This advice includes assessing information risk and developing and implementing an effective strategies to ensure compliance with relevant legislation. Role
· Leads on the development and implementation of the Data Protection strategy and objectives for the organisation.
· Develops and implements the Data Protection road map for the organisation.· Works across multiple Squads and Tribes to ensure there is a consistent approach to ensuring compliance with Data Protection guidelines and legislation.
· Works across the business to identify non-compliance and take pro-active action to deliver appropriate and timely remedies.
· Develops and implements appropriate policies and practices to ensure that information systems and processes are secure. This includes establishing and maintaining an information asset register across the organisation, identifying risks and risk mitigation.· Leads on the delivery of the Data Security and Protection Toolkit, working closely with the DPO and Caldicott Guardian.
· Leads on the delivery of Data Privacy Impact Assessments and audits on a regular basis.· Leads on the management of information governance and security risk defining and agreeing risk tolerance and ensuring there is appropriate visibility of risks and issues across the organisation. Requirements
· Proven experience in a data protection or information governance role, a good understanding of information governance frameworks and of best practice in the field of data protection and information sharing, within an NHS data - centric IT environment
· Has extensive knowledge of the Caldicott Principles and their application within the NHS.
Experience of implementing GDPR / Data Protection Act compliance policies and procedures.CIPP or equivalent qualified
