Go back
NHS Business Services Authority

Information Governance Lead

The closing date is 10 September 2025

Apply for this job

Job summary

The Information Governance Lead will support the handling of Freedom of Information (FOI) and Data Protection (DP) information requests across the NHSBSA. The post-holder will be responsible for supporting the implementation of all relevant policies and procedures and for recommending changes to ensure the maintenance of compliance with data protection and information rights legislation across the NHSBSA and its operational services and processes as well as those provided on behalf of other organisations.

What do we offer? o 27 days leave (increasing with length of service) plus 8 bank holidays o Flexible working (we are happy to discuss options such as compressed hours) o Flexi time o Hybrid working model (we are currently working largely remotely) o Career development o Active wellbeing and inclusion networks o Excellent pension o NHS Car lease scheme o Access to a wide range of benefits and high street discounts!

Main duties of the job

To use their specialist knowledge to provide advice and training around information governance, including FOI, DP, information rights and confidentiality. To make recommendations for the provision of clear and accessible guidance to all staff groups, to ensure the organisation meets both its legal obligations.

To take a solution focused approach to Information Governance encouraging a culture of identifying opportunities and designing systems and services in a way that complies with Data Protection, Freedom of Information legislation and in line with our wider NHSBSA governance policies ensuring that the implementation of the service is achieved in a practical and supportive way and that Information Governance is not perceived as an obstacle or blocker.

To contribute to the co-ordinated approach for the implementation, ongoing management and monitoring of information governance across the organisation.

About us

Here at the NHS Business Services Authority (NHSBSA), what we do matters.We manage the NHS Pension scheme, process prescription payments and much more. Our services are used by NHS organisations, contractors and the public: we're proud to be part of something meaningful, that touches millions of lives.We design our services around customer needs and place people at the heart of our organisation. That's why when you join us, you'll be empowered and supported to help your career grow.As one of the UK's Best Big Companies to work for, we're connected to our values: Collaborative, Adventurous, Reliable and Energetic. We care about our people, our purpose, and your progress.We strive to offer a fantastic colleague experience, where every colleague is heard, supported and respected. Wellbeing, diversity and inclusion is at the centre of this, and you can join our Lived Experience Networks who help us bring our authentic selves to work.We're committed to being a flexible employer and we try to offer a working pattern that suits you where possible, through hybrid working, flexible hours and more.Alongside a competitive salary with pay progression, we offer a people-centric benefits package, connecting you to the rewards and benefits you value most!Ready to join us in delivering business service excellence to the NHS, helping people live longer, healthier lives? Apply today and see where the NHSBSA can take you.We are people connected to care.

Details

Date posted

27 August 2025

Pay scheme

Agenda for change

Band

Band 7

Salary

£47,810 to £54,710 a year

Contract

Permanent

Working pattern

Full-time, Part-time, Flexible working

Reference number

914-BSA7386803

Job locations

Stella House

Goldcrest Way, Newburn Riverside

Newcastle Upon Tyne

NE15 8NY


Job description

Job responsibilities

In this role, you are accountable for:

1. Working across all areas of the NHSBSA, supporting the development and implementation of new policies, processes, and practices that may be required to support Information Governance in the NHSBSA. This will include evaluating existing and new legislation, standards, practices, identifying opportunities, and designing, developing, and implementing relevant changes that contribute to increased efficiencies.

2. Maintain appropriate records in relation to all work undertaken to comply with Information Governance, FOI and DP rules and regulations.

3. Regularly review and implement procedures and guidance for requesters to improve the NHSBSA handling of high volumes of information requests.

4. To make recommendations regarding the maintenance of the Information Governance web pages on both the intranet and internet websites.

5. Stay abreast of new and innovative approaches to DP and FOI legislation, through horizon scanning to ensure the organisation remains abreast of new developments, risks, or issues.

6. Manage highly complex and sensitive Information Rights appeals and complaints relating to FOI / DP requests and breaches of information rights.

7. Contribute to the development and implementation of information governance policies through participation in the NHSBSAs Information Governance forums.

8. Provide advice and assistance on Information Governance matters for NHSBSA projects, initiatives to ensure the relevant Information Governance products are included in the project. This may include liaison with third party suppliers to ensure compliance.

9. Contribute to NHSBSA compliance with the relevant Data Security & Protection toolkit (DSPT), including the development and implementation of appropriate action plans.

10. Contribute to and work with the relevant Security and Information Governance management forum developing and implement NHSBSA corporate document retention and destruction policies, ensuring arrangements are in place to monitor compliance.

11. Support and undertake highly complex information risk analysis/management.

12. Participate in commercial activities to ensure the procurement of the right services, ensuring that the benefits are realised for the implementation of these services, and adequately reported on so that the organisation can ensure the business needs are met.

13. Required to communicate complex information to a range of audiences and be able to influence and persuade. Responsible for holding awareness sessions for local teams when required and contributing to monthly team updates.

14. Working collaboratively across and within the NHSBSA and forming networks across other government bodies and being an effective member of these networks.

15. Coaching colleagues within the Information Governance function.

16. Pro-active horizon scanning to identify new and innovative ways of working to achieve the right outcomes for the organisation.

17. Escalation risks or issues through the management structure to the Head of Governance, and prioritising work accordingly.

18. Provide governance expertise and clear advice on information disclosure release queries within expected timescales.

19. Provide governance oversight to NHSBSA projects and developments ensuring they are in line with wider NHSBSA governance policy.

20. Own and lead on ensuring NHSBSA data use across networks and file storage are in line with NHSBSA policy.

21. Support any local audits from a governance perspective.

22. Recruiting, and coaching colleagues with a range of skills and experience to deliver organisational goals and objectives.

23. Coaching others and communicating highly complex concepts and information to others to help them understand and execute any actions

24. Taking ownership of problem solving and prioritising and reporting on the relevant compliance roadmaps. Discerning how relevant plans resolve problems in an uncertain and changing environment, and ensuring benefits are reported and communicated.

25. Regularly dealing with highly complex, ambiguous, and sensitive information, synthesising this and communicating this effectively to Senior stakeholders, Heads of Service and Directors, to influence or negotiate outcomes that fit within the NHSBA governance policy.

26. Representing the Information Governance function at various levels across the organisation, and accountable for making decisions in line with the wider NHSBSA governance policy, by evaluating complex information, with the autonomy to take a risk-based approach to implementing actions.

27. Contributing into the professional community for Information Governance, and implementing new ways of working where needed, demonstrating an awareness of what other sectors are doing, and championing applicable change within this organisation.

28. Contributing to the direction and evaluation of tools or methods to use within the function in conjunction with the relevant technical and business leads.

29. Undertake such additional tasks as the Information Governance Manager may determine and which are appropriate to the grade, including those tasks and projects which are related to the development of Information Governance across the NHSBSA.

Job description

Job responsibilities

In this role, you are accountable for:

1. Working across all areas of the NHSBSA, supporting the development and implementation of new policies, processes, and practices that may be required to support Information Governance in the NHSBSA. This will include evaluating existing and new legislation, standards, practices, identifying opportunities, and designing, developing, and implementing relevant changes that contribute to increased efficiencies.

2. Maintain appropriate records in relation to all work undertaken to comply with Information Governance, FOI and DP rules and regulations.

3. Regularly review and implement procedures and guidance for requesters to improve the NHSBSA handling of high volumes of information requests.

4. To make recommendations regarding the maintenance of the Information Governance web pages on both the intranet and internet websites.

5. Stay abreast of new and innovative approaches to DP and FOI legislation, through horizon scanning to ensure the organisation remains abreast of new developments, risks, or issues.

6. Manage highly complex and sensitive Information Rights appeals and complaints relating to FOI / DP requests and breaches of information rights.

7. Contribute to the development and implementation of information governance policies through participation in the NHSBSAs Information Governance forums.

8. Provide advice and assistance on Information Governance matters for NHSBSA projects, initiatives to ensure the relevant Information Governance products are included in the project. This may include liaison with third party suppliers to ensure compliance.

9. Contribute to NHSBSA compliance with the relevant Data Security & Protection toolkit (DSPT), including the development and implementation of appropriate action plans.

10. Contribute to and work with the relevant Security and Information Governance management forum developing and implement NHSBSA corporate document retention and destruction policies, ensuring arrangements are in place to monitor compliance.

11. Support and undertake highly complex information risk analysis/management.

12. Participate in commercial activities to ensure the procurement of the right services, ensuring that the benefits are realised for the implementation of these services, and adequately reported on so that the organisation can ensure the business needs are met.

13. Required to communicate complex information to a range of audiences and be able to influence and persuade. Responsible for holding awareness sessions for local teams when required and contributing to monthly team updates.

14. Working collaboratively across and within the NHSBSA and forming networks across other government bodies and being an effective member of these networks.

15. Coaching colleagues within the Information Governance function.

16. Pro-active horizon scanning to identify new and innovative ways of working to achieve the right outcomes for the organisation.

17. Escalation risks or issues through the management structure to the Head of Governance, and prioritising work accordingly.

18. Provide governance expertise and clear advice on information disclosure release queries within expected timescales.

19. Provide governance oversight to NHSBSA projects and developments ensuring they are in line with wider NHSBSA governance policy.

20. Own and lead on ensuring NHSBSA data use across networks and file storage are in line with NHSBSA policy.

21. Support any local audits from a governance perspective.

22. Recruiting, and coaching colleagues with a range of skills and experience to deliver organisational goals and objectives.

23. Coaching others and communicating highly complex concepts and information to others to help them understand and execute any actions

24. Taking ownership of problem solving and prioritising and reporting on the relevant compliance roadmaps. Discerning how relevant plans resolve problems in an uncertain and changing environment, and ensuring benefits are reported and communicated.

25. Regularly dealing with highly complex, ambiguous, and sensitive information, synthesising this and communicating this effectively to Senior stakeholders, Heads of Service and Directors, to influence or negotiate outcomes that fit within the NHSBA governance policy.

26. Representing the Information Governance function at various levels across the organisation, and accountable for making decisions in line with the wider NHSBSA governance policy, by evaluating complex information, with the autonomy to take a risk-based approach to implementing actions.

27. Contributing into the professional community for Information Governance, and implementing new ways of working where needed, demonstrating an awareness of what other sectors are doing, and championing applicable change within this organisation.

28. Contributing to the direction and evaluation of tools or methods to use within the function in conjunction with the relevant technical and business leads.

29. Undertake such additional tasks as the Information Governance Manager may determine and which are appropriate to the grade, including those tasks and projects which are related to the development of Information Governance across the NHSBSA.

Person Specification

Personal Qualities, Knowledge and Skills

Essential

  • Strong knowledge of the Freedom of Information Act
  • Strong knowledge of Data Protection Legislation
  • Strong ability to identify, interpret and prioritise key information governance issues for senior management review and consideration
  • Excellent communication skills, including the ability to communicate effectively with individuals and groups about complex matters.
  • Ability to influence and persuade.
  • Strong ability to work confidentially and with discretion.
  • Able to work both as part of a team and on an individual basis.
  • Able to self-motivate
  • High degree of personal integrity
  • Versatile
  • Strong interpersonal / communication skills (oral and written)
  • Proactive
  • Identifying and solving problems, including the skill to deliver multiple pieces of work, with competing priorities in an environment where there is often uncertainty and could be subject to change
  • Planning and organisation skills across all services to support the delivery Information Governance compliance in a timely manner which can be subject to uncertainty and change
  • Ability to engage with a wide range of stakeholders including both internal and external customers/suppliers and business managers, to ensure products/services are on track to deliver on time, in budget and with appropriate quality.
  • Working on own initiative, taking decisions and actions in line with business aims of the organisation
  • Evidence of continuing professional development

Desirable

  • Broad understanding of the NHS and relevant policies.
  • Knowledge of at least one NHSBSA service
  • Presentational and training skills.
  • Understanding of Information Security and Business Continuity

Experience

Essential

  • Experience of managing change
  • The ability to analyse and review a range of diverse complex information and produce periodic reports for a wide range of audiences
  • Experience of developing positive working relationships with a wide range of individuals.
  • Experience managing multiple priorities against regulatory requirements
  • Experience of working with internal and external audits,
  • Working within multidisciplinary teams, to enable service Information governance compliance reporting and allocation of people and resources.
  • Engaging and building relationships with a range of stakeholders to support delivery of business outcomes
  • Delivering difficult messages in challenging circumstances and providing honest and constructive feedback to support the ongoing development of skills and talent

Desirable

  • Interpreting strategy and translate emerging trends and technologies which might impact or benefit the organisation
  • Experience of dealing and responding effectively with the public regarding Information rights matters
  • Experience of handling the consequences of a serious security breach and developing remedial actions.
  • Experience in risk assessment and balancing privacy risks with business requirements

Qualifications

Essential

  • Data Protection / GDPR Practitioner Certificate or IG Apprenticeship
  • And either: Degree or equivalent
  • or Significant relevant experience

Desirable

  • Freedom of Information Practitioner Certificate
  • Master's degree or equivalent or significant relevant experience
Person Specification

Personal Qualities, Knowledge and Skills

Essential

  • Strong knowledge of the Freedom of Information Act
  • Strong knowledge of Data Protection Legislation
  • Strong ability to identify, interpret and prioritise key information governance issues for senior management review and consideration
  • Excellent communication skills, including the ability to communicate effectively with individuals and groups about complex matters.
  • Ability to influence and persuade.
  • Strong ability to work confidentially and with discretion.
  • Able to work both as part of a team and on an individual basis.
  • Able to self-motivate
  • High degree of personal integrity
  • Versatile
  • Strong interpersonal / communication skills (oral and written)
  • Proactive
  • Identifying and solving problems, including the skill to deliver multiple pieces of work, with competing priorities in an environment where there is often uncertainty and could be subject to change
  • Planning and organisation skills across all services to support the delivery Information Governance compliance in a timely manner which can be subject to uncertainty and change
  • Ability to engage with a wide range of stakeholders including both internal and external customers/suppliers and business managers, to ensure products/services are on track to deliver on time, in budget and with appropriate quality.
  • Working on own initiative, taking decisions and actions in line with business aims of the organisation
  • Evidence of continuing professional development

Desirable

  • Broad understanding of the NHS and relevant policies.
  • Knowledge of at least one NHSBSA service
  • Presentational and training skills.
  • Understanding of Information Security and Business Continuity

Experience

Essential

  • Experience of managing change
  • The ability to analyse and review a range of diverse complex information and produce periodic reports for a wide range of audiences
  • Experience of developing positive working relationships with a wide range of individuals.
  • Experience managing multiple priorities against regulatory requirements
  • Experience of working with internal and external audits,
  • Working within multidisciplinary teams, to enable service Information governance compliance reporting and allocation of people and resources.
  • Engaging and building relationships with a range of stakeholders to support delivery of business outcomes
  • Delivering difficult messages in challenging circumstances and providing honest and constructive feedback to support the ongoing development of skills and talent

Desirable

  • Interpreting strategy and translate emerging trends and technologies which might impact or benefit the organisation
  • Experience of dealing and responding effectively with the public regarding Information rights matters
  • Experience of handling the consequences of a serious security breach and developing remedial actions.
  • Experience in risk assessment and balancing privacy risks with business requirements

Qualifications

Essential

  • Data Protection / GDPR Practitioner Certificate or IG Apprenticeship
  • And either: Degree or equivalent
  • or Significant relevant experience

Desirable

  • Freedom of Information Practitioner Certificate
  • Master's degree or equivalent or significant relevant experience

Employer details

Employer name

NHS Business Services Authority

Address

Stella House

Goldcrest Way, Newburn Riverside

Newcastle Upon Tyne

NE15 8NY


Employer's website

https://careers.nhsbsa.nhs.uk/ (Opens in a new tab)

Employer details

Employer name

NHS Business Services Authority

Address

Stella House

Goldcrest Way, Newburn Riverside

Newcastle Upon Tyne

NE15 8NY


Employer's website

https://careers.nhsbsa.nhs.uk/ (Opens in a new tab)

Employer contact details

For questions about the job, contact:

Information Governance Manager

Chris Gooday

chris.gooday@nhsbsa.nhs.uk

Details

Date posted

27 August 2025

Pay scheme

Agenda for change

Band

Band 7

Salary

£47,810 to £54,710 a year

Contract

Permanent

Working pattern

Full-time, Part-time, Flexible working

Reference number

914-BSA7386803

Job locations

Stella House

Goldcrest Way, Newburn Riverside

Newcastle Upon Tyne

NE15 8NY


Supporting documents

Privacy notice

NHS Business Services Authority's privacy notice (opens in a new tab)