Job summary
The Privacy, Transparency & Trust (PTT) Sub-directorate is a sub-directorate of the Delivery Directorate. The mission of the PTT Sub-directorate is to enable NHS England to drive innovation and improve lives through greater use of data and technology and to be a well-run organisation.The PTT Sub-directorate will enable and promote public trust in NHS England's custodianship of staff, workforce and patient data. This aligns with the new legal duty of NHS England to have regard to the need to respect and promote privacy of patients and the core principles that underpin NHS England as a safe haven of patient data.
The Information Governance Specialist role sits within the PTT Sub-directorate, as part of the Information Risk and Assurance domain that is responsible for providing oversight and assurance of IG compliance by NHSE and organisations it shares data with and mitigates and minimises organisational information risk. The risk and assurance team contribute to ensuring that NHS England is a well-run organisation and that we are meeting the expectations set for us through the new Statutory Guidance. This includes carrying out day-to-day operational activities and support for the Senior Information Risk Owner (SIRO) and providing a central role in the management of information risks owned by the PTT sub-directorate.
This role will provide essential support to the work and mission of the PTT Sub-directorate and leadership and assistance to more junior members of the team.
Main duties of the job
The post holder will:
Provide specialist advice on the implementation of the IG legal framework, NHS England's Statutory Guidance and Senior Information Risk Owner (SIRO) queries received from internal and external stakeholders.
Support work to ensure that data sharing audit non-conformities and observations are followed up and embedded in remediation plans and post audit reviews.
Collaborate with internal teams to manage relevant processes and procedures that ensure compliance with data sharing agreements and data sharing framework contracts for external organisations that NHSE shares data with.
Provide assurance to the SIRO on Information Governance frameworks and Statutory Guidance compliance through commissioned assurance reviews and activity.
Support work on the Advisory Group for Data's (AGD) Oversight and Assurance programme, ensuring a continuous improvement approach to AGD assurance reviews.
About us
The NHS England board have set out the top-level purpose for the new organisation to lead the NHS in England to deliver high-quality services for all, which will inform the detailed design work and we will achieve this purpose by:
- Enabling local systems and providers to improve the health of their people and patients and reduce health inequalities.
- Making the NHS a great place to work, where our people can make a difference and achieve their potential.
- Working collaboratively to ensure our healthcare workforce has the right knowledge, skills, values and behaviours to deliver accessible, compassionate care
- Optimising the use of digital technology, research, and innovation
- Delivering value for money.
If you would like to know more or require further information, please visithttps://www.england.nhs.uk/.
Colleagues with a contractual office base are expected to spend, on average, at least 40% of their time working in-person.
Staff recruited from outside the NHS will usually be appointed at the bottom of the pay band.
NHS England hold a Sponsor Licence; this means that we may be able to sponsor you providing the Home Office requirements are met. To be eligible for sponsorship through the Skilled Worker route you'll usually need to be paid the 'standard' salary rate of at least £38,700 per year, or the 'going rate' for your job, whichever is higher. You can find more information on the Government website.
Job description
Job responsibilities
You can find further details about the job, organisational structure, recruitment profile, expected outcomes and benefits information in the attached Job Description and other supporting documents.
Job description
Job responsibilities
You can find further details about the job, organisational structure, recruitment profile, expected outcomes and benefits information in the attached Job Description and other supporting documents.
Person Specification
Qualifications
Essential
- Graduate level qualification / equivalent experience: Educated to Graduate degree level (in a relevant subject) or equivalent relevant experience within a professional working environment.
Knowledge
Essential
- Data Protection law - Understanding key principles and concepts of data protection law set out in the UK GDPR, DPA 2018, Human Rights Act 1998. Common law duty of confidentiality - Understanding the common law duty of confidentiality, how it applies to NHS England's use of patient data, including the gateways for sharing confidential data with third parties. NHS legal framework - Understanding the statutory functions of NHS England, the laws which underpin those function, and how those laws impact NHS England's use of personal data.
Desirable
- Ethics in data use: A broad understanding of the ethical issues which impact our use of personal data and patient data, including internal and external re-use of data for different purposes and sharing patient data with others for the purpose of research and analysis.
Experience
Essential
- Experience of working in an information governance / privacy / data protection role.
- Experience in conducting IG related research, including some legal research, in order to perform role.
- Experience in working collaboratively across team, function, and organisational boundaries, to achieve the best outcomes for the organisation.
- Experience of writing key information governance documents, policies, procedures, briefings, advice notes etc. Ability to tailor such documents to the specific audience.
Desirable
- Experience in developing and maintaining effective relationships with a range of internal colleagues, with sometimes different perspectives, to address IG related matters.
- Experience of advising on sharing personal data with other organisations and the required documentation to facilitate such sharing, including advising on data processing agreements and data sharing agreements, identifying most appropriate controller / processor relationships.
Person Specification
Qualifications
Essential
- Graduate level qualification / equivalent experience: Educated to Graduate degree level (in a relevant subject) or equivalent relevant experience within a professional working environment.
Knowledge
Essential
- Data Protection law - Understanding key principles and concepts of data protection law set out in the UK GDPR, DPA 2018, Human Rights Act 1998. Common law duty of confidentiality - Understanding the common law duty of confidentiality, how it applies to NHS England's use of patient data, including the gateways for sharing confidential data with third parties. NHS legal framework - Understanding the statutory functions of NHS England, the laws which underpin those function, and how those laws impact NHS England's use of personal data.
Desirable
- Ethics in data use: A broad understanding of the ethical issues which impact our use of personal data and patient data, including internal and external re-use of data for different purposes and sharing patient data with others for the purpose of research and analysis.
Experience
Essential
- Experience of working in an information governance / privacy / data protection role.
- Experience in conducting IG related research, including some legal research, in order to perform role.
- Experience in working collaboratively across team, function, and organisational boundaries, to achieve the best outcomes for the organisation.
- Experience of writing key information governance documents, policies, procedures, briefings, advice notes etc. Ability to tailor such documents to the specific audience.
Desirable
- Experience in developing and maintaining effective relationships with a range of internal colleagues, with sometimes different perspectives, to address IG related matters.
- Experience of advising on sharing personal data with other organisations and the required documentation to facilitate such sharing, including advising on data processing agreements and data sharing agreements, identifying most appropriate controller / processor relationships.
Additional information
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
