Job summary
As a Governance and Compliance Coordinator, you will undertake tasks and duties delegated by the Governance &
Compliance Officer, and the Quality and Governance Team, ensuring to provide an
efficient and effective service.
We are seeking a proactive and detail-oriented individual to provide
comprehensive administrative support. As Governance and Compliance Coordinator, you will support the
delivery of effective information governance and data protection compliance
across the organisation.
This role is essential to ensuring the smooth operation of governance
processes, supporting risk management, and promoting a culture of continuous
learning and data protection compliance.
Interviews will take place in York. Kindly take this into consideration when applying.
There is no sponsorship available for this role.
Main duties of the job
Data Protection and Governance Support
- Demonstrate a good knowledge of UK data protection legislation and maintain awareness of regulatory updates.
- Log, acknowledge, and track incoming requests for information such as Subject Access Requests (SARs) ensuring statutory deadlines are met and appropriate records are maintained.
- Liaise with internal teams to coordinate responses, escalating complex cases to the Governance and Compliance Officer (G&CO).
- Act as first-line support for staff and patient for data protection queries, referring to the G&CO where appropriate.
- Assist in the collation and organisation of evidence for the annual DSP Toolkit submission.
- Support with the upkeep of the Incident Management System and actions related to Data Protection near misses and breaches.
- Supporting the Senior Leadership and Management Teams with administrative requests relating to Data Sharing and Data Protection Impact Assessments.
- Maintain and regularly review a central register of Data Sharing Agreements and DPIAs, including version control and review dates.
- Support the Governance and Compliance Officer in coordinating and administering privacy notices for both staff and patients, working to ensure member practices and key stakeholders are made aware of any changes and ensuring they are up-to-date, accurate, and accessible.
About us
Nimbuscare
is a not-for-profit organisation that aims to be a collaborative and agile
provider that cares for its people and patients. Nimbuscare is based in York
and is owned by all the practices in the city, however we deliver services over
a wider footprint.
Nimbuscare
deliver Urgent Care services in collaboration with the hospital and GP
practices in York, Scarborough, Whitby, Malton and Selby. We also provide
community-based frailty care, which focuses on treating people in the community
where we can. We also aim to shift services into the community where possible,
for example our community diagnostic centres run in partnership with the Acute
Trust.
We
are committed to contributing towards a better NHS based on equity, fairness,
innovation, collaboration and quality.
We
are part of the system, and we are here to stay.
Nimbuscare
is committed to improving the diversity of its workforce to better reflect the
communities we serve. We welcome applications from everyone and work to promote
an inclusive supportive culture that values and celebrates our differences.
As
a Disability Confident Committed employer disabled applicants who meet the
essential criteria for this job are guaranteed an interview.
Job description
Job responsibilities
Data Protection and Governance Support
- Demonstrate a good knowledge of UK data protection legislation and maintain awareness of regulatory updates.
- Log, acknowledge, and track incoming requests for information such as Subject Access Requests (SARs) ensuring statutory deadlines are met and appropriate records are maintained.
- Liaise with internal teams to coordinate responses, escalating complex cases to the Governance and Compliance Officer (G&CO).
- Act as first-line support for staff and patient for data protection queries, referring to the G&CO where appropriate.
- Assist in the collation and organisation of evidence for the annual DSP Toolkit submission.
- Support with the upkeep of the Incident Management System and actions related to Data Protection near misses and breaches.
- Supporting the Senior Leadership and Management Teams with administrative requests relating to Data Sharing and Data Protection Impact Assessments.
- Maintain and regularly review a central register of Data Sharing Agreements and DPIAs, including version control and review dates.
- Support the Governance and Compliance Officer in coordinating and administering privacy notices for both staff and patients, working to ensure member practices and key stakeholders are made aware of any changes and ensuring they are up-to-date, accurate, and accessible.
General Administrative Duties
- Maintain tracking spreadsheets and action logs to support IG compliance across departments.
- Support the production of IG-related reports, compliance dashboards, and audit trails.
- Contribute to awareness-raising activities such as inductions, newsletters, and training.
- Act as a first point of contact for external IG-related enquiries and communications.
- Schedule and support governance-related meetings, forums, and internal reviews.
- Provide ongoing administrative support to the Information Governance Officer & SECL including handling correspondence, document filing, and inbox management.
- Offer other administrative support to the Quality and Governance Team as required, including supporting Safety KPIs and patient experience queries.
Job description
Job responsibilities
Data Protection and Governance Support
- Demonstrate a good knowledge of UK data protection legislation and maintain awareness of regulatory updates.
- Log, acknowledge, and track incoming requests for information such as Subject Access Requests (SARs) ensuring statutory deadlines are met and appropriate records are maintained.
- Liaise with internal teams to coordinate responses, escalating complex cases to the Governance and Compliance Officer (G&CO).
- Act as first-line support for staff and patient for data protection queries, referring to the G&CO where appropriate.
- Assist in the collation and organisation of evidence for the annual DSP Toolkit submission.
- Support with the upkeep of the Incident Management System and actions related to Data Protection near misses and breaches.
- Supporting the Senior Leadership and Management Teams with administrative requests relating to Data Sharing and Data Protection Impact Assessments.
- Maintain and regularly review a central register of Data Sharing Agreements and DPIAs, including version control and review dates.
- Support the Governance and Compliance Officer in coordinating and administering privacy notices for both staff and patients, working to ensure member practices and key stakeholders are made aware of any changes and ensuring they are up-to-date, accurate, and accessible.
General Administrative Duties
- Maintain tracking spreadsheets and action logs to support IG compliance across departments.
- Support the production of IG-related reports, compliance dashboards, and audit trails.
- Contribute to awareness-raising activities such as inductions, newsletters, and training.
- Act as a first point of contact for external IG-related enquiries and communications.
- Schedule and support governance-related meetings, forums, and internal reviews.
- Provide ongoing administrative support to the Information Governance Officer & SECL including handling correspondence, document filing, and inbox management.
- Offer other administrative support to the Quality and Governance Team as required, including supporting Safety KPIs and patient experience queries.
Person Specification
Experience
Essential
- Proven administrative experience, preferably in an information governance setting.
- Basic understanding of Data Protection Legislation
- Excellent organisational and time management skills.
- Strong attention to detail and document control.
- Clear written and verbal communication skills.
- Proficiency with Microsoft Office and document management systems.
- Proven ability to manage multiple tasks and prioritise effectively.
- Experience working in a governance, compliance, or administrative support environment.
- Competent in using Microsoft Office Suite (Word, Excel, Outlook, Teams).
- Experience in working under pressure to meet deadlines.
- Ability to work independently and collaboratively within a team.
- Experience delivering excellent written and verbal communication.
- Demonstrated commitment to customer service and professional interaction.
Desirable
- Experience of working within the NHS or general practice.
- Experience working with SystmOne.
- Experience of completing Data Protection Impact Assessment
- Understanding of Learning Event Management systems and processes.
- Experience in risk management or audit preparation.
- Familiarity with quality assurance and compliance best practices.
- Knowledge of sector-specific regulations (e.g., healthcare, education, non-profit).
- Ability to listen actively and empathise with colleagues and clients.
- Hard-working, self-motivated, and willing to learn.
- Flexible and adaptable to meet changing priorities and needs.
- Able to use own initiative and demonstrate problem-solving skills.
- Commitment to continuous professional and personal development.
Qualifications
Essential
- Minimum Level 2 Math and English or equivalent (GCSE Grade C / Grade 4 or above).
Person Specification
Experience
Essential
- Proven administrative experience, preferably in an information governance setting.
- Basic understanding of Data Protection Legislation
- Excellent organisational and time management skills.
- Strong attention to detail and document control.
- Clear written and verbal communication skills.
- Proficiency with Microsoft Office and document management systems.
- Proven ability to manage multiple tasks and prioritise effectively.
- Experience working in a governance, compliance, or administrative support environment.
- Competent in using Microsoft Office Suite (Word, Excel, Outlook, Teams).
- Experience in working under pressure to meet deadlines.
- Ability to work independently and collaboratively within a team.
- Experience delivering excellent written and verbal communication.
- Demonstrated commitment to customer service and professional interaction.
Desirable
- Experience of working within the NHS or general practice.
- Experience working with SystmOne.
- Experience of completing Data Protection Impact Assessment
- Understanding of Learning Event Management systems and processes.
- Experience in risk management or audit preparation.
- Familiarity with quality assurance and compliance best practices.
- Knowledge of sector-specific regulations (e.g., healthcare, education, non-profit).
- Ability to listen actively and empathise with colleagues and clients.
- Hard-working, self-motivated, and willing to learn.
- Flexible and adaptable to meet changing priorities and needs.
- Able to use own initiative and demonstrate problem-solving skills.
- Commitment to continuous professional and personal development.
Qualifications
Essential
- Minimum Level 2 Math and English or equivalent (GCSE Grade C / Grade 4 or above).
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
