Job summary The post holder will be a key member of the Information Governance (IG) team, providing a comprehensive, high quality, confidential service to Provide Group.The post holder will perform a range of general and specialist duties associated with Information Governance systems and processes with particular focus on Compliance.The prime objective of this role will be to lead on specific Information Governance programmes and to ensure that work is carried out effectively and professionally with specific responsibility for helping to develop and implement Information Security, Confidentiality and all key IG Policies and protocols across the Provide CIC and Group companies and to ensure compliance across the board.The production and maintenance of accurate project documentation is an essential part of this role along with the coordination of time critical work.
Main duties of the job Carrying out Data Protection audits to monitor and assess compliance against IG Policies and Procedures, National Standards, Contractual clauses and relevant Data Protection LawsEnsure that the organisation's Information Asset Register (IAR) and Records of Processing Activities (ROPA) are maintained and remain compliant with the UK GDPR and DPA2018Liaising with IT and Cyber security team and other stakeholders with regards managing Information security risks and compliance with information security standards such as ISO27001, Cyber Essentials and the National Data Guardian StandardsProvide training on the use of new IG systems and processesSupport with the processing of Information Sharing AgreementsAssist with completing Data Protection Impact Assessments (DPIA)Ensure the recording of all work is in line with the organisation's procedures, and ensure all requests are appropriately approved and authorised through the change control processesProgramme and project administrative support when required, working to PRINCE2 Project Management standardsGive support and guidance on evidence for completion of the DSP Toolkit, ensuring evidence is cohesive, self-explanatory and relevant to the financial year assessmentSupport the development, implementation, monitoring and maintenance of IG Policies and procedures to ensure that Provide CIC and Group companies comply with the Data Protection Act 2018, Access to Health Records Act and all other relevant data legislation About us Provide is a Community Interest Company (social enterprise).
We deliver a broad range of health and social care services in the community, and are committed to making sure that they are safe, responsive and of high quality.
Provide is owned by its employees and has primarily social objectives.
Any profits we make are reinvested into the local community or back into delivering services.
We work from a variety of community settings, such as community hospitals, community clinics, schools, nursing homes and primary care settings, as well as within people's homes to provide more than 40 services to children, families and adults across Essex, Dorset, East Anglia and the North of highly respected, award winning health and social care provider.
We expect our staff to demonstrate and uphold our values at all times: Vision: Transforming LivesValues: Care, Innovation and CompassionMission: An ambitious, employee owned social enterprise, growing in size and influence.
We transform lives by treating, caring and educating people.
Provide is an equal opportunity employer committed to building a team that represents a variety of backgrounds, perspectives and skills, proud to have LGBT+ and Ethnic Minority Networks.
We welcome applicants from underrepresented groups.
If you have the skills and experience for the job, please apply regardless of your background.
Eligible for NHS Pension Job description Job responsibilities Please see attached full Job Description (JD) for detailed job description and main responsibilities.
Person Specification Qualifications and Education Essential Educated to Degree level (or equivalent qualification) o Evidence of continuing personal development.
Desirable Certified Information Systems Auditor (CISA) o Recognised project management qualification such as PRINCE2 or equivalent project management experience o Specialist training in conducting a Data Protection impact Assessment (DPIA) o Specialist training in the Registration Authority process o Understand the ITIL framework and its principles o Foundation in Data Protection or equivalent qualification Work Related Knowledge and Experience Essential At least one year of experience working in an Information Governance role providing support on all areas including Data Protection, Information sharing, Subject Access Requests, Incident Handling, Caldicott Guidelines, Information Security o Sound Knowledge in at least one of the specialisms listed above Desirable Experience of working in a similar role in the health or care sector o Knowledge of assessing or monitoring compliance with either information security, data governance or quality standards and/or regulations o Understanding of Information Security Management principles o Experience of working within an ITIL framework o At least one year of experience in a project coordination role within the health or social care