Data Security and Protection (DSP) Provide specialist advice and assistance to staff where required on areas of complex information governance legislation, such as UK GDPR, Data Protection Act 2018 and the NHS Code of Practice on Confidentiality with specific attention to the EPR implementation and roll out. To work closely with department colleagues, support services, clinical services, operational and strategic Data Security and Protection leads and internal and external DSP colleagues to promote excellent Information Governance, Data Security and Data Protection practice, by advising and supporting them in their understanding and delivery of these requirements. To be aware of Data Security and Protection incidents and where appropriate support in the investigation process, ensuring relevant actions are taken and lessons learnt to prevent reoccurrence Provide support for a programme of Data Security and Protection related work managed by the Head of DSP and locally directed by the DSP Manager and Team Leader Review and report key indicators to provide information for the Digital, Clinical and Operational Delivery Group and the Data Security and Protection Group, including DSP statistics, progress of projects and analysis of incidents. Deputise for the Head of DSP, attending relevant meetings when necessary. Provide support to other areas of the Data Security and Protection Team as directed by the Head of Data Security and Protection. Develop and maintain standard operating procedures for all routine tasks carried out within the role. Support the development, review and roll-out of appropriate DSP related policies and procedures, making recommendations and proposals for updates and new and existing policies with specific attention to system implementations and roll out. Manage DSP records, both paper and electronic, updating reports, maintaining action plans, policies and procedures etc. Maintain the Trusts Information Asset Register and undertake reviews in coordination with Information Asset Owners and Information Asset Administrators. Supporting internal colleagues with the completion of Data Protection Impact Assessments, including highlighting data protection and security risks. Update and maintain the Trusts Privacy Notice to ensure compliance with UK GDPR standards and internal policies with specific attention to system implementations, major upgrades and roll out. Understand and monitor compliance with relevant legislation, particularly the common law duty of confidentiality, the Data Protection Act 2018, the General Data Protection Regulation, the Computer Misuse Act 1990, the Human Rights Act 1998; with specific attention to the system implementations and roll out. Manage Information Sharing Agreements and flows via the Information Sharing Gateway, working with internal and external stakeholders to make sure these are appropriately documented. Liaise with relevant internal and external stakeholders to ensure Information Sharing Agreements are completed and reviewed in line with GDPR. Establish good working relationships with key staff in all departments across the Trust. Implement policies and propose changes to Group DSP policies as appropriate, conducting monitoring compliance with those policies and protocols Conduct data protection impact assessments (DPIA) where necessary and ensure the Group adheres to the data privacy by design and default as set out in Article 25 GDPR Complete DPIAs to relevant team members and ensure cross partnership working with relevant project and transformation leads Work with project managers to devise and establish systems, applications and processes that must be modified and designed with robust data security and protection principles in place with specific attention to the system implementations and roll out. Assist the DSP Team Leader in the collation of relevant reports and information for compliance reporting, inspections and internal assurance. Work with the Cyber Security Team to assess cyber related assurance and controls with specific attention to the system implementations and roll out. to monitor compliance, identify when non-compliance is detected and escalate to the Head of DSP as appropriate Assist with the DSP meetings, ensuring relevant reports, minutes actions and decisions are recorded that relate to the DSP Team and actions taken or escalated where necessary Escalate incidents to the Team Leader immediately when they may meet the criteria for a Serious Incident / reportable to the ICO update the Internet and Intranet pages for DSP as appropriate, ensuring it is up to date with pertinent advice and guidance, including applicable FAQs and relevant legislation. Manage paper and consumables stock and use the e-proc system to order stationary items needing to be reordered and be responsible for equipment such as the photocopier used by the DSP Team Allocate tasks to and support the DSP Team administrator to ensure mailboxes are appropriately managed and their responsibilities are appropriately undertaken Manage a multiple and wide-ranging workload which requires independent task management and prioritisation to meet deadlines, with ability to concentrate on extended tasks