Job summary
Reporting directly to the Deputy Head of DPO Services in the DPO Services Team, the Assistant Data Protection Officer is responsible for providing of a data protection advisory service to the Trust. The post requires a highly motivated individual with excellent written and verbal communications skills who is capable of working both alone and as part of a growing dedicated team. The Data Protection advisory service encompasses providing detailed and complex written advice concerning (but not limited to):
- Management and Investigation of Data Security and Protection Incidents.
- Data Sharing Arrangements and Data Processing Agreements with Third-Party Healthcare Organisations.
- Assessment and advice on the evidence required for the NHS Digital Data Security and Protection Toolkit.
- Advice on complex compliance issues with regards to the General Data Protection Regulation, Data Protection Act 2018, National Data Guardian Report, and wider policy and legislative framework.
- Provision of administration support to the Data Security and Protection Committee.
- Stakeholder engagement, including liaison with clinical staff, service management, the Information Commissioner's Office, and the Trust Caldicott Guardian.
Main duties of the job
- The Assistant Data Protection Officer will support the Trust in promoting adherence to Data Protection and Security best practice within the organisation.
- In doing so, they shall operationally lead a range of Data Protection and Security related duties, including
- Data Protection and Security Training Compliance.
- Data Protection Compliance in terms of new systems, new processes, support for HR processes
- Provision of DSP Incidents Facilitation
- Provision of DSP Complaints Management Service
Corporate Records Best Practice.
- The post holder will help the team ensure that staff at all levels of the organisation are provided with appropriate DSP training. This includes the organisation and delivery of compliance workshops for GDPR and related legislation
- Working as a key member of the DPO Services Team they will be responsible for
- provision of an data protection advice service to the Trust
- Following up and managing DSP breaches, analysing & reporting these DSP incidents to the data protection and Cyber Security Committee.
- In the case of more serious incidents immediate reporting of such to the Head of DPO Services
- Providing advice and support to Information Asset Owners on the provision of robust records of processing
- The post-holder will provide project support for IG initiatives including maintenance of project documentation and monitoring and recording risks and issue
About us
At Imperial College Healthcare you can achieve extraordinary things with extraordinary people, working with leading clinicians pushing boundaries in patient care. Become part of a vibrant team living our values - expert, kind, collaborative and aspirational. You'll get an experience like no other and will fast forward your career.
Benefits include career development, flexible working and wellbeing, staff recognition scheme. Make use of optional benefits including Cycle to work, car lease schemes, season ticket loan or membership options for onsite leisure facilities. We encourage staff to have the Covid vaccination to protect themselves, patients, other colleagues as well as the wider community.
Please note it is an operational requirement to comply with infection prevention and control procedures within the Trust such as lateral flow testing, handwashing and the wearing of masks, according to the procedures in place at any time or location.
As part of our continued response to Covid19 we are still conducting the majority of our interviews virtually.
We welcome discussions about flexible working and encourage a range of flexible working opportunities wherever we can.
Job description
Job responsibilities
The full job description provides an overview of the key tasks and responsibilities of the role and the person specification outlines the qualifications, skills, experience and knowledge required.
For both overviews please view the Job Description attachment with the job advert.
Job description
Job responsibilities
The full job description provides an overview of the key tasks and responsibilities of the role and the person specification outlines the qualifications, skills, experience and knowledge required.
For both overviews please view the Job Description attachment with the job advert.
Person Specification
Education/ Qualifications
Essential
- Graduate qualification involving original research / action research
- Graduate or equivalent experience
- Demonstrable evidence of CPD (Continuing Professional Development)
Desirable
- Degree in any related discipline law
- Excellent IT skills (Word/excel/Access/Powerpoint /or equivalent)
- PRINCE II Foundation
- Experience of undertaking clinical research
Experience
Essential
- Understanding of GDPR and the legal framework for data protection
- Evidence of driving and supporting organisational change
- Experience of partnership working across organisations and disciplines
- Knowledge of legislation including (General Data Protection Regulations), (Access to Health Records Act 1990), (Freedom of Information Act 2000),(Computer Misuse Act 1990), (RIP Act), (Information Security international standards), (Data Protection Act 2018) (NHS related legislation)
- Confidentiality and the legal basis for maintenance of confidentiality
Desirable
- Good understanding of NHS operational and Strategic issues
- Data Security and Protection Toolkit
- Data Security and Protection Training
Skills/Knowledge/ Abilities
Essential
- Sound written and oral communication, using tact and persuasion, along with an ability to negotiate, sell ideas and motivate team members
- Ability to organise and administer committees
- Customer contact skills - excellent telephone communication skills
- Sufficient to fulfil the duties of the Post with any aids and adaptations
- Ability to convey complex, detailed and precise information both verbally and in writing
Values and Behaviours
Essential
- Demonstrable ability to meet Trust values
Person Specification
Education/ Qualifications
Essential
- Graduate qualification involving original research / action research
- Graduate or equivalent experience
- Demonstrable evidence of CPD (Continuing Professional Development)
Desirable
- Degree in any related discipline law
- Excellent IT skills (Word/excel/Access/Powerpoint /or equivalent)
- PRINCE II Foundation
- Experience of undertaking clinical research
Experience
Essential
- Understanding of GDPR and the legal framework for data protection
- Evidence of driving and supporting organisational change
- Experience of partnership working across organisations and disciplines
- Knowledge of legislation including (General Data Protection Regulations), (Access to Health Records Act 1990), (Freedom of Information Act 2000),(Computer Misuse Act 1990), (RIP Act), (Information Security international standards), (Data Protection Act 2018) (NHS related legislation)
- Confidentiality and the legal basis for maintenance of confidentiality
Desirable
- Good understanding of NHS operational and Strategic issues
- Data Security and Protection Toolkit
- Data Security and Protection Training
Skills/Knowledge/ Abilities
Essential
- Sound written and oral communication, using tact and persuasion, along with an ability to negotiate, sell ideas and motivate team members
- Ability to organise and administer committees
- Customer contact skills - excellent telephone communication skills
- Sufficient to fulfil the duties of the Post with any aids and adaptations
- Ability to convey complex, detailed and precise information both verbally and in writing
Values and Behaviours
Essential
- Demonstrable ability to meet Trust values
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
