East Kent Hospitals University NHS Foundation Trust
The Information Governance officer will be supporting the Trust's main IG activities in ensuring the Trust remains compliant with the Data Protection and information rights legal framework.
The IG Officer will work closely with the head of Information Governance/DPO to support all Trust staff, advising on information governance best practices, data privacy, data protection, and other records and information governance issues.
Main Duties of the Job
The Information Governance Officer operationally supports the Information Governance Manager and Data Protection Officer to maintain and deliver information governance, its core work activities whilst meeting compliance deadlines including but not limited to:
1. NHSE Data Security and Protection Toolkit DSPT/Cyber Assurance Framework Data Protection
2. Data Protection Impact Assessment coordination and review
3. Information Security
4. UK GDPR
5. Common Law Duty of Confidentiality
6. Records Management
7. Information sharing and Data Processing
8. Record Of Processing Activity and Information Asset Register coordination and review
About Us
We are one of the largest hospital trusts in England, with five hospitals and community clinics serving a local population of around 800,000 people. Our vision is 'great healthcare from great people'. Everything we do is guided by our values: 'People feel cared for, safe, respected and confident that we are making a difference'. We have a new way of working at East Kent Hospitals, called 'We care'. It's about empowering frontline staff to lead improvements day-to-day. We're looking for compassionate people to be part of our improvement journey for the patients, families, and carers we care for every day.
Job Responsibilities
Individual Rights Requests
Processes straightforward subject access requests in accordance with GDPR requirements as applicable. Maintains compliance with appropriate timeframes, any allowed charges, or refusals.
Caldicott Guardian/SIRO and DPO Advice and Support
Provides straightforward advice and support to the Caldicott Guardian and Senior Information Risk Owners. Provides support to the DPO as required.
Data Security and Protection Toolkit (DSPT)/Cyber Assurance Framework (CAF)
Uses the Data Security & Protection Toolkit (DSPT) to provide assurance that information assets are secure and handling personal information correctly.
Advice and Guidance
Provides straightforward information governance advice and guidance to colleagues and suppliers to ensure they effectively manage information.
Follows standard approaches for the timely review & assessment of Trust IG policies and data flows against the latest national regulatory updates and Trust business objectives.
Assists in teaching, instruction, and/or training of students/learners in order to develop knowledge, techniques, and skills using appropriate methods, tools, online environments, equipment, and materials.
Supports risk assessment following standard procedures. Maintains and monitors risk assessment documentation.
Regulatory Compliance
Reviews and assists own organisation to maintain a privacy notice and record of processing activities (ROPA). Advises and, where necessary, assists on the application of data protection impact assessments (DPIA) and maintain records for compliance within regulatory access requirements.
Develops and Builds Effective Relationships
Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining, and working to stakeholder engagement strategies and plans.
Review Findings
Collates evidence and examines for compliance with standards, statutory controls, or management directives. Identifies, escalates, and documents issues of non-compliance.
Communications
Communicates effectively by competent use of email, telephone, written, and face-to-face communication according to guidelines and customer care standards. Acts as a touchpoint for internal and external contacts.
Threats and Breaches
Responds to data security breaches in line with security and information governance policies. Supports any investigation that takes place as a result of a breach. Supports action to categorise and limit damage, according to the organisation's security policy, which may include escalation and reporting the incident to the Information Commissioner's Office, and records the incident and action taken.
Person Specification
Skill/Knowledge
* Demonstrable knowledge of Information Governance and using it in the workplace.
* Problem-solving skills and ability to respond to sudden unexpected demands.
* Ability to pull together comprehensive draft reports.
Experience
* Experience of working in an NHS organisation.
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
#J-18808-Ljbffr