Job summary
This is an exciting opportunity to play a significant role in one of the most transformative digital health initiative at Lewisham and Greenwich NHS Trust (LGT). The Electronic Patient Record (EPR) Programme stands as one of the most ambitious change projects in the Trust's history. Its aim is to streamline staff workflows, enhance safety, and ultimately achieve improved outcomes for service users.
The EPR Information Governance Lead is central to the successful implementation and integration of a new Electronic Patient Record system. This pivotal role is responsible for leading on all information governance activity associated with the design, testing, implementation and adoption of the new EPR, working alongside the Head of Information Governance, SIRO and Deputy, Data Protection Officer (DPO) and other colleagues to ensure that LGTs EPR Programme takes appropriate actions to enable the Trust to continue to meet their statutory obligations with regards Information Governance and Data Protection.
Main duties of the job
As the IG subject matter expert to the EPR programme, the post-holder will interpret National policy and guidance and will lead on the development and/or modification of IG related programme collateral including Data Privacy Impact Assessment documents, Data Sharing/Data Processing agreements and ensure compliance with the Data Security & Protection Toolkit (DSPT). The post-holder will lead on the mitigation and oversee the management of data risks associated with the implementation of the EPR across the Trust.
This role acts as the EPR Programme's specialist Information Governance Subject Matter Expert, providing assurance, guidance, and IG oversight across all workstreams and supporting the safe transition from legacy systems to the new EPR. The postholder will be expected to take the lead on all IG related activities across the EPR programme lifecycle, collaborating with appropriate senior colleagues to ensure delivery of IG requirements to required standards and timelines.
About us
Our people are our greatest asset. When we feel supported and happy at work, this positivity reaches those very people we are here for, the patients. Engaged employees perform at their best and our Equality, Diversity & Inclusion (EDI) initiatives contribute to cultivate a culture of engagement. We have four staff networks, a corporate EDI Team and a suite of programmes and events which aim to insert the 5 aspirations:
- Improving representation at senior levels of staff with disabilities, from black, Asian, and ethnic minorities background, identify as LGBTQ+ and women, through improved recruitment and leadership development
- Widening access (anchor institution) and employability
- Improving the experience of staff with disability
- Improving the EDI literacy and confidence of trust staff through training and development
- Making equalities mainstream
Job description
Job responsibilities
The postholder will act as the Information Governance lead and subject matter expert within the EPR Programme, providing strategic and operational oversight of all data protection and confidentiality matters. They will ensure that information governance principles are embedded across all programme workstreams, supporting the safe and compliant implementation of the new EPR. This includes advising and implementing processes on data protection by design, managing privacy risks, assuring supplier compliance, drafting and reviewing necessary agreements and policies, and ensuring the Trust meets its statutory obligations under the UK GDPR and Data Protection Act 2018. The role will also promote a culture of good information handling practices across the organisation, working closely with clinical, operational, and technical teams to enable the effective and lawful use of information within the new digital environment.
Job description
Job responsibilities
The postholder will act as the Information Governance lead and subject matter expert within the EPR Programme, providing strategic and operational oversight of all data protection and confidentiality matters. They will ensure that information governance principles are embedded across all programme workstreams, supporting the safe and compliant implementation of the new EPR. This includes advising and implementing processes on data protection by design, managing privacy risks, assuring supplier compliance, drafting and reviewing necessary agreements and policies, and ensuring the Trust meets its statutory obligations under the UK GDPR and Data Protection Act 2018. The role will also promote a culture of good information handling practices across the organisation, working closely with clinical, operational, and technical teams to enable the effective and lawful use of information within the new digital environment.
Person Specification
Qualifications and Training
Essential
- Degree or equivalent experience. BCS Practitioner Certificate in Data Protection or equivalent.
- MSc in Information Governance / Law / Health Informatics. Professional registration with IAPP or BCS.
Desirable
- Project management qualification
Experience
Essential
- NHS and Information Governance Experience
- Experience leading IG in a large NHS digital transformation or EPR implementation
- Experience interpreting complex legislation and applying it to digital and clinical workflows.
- Substantial management experience at a senior level
Desirable
- Previous experience of working directly with relevant EPR systems (e.g., Cerner, Epic, RiO)
- Experience of multi-Trust or regional IG collaboration.
Knowledge and Skills
Essential
- Extensive knowledge of Information Governance and Data Protection within the NHS, including GDPR, DPA 2018, Caldicott Principles, DSPT
- Excellent interpersonal and influencing skills across technical and clinical teams.
- Strong analytical and report writing skills. Ability to manage competing priorities and deliver to tight deadlines.
- Proactive, collaborative, and diplomatic. High integrity and commitment to confidentiality
- Comfortable working in a complex and changing environment.
- In-depth knowledge and practical application of Data Protection legislation, Freedom of Information Act 2000 and NHS Caldicott principles
- Extensive operational expertise and knowledge in Information Governance and Information Security principles and Practices and application to the NHS environment
- Ability to provide and receive highly complex, highly sensitive or highly contentious information, where developed persuasive, motivational, negotiation, training, empathic or re-assurance skills are required.
- Ability to present complex, sensitive or contentious information to a large group
- Ability to make judgements on multi- stranded or complex IG/IT problems which may have no precedent or where there are conflicting opinions
- Ability to project manage and deliver to expected deadlines
Person Specification
Qualifications and Training
Essential
- Degree or equivalent experience. BCS Practitioner Certificate in Data Protection or equivalent.
- MSc in Information Governance / Law / Health Informatics. Professional registration with IAPP or BCS.
Desirable
- Project management qualification
Experience
Essential
- NHS and Information Governance Experience
- Experience leading IG in a large NHS digital transformation or EPR implementation
- Experience interpreting complex legislation and applying it to digital and clinical workflows.
- Substantial management experience at a senior level
Desirable
- Previous experience of working directly with relevant EPR systems (e.g., Cerner, Epic, RiO)
- Experience of multi-Trust or regional IG collaboration.
Knowledge and Skills
Essential
- Extensive knowledge of Information Governance and Data Protection within the NHS, including GDPR, DPA 2018, Caldicott Principles, DSPT
- Excellent interpersonal and influencing skills across technical and clinical teams.
- Strong analytical and report writing skills. Ability to manage competing priorities and deliver to tight deadlines.
- Proactive, collaborative, and diplomatic. High integrity and commitment to confidentiality
- Comfortable working in a complex and changing environment.
- In-depth knowledge and practical application of Data Protection legislation, Freedom of Information Act 2000 and NHS Caldicott principles
- Extensive operational expertise and knowledge in Information Governance and Information Security principles and Practices and application to the NHS environment
- Ability to provide and receive highly complex, highly sensitive or highly contentious information, where developed persuasive, motivational, negotiation, training, empathic or re-assurance skills are required.
- Ability to present complex, sensitive or contentious information to a large group
- Ability to make judgements on multi- stranded or complex IG/IT problems which may have no precedent or where there are conflicting opinions
- Ability to project manage and deliver to expected deadlines
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
