Job summary The Head of Information Governance and Risk is a significant and central role in delivering the Governance of the Integrated Care Board. The post holder will be an expert and have in-depth specialised knowledge in information governance with its cross over between written and digital compliance - as Data Protection Officer for the ICB and Primary Care. They will also have experience of leading risk management in complex environments. Working for NHS Hertfordshire and West Essex Integrated Care System, they will ensure that the ICB meets its legal and regulatory obligations in relation to Information Governance including confidentiality, information security, Data Protection, Freedom of Information, GDPR and Registration Authority requirements. Main duties of the job The post holder will ensure that there is a robust information governance framework in place and being adhered to, to support the functions of the ICB. In addition, the post holder will also have with an eye on the new landscape - ensuring any the framework and developing strategy is fit for purpose, alongside being implemented, and adhered to across the organisation(s). The post holder will be required to provide day-to-day management of Information Governance team, providing both routine and ad-hoc information and intelligence within the ICB and to external bodies. This will involve directly managing the work of one team within the department as well as contributing to broader departmental management alongside other senior members of the team. The post holder will act as Data Protection Officer for the ICB and Primary Care GP practices operating within the ICBs geographical remit, having current relevant accreditation to support this role that includes - CIPP/E. The postholder will also be responsible for the design and implementation of a risk approach for the Integrated Care Board which effectively identifies and mitigates both tactical and strategic risk across the organisation. This will often involve working directly to the Chair and other Board members. The post holder will lead on all national reporting to NHS England and other regulatory bodies and ensure it is completed with accuracy and within set time frames. About us NHS Hertfordshire and West Essex Integrated Care Board (ICB) is the local NHS organisation that plans and oversees how NHS money is spent and makes sure health services work well and are of high quality. The ICB's role is to join up health and care services, improve health and wellbeing and reduce health inequalities for the 1.6 million people who live in Hertfordshire and West Essex. It's an exciting time for us and we're looking for people who enjoy working in a fast-paced, vibrant environment that can help us achieve our aim. So if you share our passion for people and want to make a positive change to their health and health services then we want to hear from you. Date posted 14 January 2025 Pay scheme Agenda for change Band Band 8c Salary £74,290 to £85,601 a year per annum plus fringe allowance Contract Permanent Working pattern Full-time Reference number 468-HWE421-A Job locations Charter House Park Way Welwyn Garden City AL8 6JL Job description Job responsibilities The Head of Information Governance and Risk is a significant and central role in delivering the Governance of the Integrated Care Board. The post holder will be an expert and have in-depth specialised knowledge in information governance with its cross over between written and digital compliance as Data Protection Officer for the ICB and Primary Care. They will also have experience of leading risk management in complex environments. Working for NHS Hertfordshire and West Essex Integrated Care System, they will ensure that the ICB meets its legal and regulatory obligations in relation to Information Governance including confidentiality, information security, Data Protection, Freedom of Information, GDPR and Registration Authority requirements. The post holder will ensure that there is a robust information governance framework in place and being adhered to, to support the functions of the ICB. In addition, the post holder will also have with an eye on the new landscape - ensuring any the framework and developing strategy is fit for purpose, alongside being implemented, and adhered to across the organisation(s). The post holder will be required to provide day-to-day management of Information Governance team, providing both routine and ad-hoc information and intelligence within the ICB and to external bodies. This will involve directly managing the work of one team within the department as well as contributing to broader departmental management alongside other senior members of the team. The post holder will act as Data Protection Officer for the ICB and Primary Care GP practices operating within the ICBs geographical remit, having current relevant accreditation to support this role that includes CIPP/E. The Postholder will also be responsible for the design and implementation of a risk approach for the Integrated Care Board which effectively identifies and mitigates both tactical and strategic risk across the organisation. This will often involve working directly to the Chair and other Board members. The post holder will lead on all national reporting to NHS England and other regulatory bodies and ensure it is completed with accuracy and within set timeframes. The post holder will be responsible for coordinating the organisations processes for Subject Access Requests, or applications under the Freedom of Information Act. The post holder will be responsible for and oversee records management for the ICB. The post holder will be responsible for direct line management within their team. This will include responsibility for managing routine HR reporting as well as overall staff management and development. The post holder will be required to combine advanced knowledge and experience of the commissioning, information and performance management requirements within the NHS with excellent technical, analytical and communication skills and good attention to detail. The post holder will have experience working across organisational boundaries, liaising with senior managerial and clinical staff. They will have excellent influencing, written and oral communication skills; being comfortable present information on detailed and complex technical subjects to both individuals and groups not familiar with the subject matter. Whilst working closely with colleagues within the Information, Performance & PMO department, the post holder will be expected to act with a significant level of autonomy in planning and organising their teams routine workload and project work. They will require good organisational and communication skills to ensure that work is completed within time and quality standards, and to escalate any exceptions which arise. The job description and person specification may be reviewed on an ongoing basis in accordance with the changing needs of the Department or Directorate and the ICB. Job description Job responsibilities The Head of Information Governance and Risk is a significant and central role in delivering the Governance of the Integrated Care Board. The post holder will be an expert and have in-depth specialised knowledge in information governance with its cross over between written and digital compliance as Data Protection Officer for the ICB and Primary Care. They will also have experience of leading risk management in complex environments. Working for NHS Hertfordshire and West Essex Integrated Care System, they will ensure that the ICB meets its legal and regulatory obligations in relation to Information Governance including confidentiality, information security, Data Protection, Freedom of Information, GDPR and Registration Authority requirements. The post holder will ensure that there is a robust information governance framework in place and being adhered to, to support the functions of the ICB. In addition, the post holder will also have with an eye on the new landscape - ensuring any the framework and developing strategy is fit for purpose, alongside being implemented, and adhered to across the organisation(s). The post holder will be required to provide day-to-day management of Information Governance team, providing both routine and ad-hoc information and intelligence within the ICB and to external bodies. This will involve directly managing the work of one team within the department as well as contributing to broader departmental management alongside other senior members of the team. The post holder will act as Data Protection Officer for the ICB and Primary Care GP practices operating within the ICBs geographical remit, having current relevant accreditation to support this role that includes CIPP/E. The Postholder will also be responsible for the design and implementation of a risk approach for the Integrated Care Board which effectively identifies and mitigates both tactical and strategic risk across the organisation. This will often involve working directly to the Chair and other Board members. The post holder will lead on all national reporting to NHS England and other regulatory bodies and ensure it is completed with accuracy and within set timeframes. The post holder will be responsible for coordinating the organisations processes for Subject Access Requests, or applications under the Freedom of Information Act. The post holder will be responsible for and oversee records management for the ICB. The post holder will be responsible for direct line management within their team. This will include responsibility for managing routine HR reporting as well as overall staff management and development. The post holder will be required to combine advanced knowledge and experience of the commissioning, information and performance management requirements within the NHS with excellent technical, analytical and communication skills and good attention to detail. The post holder will have experience working across organisational boundaries, liaising with senior managerial and clinical staff. They will have excellent influencing, written and oral communication skills; being comfortable present information on detailed and complex technical subjects to both individuals and groups not familiar with the subject matter. Whilst working closely with colleagues within the Information, Performance & PMO department, the post holder will be expected to act with a significant level of autonomy in planning and organising their teams routine workload and project work. They will require good organisational and communication skills to ensure that work is completed within time and quality standards, and to escalate any exceptions which arise. The job description and person specification may be reviewed on an ongoing basis in accordance with the changing needs of the Department or Directorate and the ICB. Person Specification Knowledge, Training and Experience Essential Extensive and significant expertise and knowledge of specialist areas, acquired through post graduate diploma or equivalent experience or training plus further specialist knowledge or experience to master's level equivalent. Previous experience of holding the role and related responsibilities of Data Protection Officer for a comparable organisation. Evidence of post qualifying and continuing professional development - including CIPP/E accreditation. Able to demonstrate an indepth understanding of the background to and aims of current healthcare policy and appreciate the implications of this on engagement. Communication Skills Essential Excellent written and verbal communication skills, with the ability to articulate specialist and technical knowledge to a range of audiences in a manner that is relevant and clearly understood by the audience. Analytical Essential Ability to analyse complex facts and situations and develop a range of credible options that can be easily interpreted and understood by stakeholders. Person Specification Knowledge, Training and Experience Essential Extensive and significant expertise and knowledge of specialist areas, acquired through post graduate diploma or equivalent experience or training plus further specialist knowledge or experience to master's level equivalent. Previous experience of holding the role and related responsibilities of Data Protection Officer for a comparable organisation. Evidence of post qualifying and continuing professional development - including CIPP/E accreditation. Able to demonstrate an indepth understanding of the background to and aims of current healthcare policy and appreciate the implications of this on engagement. Communication Skills Essential Excellent written and verbal communication skills, with the ability to articulate specialist and technical knowledge to a range of audiences in a manner that is relevant and clearly understood by the audience. Analytical Essential Ability to analyse complex facts and situations and develop a range of credible options that can be easily interpreted and understood by stakeholders. Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. Employer details Employer name NHS Hertfordshire and West Essex Integrated Care Board (468) Address Charter House Park Way Welwyn Garden City AL8 6JL Employer's website https://hertsandwestessex.icb.nhs.uk (Opens in a new tab)