Job summary
As our GP DPO / Data Protection Officer, you will provide a DPO service to GP practices across North East London. You will have the opportunity to personally take the strategic lead in delivering and managing a best-in-class DPO service in General Practice supporting our data protection framework and exciting plans for data sharing.
You will be responsible for developing and implementing the Information Governance Strategy and understanding how the work you deliver helps practices meet their DSPT requirements and working with colleagues and system partners to tailor proposed projects for processing personal data and revising current processing to ensure that it meets DSPT requirements and communicating with practices to help them evidence their requirements based on work implemented.
You will bring highly specialist knowledge and skills - covering UK GDPR, Data Protection Act (2018), the Common Law Duty of Confidentiality, Freedom of Information Act, and other associated standards and legislation including proposed changes brought about by the current Data Protection Bill - as well as outstanding leadership and interpersonal skills. You will ideally also have experience of working with General Practice including both patient and colleague concerns and challenges for that environment.
Any ICB staff at risk will be interviewed first for this vacancy, followed by any internal candidates.
Main duties of the job
The post holder will be the recognised General Practice subject matter expert in Data Protection / GDPR, specifically relating to Healthcare, as well as providing Information Governance (IG) expertise (including but not limited to, confidentiality, IG risk and IG incident management) to the NEL ICB, predominantly to primary care organisations. The post holder will support the effective delivery of a range of ICB activities by providing advice and guidance regarding complex Data Protection, GDPR and IG related matters.
Primary care requests and day to day management of all aspects of data protection and processes across NEL ICB (this role incorporates GP services/practices), and provision of expert advice and guidance to all staff regarding responding to a subject access request (including GPs), including liaising with relevant health professionals to determine any possible harm resulting from the release of the information. Lead the team to offer a Data Protection Officer Service to general practices across all seven areas of the ICB. The service is to offer Primary care DPO support, advice and guidance around Data Protection legislation.
About us
NHS North East London Integrated Care Board (ICB) was formed on 1 July 2022.
We are an exciting new organisation putting the needs of communities at the heart of our commissioning arrangements.
We are working with local people and partners across health, social care and the voluntary sector in innovative ways to improve health and wellbeing for all our communities. Our key priority in the next year will be to develop closer integrated and collaborative ways of working with all our partners to implement our Out of Hospital Strategy.
We can only do this with great staff who are encouraged and supported, which is why we invest in them, listen to them, make sure we are representative of our populations and that we foster their health and wellbeing.
Please note that all vacancies will be subject to a 6 months' probation period in line with the Probation Policy.
Job description
Job responsibilities
The post holder will be the named GP Data Protection Officer for NEL ICB GP practices and be responsible for the delivery of an information governance assurance model, the development and delivery of standardised tools, operational support and advice to a number of designated stakeholders to the standard required by the relevant contract or service level agreement.
The post holder will advise and liaise with senior managers both within their member practices and NEL ICB, to support the IG agenda, ensuring good practice is embedded in the strategic and operational decision making, business planning and performance management processes. They will keep managers informed about new, strategically important areas of development in information governance/data sharing, including national and local initiatives.
The post holder will also undertake detailed reviews of new and existing primary care data sharing arrangements within the ICBs area which affect their practices and work with partners to ensure that these remain in force, current and are updated to reflect changes arising as a result of the new data protection legislation.
To develop, implement and deliver the organisations Information Governance (IG) Strategy in line with the General Data Protection Regulation (UK GDPR) and wider Data Protection principles, including common law.
For full duties, please see the attached Job Description.
Job description
Job responsibilities
The post holder will be the named GP Data Protection Officer for NEL ICB GP practices and be responsible for the delivery of an information governance assurance model, the development and delivery of standardised tools, operational support and advice to a number of designated stakeholders to the standard required by the relevant contract or service level agreement.
The post holder will advise and liaise with senior managers both within their member practices and NEL ICB, to support the IG agenda, ensuring good practice is embedded in the strategic and operational decision making, business planning and performance management processes. They will keep managers informed about new, strategically important areas of development in information governance/data sharing, including national and local initiatives.
The post holder will also undertake detailed reviews of new and existing primary care data sharing arrangements within the ICBs area which affect their practices and work with partners to ensure that these remain in force, current and are updated to reflect changes arising as a result of the new data protection legislation.
To develop, implement and deliver the organisations Information Governance (IG) Strategy in line with the General Data Protection Regulation (UK GDPR) and wider Data Protection principles, including common law.
For full duties, please see the attached Job Description.
Person Specification
Education / Qualifications
Essential
- Educated to degree level in relevant subject or equivalent level qualification or significant experience of working at a similar level in specialist area
- Sound knowledge of the Data Protection Act and other key legislation around the security and processing of personal data within the NHS.
Skills and Experience
Essential
- Understanding of and experience in completing DPIAs.
- Significant experience in leading an information governance assurance framework and delivering to the required standard of quality assurance and audit.
- Significant experience of successfully operating in a politically sensitive environment
- Experience of co-ordinating projects in complex and challenging environments
- Experience of managing risks and reporting
- Experience in a healthcare environment
Person Specification
Education / Qualifications
Essential
- Educated to degree level in relevant subject or equivalent level qualification or significant experience of working at a similar level in specialist area
- Sound knowledge of the Data Protection Act and other key legislation around the security and processing of personal data within the NHS.
Skills and Experience
Essential
- Understanding of and experience in completing DPIAs.
- Significant experience in leading an information governance assurance framework and delivering to the required standard of quality assurance and audit.
- Significant experience of successfully operating in a politically sensitive environment
- Experience of co-ordinating projects in complex and challenging environments
- Experience of managing risks and reporting
- Experience in a healthcare environment
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).