Information Governance & Information Security Manager
NHS Jobs Leatherhead
Key Responsibilities Responsible and accountable on a day-to-day basis for information governance work in the Trust. Responsible for ensuring compliance with the NHS Code of Practice, Data Protection Act and Common Law Duty of Confidentiality.
Manage and coordinate projects required for implementation of information governance and information security across the Trust. Establish, maintain, and monitor the required security levels for accessing data held on both manual and electronic system records ensuring compliance with Data Protection Act and Caldicott recommendations.
Support and advise the Trust's Data Protection Officer with their duties of ensuring that patient and staff rights are protected. Act as the subject matter expert for information governance in supporting the Caldicott Guardian, the SIRO (Senior Information Risk Owner) and Associate Director of Records and Privacy on matters relating to national legislation and best practice.
Support the SIRO and Associate Director of Records and Privacy on the development of strategies, policies and guidance to promote and develop best practices as defined by the NHS Data Security and Protection Toolkit (DSPT) and to comply with national legislation.
Shape and lead the Trusts Information Governance team, managing the Trusts information governance annual assessment, work programme and action/improvement plans in line with the Trusts information governance strategy and policy and the evolving requirements of the DSPT.
Provide information governance advice within the Trust where service developments, changes, or closure of services may impact on compliance to legislation and national policy. Work with other providers, such as health, social services, police etc.
to comply with any lawful information governance requirements. Ensure compliance with UK GDPR 2016and Data Protection Act 2018 and any other legal/national requirements. Provide information security and Electronic Patient Record privacy support and advice to the Trust; Lead on ensuring compliance and conformance with the legal and regulatory framework covering information security and privacy and relevant DSPT requirements.
Co-ordinate the necessary response and resolution activities following a suspected or actual data security incident or breach. Continuously assess, audit and review, any shortfalls with current security measures compared to the levels required at a policy level thus highlighting deficiencies for remedial action.
Provide regular briefings to the Associate Director of Records and Privacy prior to meetings of the Information Governance Steering Group (IGSG) or similar group/board on the effectiveness of information security and privacy functions. Contribute to decision making and carry through decisions made by the IGSG or other relevant group/boards or the Trust Board.
Maintain currency with information security and security technologies and coordinate with cyber colleagues as needed to enable measures to be implemented where and when necessary/desirable. Responsible for reporting accurate figures on Information Governance training.
This requires a very high level of accuracy to ensure the DSPT target is met. Oversee the Trust compliance with the Freedom of Information Act 2000 so that all FOIA requests are processed within the legal timescales. Provide specialist expert advice and support to the Trusts Senior Information Risk Owner (SIRO) ensuring delivery of the SIROs annual work programme showing compliance with the NHS Digital Information Risk Management standards.
Head the IG team with management of IG staff, ensuring budgetary resources are used effectively. Tasks Own the pipeline on Data Protection Impact Assessments (DPIAs) and Data Sharing Agreements (DSAs.) Manage the Information Asset Register. Coordinate engagement with Information Asset Owners ensuring their services and electronic systems are compliant with information governance standards and risk-assessed annually and fed into the Annual Trust Board SIRO assurance statement.
Provide ad hoc advice and support on IG and IS matters. Ensures that all staff have appropriate IG training. Escalate to the DPO whenever breaches are discovered. Manage internal Data Protection activities by close liaison with senior clinical and non-clinical colleagues to enable and support both operational and strategic decision-making.
Conduct internal audits and privacy reports. Deputise for the Associate Director of Records and Privacy and the Data Protection Officer when necessary. Provide additional support to the AD Records and Privacy / DPO for contact with the Information Commissioners Office and provide advice on complex Data Protection issues, procurement decisions, Information / Cyber Security, and Information Sharing.
Coordinate with the Head of Records and the Records Management team leader on common issues. Actively engage with local and regional forums and webinars, ensuring ongoing personal development and knowledge of Data Protection law, issues, and developments.
Manage and coordinate projects required for implementation of information governance and information security across the Trust. Establish, maintain, and monitor the required security levels for accessing data held on both manual and electronic system records ensuring compliance with Data Protection Act and Caldicott recommendations.
Support and advise the Trust's Data Protection Officer with their duties of ensuring that patient and staff rights are protected. Act as the subject matter expert for information governance in supporting the Caldicott Guardian, the SIRO (Senior Information Risk Owner) and Associate Director of Records and Privacy on matters relating to national legislation and best practice.
Support the SIRO and Associate Director of Records and Privacy on the development of strategies, policies and guidance to promote and develop best practices as defined by the NHS Data Security and Protection Toolkit (DSPT) and to comply with national legislation.
Shape and lead the Trusts Information Governance team, managing the Trusts information governance annual assessment, work programme and action/improvement plans in line with the Trusts information governance strategy and policy and the evolving requirements of the DSPT.
Provide information governance advice within the Trust where service developments, changes, or closure of services may impact on compliance to legislation and national policy. Work with other providers, such as health, social services, police etc.
to comply with any lawful information governance requirements. Ensure compliance with UK GDPR 2016and Data Protection Act 2018 and any other legal/national requirements. Provide information security and Electronic Patient Record privacy support and advice to the Trust; Lead on ensuring compliance and conformance with the legal and regulatory framework covering information security and privacy and relevant DSPT requirements.
Co-ordinate the necessary response and resolution activities following a suspected or actual data security incident or breach. Continuously assess, audit and review, any shortfalls with current security measures compared to the levels required at a policy level thus highlighting deficiencies for remedial action.
Provide regular briefings to the Associate Director of Records and Privacy prior to meetings of the Information Governance Steering Group (IGSG) or similar group/board on the effectiveness of information security and privacy functions. Contribute to decision making and carry through decisions made by the IGSG or other relevant group/boards or the Trust Board.
Maintain currency with information security and security technologies and coordinate with cyber colleagues as needed to enable measures to be implemented where and when necessary/desirable. Responsible for reporting accurate figures on Information Governance training.
This requires a very high level of accuracy to ensure the DSPT target is met. Oversee the Trust compliance with the Freedom of Information Act 2000 so that all FOIA requests are processed within the legal timescales. Provide specialist expert advice and support to the Trusts Senior Information Risk Owner (SIRO) ensuring delivery of the SIROs annual work programme showing compliance with the NHS Digital Information Risk Management standards.
Head the IG team with management of IG staff, ensuring budgetary resources are used effectively. Tasks Own the pipeline on Data Protection Impact Assessments (DPIAs) and Data Sharing Agreements (DSAs.) Manage the Information Asset Register. Coordinate engagement with Information Asset Owners ensuring their services and electronic systems are compliant with information governance standards and risk-assessed annually and fed into the Annual Trust Board SIRO assurance statement.
Provide ad hoc advice and support on IG and IS matters. Ensures that all staff have appropriate IG training. Escalate to the DPO whenever breaches are discovered. Manage internal Data Protection activities by close liaison with senior clinical and non-clinical colleagues to enable and support both operational and strategic decision-making.
Conduct internal audits and privacy reports. Deputise for the Associate Director of Records and Privacy and the Data Protection Officer when necessary. Provide additional support to the AD Records and Privacy / DPO for contact with the Information Commissioners Office and provide advice on complex Data Protection issues, procurement decisions, Information / Cyber Security, and Information Sharing.
Coordinate with the Head of Records and the Records Management team leader on common issues. Actively engage with local and regional forums and webinars, ensuring ongoing personal development and knowledge of Data Protection law, issues, and developments.
Coordinate and prioritise the work and meetings of the IG Team. Supervise and support staff wellbeing and development in line with the Trusts appraisal policy.
Nexus Jobs LimitedLondon, 18 mi from Leatherhead
Job Description
Information Security Manager
Role Description
This is a full-time role as an Information Security Manager for Bank in Central London. The Information Security Manager will be responsible for day-to-day tasks related...
Michael PageLeatherhead
About Our Client
Leading UK Property Development & Maintenance organisation
Job Description
This Leading UK Property Development & Maintenance organisation are seeking a highly skilled COINS System and Management Information Specialist to manage...
Nexus Jobs LimitedLondon, 18 mi from Leatherhead
Job Description
Role Description
This is a full-time hybrid role for an Information Security Manager with 2nd and 3rd Line IT support experience. The role involves day-to-day tasks associated with planning, implementing, and maintaining...