Information Governance Compliance Officer

Job description

Job responsibilities

• Act as the first point of contact for Information Governance and Information Security compliance enquiries, some of which will be of a confidential nature, referring enquirers onward where appropriate.
• Lead on the triage of IG incidents, escalating to senior managers as indicated
• Provide guidance and advice to Trust teams and senior management on a wide range of complex information Governance compliance areas and escalate as required to enhance delivery of quality patient care, teaching, and research.
• Assist with and co-ordinate the production, collation and systematic returns and recording of evidence to support compliance with the Data Security & Protection Toolkit.
• Provide the analysis, validation and quality assurance of DSPT evidence, including progress and outcome reports that include (amongst other analysis) thematic and trend analyses, with commentary and issue escalation to various committees up to and including the Management Executive.
• To manage and co-ordinate the IG Teams action/task trackers ensuring the timely delivery of work, escalating issues to the Head of IG where appropriate.
• Promote and raise staff awareness of IG best practice by working with other team members to plan, organise and deliver compliance training programmes to staff at all levels of the organisation including senior management. This may include staff induction, mandatory training including face to face and e-learning and ad hoc
• Create and maintain dashboards and performance reports (including trends, thematic analysis, commentary and highlighting issues) against key performance indicators evidencing IG/IS compliance and progress, and highlighting issues to the SIRO, Head of Information Governance, Information Governance Committee, and senior management including Management Executive.
• Assist the IG team in ensuring policies, procedures and learning materials are updated and maintained to high standards of practice
• Co-ordinate in the identification of information data flows and thus identifying information asset ownership across the Trust. Maintain mapping database, identifying, recording and assisting in the risk assessment of the Trusts data flows, as part of a quarterly review cycle to be reported at the Information Governance Committee.
• Managing the Trusts Information Sharing Register and follow-up with Trust leads where expired agreements are in place so as to ensure documentation is regularly updated.
• Plan, coordinate, and conduct IG spot checks of clinical and corporate departments for all Trust sites, and provide written feedback detailing any issues found and appropriate actions to the relevant Service Managers and others
• Maintain a log of IG and Caldicott enquiries and keep the teams knowledge management database up to date.
• Support the team with IG and IS incident investigations where required.
• Monitor and update the IG and IS intranet pages.
• Day to day responsibilities will also include organising logistical arrangements for events, briefings, meetings, and workshops and ensuring the team has up-to-date and effective systems and processes to assist in the delivery of their work.
• To co-ordinate IG risk assessments and reviews, including Data Protection Impact Assessments for new and existing systems/processes involving processing of personal data and organise meetings as appropriate.
• Plan, organise and coordinate the Information Governance Working Group meetings. Preparing, collating and distributing meeting papers, and taking notes.
• Attend meetings on behalf of the Information Governance team as required.
• The post holder must be able to work to a high level of accuracy, autonomously and without direct supervision and at the same time report and be accountable to management. To work independently, the post holder must be creative, proactive, use initiative, and prioritise their own work load with conflicting deadlines.
• Ability to travel to and from City Road to Moorfields satellite sites to undertake audits and investigate information security incidents where appropriate.

GENERAL DUTIES

1. To comply at all times with the requirements of the Health & Safety regulations under the Health & Safety at Work Act (1974) and to take responsibility for the health and safety and welfare of others in the working environment ensuring that agreed safety procedures are carried out to maintain a safe environment.

1. To comply at all times with the Trusts Information Governance Policy. The policy sets out the accountability and reporting arrangements for Information Governance in the trust and how assurance is provided that the Trust continues to meet at least the minimum standards of information governance compliance required by the NHS Information Governance Toolkit.

1. Disclosure and Barring Service (DBS) (formerly CRB) checks are now a mandatory part of the NHS Six Recruitment Check Standards for all staff whom, in the course of their normal duties, may have regular access to patients and children and/or vulnerable adults. Moorfields Eye Hospital NHS Foundation Trust aims to promote equality of opportunity for all with the right mix of talent, skills and potential. Criminal records will be taken into account for recruitment purposes only when the conviction is relevant and an unspent conviction will not necessarily bar applicants from being considered for employment. Moorfields Eye Hospital is exempt under the Rehabilitation of Offenders Act which outlines that convictions never become spent for work which involves access to patients. Failure to disclose any unspent convictions may result in the offer of employment being withdrawn or if appointed could lead to dismissal. The Disclosure Barring Service (DBS) has published a Code of Practice for organisations undertaking DBS checks and the trust has developed its own DBS policy in line with the guidance

1. The trust has adopted a security policy in order to help protect patients, visitors and staff and to safeguard their property. All employees have a responsibility to ensure that those persons using the trust and its service are as secure as possible.

1. It is the responsibility of all trust employees to fully comply with the safeguarding policies and procedures of the trust. As a Moorfields employee you must ensure that you understand your role in protecting adults and children that may be at risk of abuse. Individuals must ensure compliance with their safeguarding training.

1. The trust is committed to a policy of equal opportunities. A copy of our policy is available from the human resources department.

1. The trust operates a no-smoking policy.

1. You should familiarise yourself with the requirements of the trusts policies in respect of the Freedom of Information Act and comply with those requirements accordingly.

1. The role description gives a general outline of the duties of the post and is not intended to be an inflexible or finite list of tasks. It may be varied, from time to time, after consultation with the post holder.

1. All appointments within the National Health Service are subject to pre-employment health screening.

1. It is the responsibility of all employees to ensure that they comply with the trust infection control practises, as outlined in the Health Act 2008 and staff must be familiar with the policies in the trusts infection control manual, this includes the bare below the elbow policy. Employees must ensure compliance with their annual infection control training.

1. You are responsible for ensuring that all equipment used by patients is clean/decontaminated as instructed by manufacturers and in line with the infection control/guidelines protocol and policy.

1. Any other duties as designated by your manager and which are commensurate with the grade.

Please note: The role description is a reflection of the current position and may change emphasis or detail in the light of subsequent developments, in consultation with the post holder.

Person Specification

all

Essential

• oFirst degree or equivalent experience of working in an Information Governance role in the public sector or similar

Desirable

• oExperience in liaising with a range of internal and external stakeholders, and able to build effective working relationships with customers, managers and staff

essentail

Essential

• o Knowledge of key legislation especially the Data Protection Act 2018 Compliance

essential

Essential

• oExperience of working in the field of information Governance or similar governance/compliance area.

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

Moorfields Eye Hospital NHS Foundation Trust

Address

Kemp House

City Road

London

EC1V 2PD

Employer's website

https://www.moorfields.nhs.uk/work-for-us (Opens in a new tab)