarding data use, lawfulness of processing, and ethical standards.
Work with stakeholders to develop key strategies covering the information governance agenda
Support the scoping, design and project to delivery de-identification/ pseudonymisation projects and processes from an IG perspective.
Liaise with Informatics and IT teams to ensure legal compliance and governance standards are met and implemented.
To oversee team members to deliver the requirements listed above engage and liaise with key stakeholder, in particular:
o To support the delivery of day to day activities and projects.
o To manage team and drive delivery of a range of business initiatives and projects.
o To support the identification and sharing of best practice in employee engagement.
o To operate in a highly political and sensitive environment.
o Support the portfolio of initiatives in demonstrating value for money for the current spend through tracking, managing and delivering agreed benefits.
Create and manage a consultancy model service to generate income for the trust and improve NHS information governance.
Person Specification
Royal Free World Class Values
Essential
* Demonstrable ability to meet the Trust Values
Education & professional Qualifications
Essential
* Educated to masters level or equivalent level of experience of working at a senior level in specialist area
Desirable
* Post-graduate degree in Management Studies or equivalent
* ISEB Information Security Management Principles qualification or equivalent
Experience
Essential
* Demonstrable understanding of the background to and aims of current healthcare policy and appreciate the implications of this on engagement
* Extensive knowledge of Information Governance, acquired through post graduate diploma or equivalent experience or training plus further specialist knowledge or experience to masters level equivalent
* Must have an understanding of the background to and aims of current healthcare policy and appreciate the implications of this on engagement
* Sound knowledge of the Data Protection Act and other key legislation around the security and processing of personal data within the NHS
* Significant experience in leading an information governance assurance framework and delivering to the required standard of quality assurance and audit
* Understanding of technical aspects of Information Security
Skills and Aptitudes
Essential
* Demonstrable communication experience provision of highly complex information, negotiate with senior stakeholders on difficult and controversial issues, present to large and influential groups
* Negotiate on difficult and controversial issues including performance and change
* Problem solving skills and ability to respond to sudden unexpected demands
* Ability to analyse complex facts and situations and develop a range of options
* Working knowledge of Microsoft Office with intermediate keyboard skills
* Experience in managing a budget, involved in budget setting and working knowledge of financial processes
* Ability to travel between sites as required
Desirable
* Comprehensive experience of project principles techniques and tools such as Prince 2 and Managing Successful Projects
Personal Qualities & Attributes
Essential
* Manage own workload and direct activities of others. Experience of managing and motivating a team and reviewing performance of the individuals
* Demonstrated capability to plan short, medium and long -term timeframes and adjust plans and resource requirements accordingly
Employer details
Employer name
Royal Free London NHS Foundation Trust
Address
1st Floor, Roy Shaw Centre
3-5 Cressy Road
Greater London
NW3 2ND
Any attachments will be accessible after you click to apply.
391-RFL-6357530-A
J-18808-Ljbffr