Description Provide a comprehensive information governance support service for the College, undertaking a variety of tasks, projects and administrative support duties designed to assist in the smooth running of the department/ College, providing generalist advice to managers and staff on legislation. Main Responsibilities and Duties: Act as the first line of support to staff in respect of queries in relation to freedom of information and data protection legislation. Process requests for information received under Freedom of Information and Data Protection legislation, such as data subject access requests and right to erasure requests, and requests received from law enforcement agencies and any other organisations. This includes liaising with the requestor and applying exemptions when applicable. Act as the initial contact for investigating and recording data breaches, undertaking investigations where appropriate, following the risk assessment process, producing reports and recommendations or escalating all other issues, ensuing that staff are supported in mitigating the impact of confirmed data breaches and following up on any resulting actions. Work with information asset owners to ascertain through data maps the extent to which personal data is collected, held, processed and used, providing guidance and recommendations to the DPO and data owners, and producing and maintaining data maps that detail how data flows through its lifecycle and use this to assess privacy risks ensuring that it is properly controlled and safeguarded from loss of confidentiality integrity or availability from any cause, whether internal or external. Complete or support staff with the completion of data protection impact assessments (DPIAs) and privacy notices, including working with the ICT Department to risk assess software and storage locations to determine the suitability and effectiveness, ensuing that any potential risks are identified and appropriately mitigated. Update and maintain the Records of Processing Activities (ROPA) based on the requirement of Article 30 of the GDPR and reviewing the ROPA against processing activities, policies and procedures to ensure that it remains accurate. Maintain and implement the retention schedule and archiving arrangements in line with legal requirements and to support with, and advise on, the secure disposal of personal data. Support the development and delivery of training within departments and the auditing of departments in respect of compliance with freedom of information and data protection legislation. Application Requirements To ensure compliance with safeguarding guidelines, all applicants must complete the application form in full. This includes providing: A full employment history from the time you left full-time education, with details of any gaps in employment explained. Information on all relevant education and qualifications. Please note, incomplete applications will not be considered. Your co-operation helps us maintain the highest standards of safety and care for children and young people. Benefits Click here to view MidKent College benefits. ADZN1_UKTJ