Data Protection Officer | Havens Hospices - Southend - ref. q18999619

Working within our IT & Compliance team, based at Fair Havens in Southend on Sea, and Little Havens in Thundersley, this role plays a key part in progressing and monitoring procedures and processes, ensuring that the Charity remains compliant with all relevant Data Protection and Information Governance regulations.

Please be aware that, unfortunately, Havens Hospices is unable to offer UK visa sponsorship at this time.

This role is predominantly office-based in Southend on Sea, Essex.

Previous applicants for this position need not apply.

Reporting to the Head of IT & Compliance, you will provide expert IG advice and guidance to the charity and its trustees. You will be responsible in ensuring that we remain compliant with all applicable legislation, including GDPR and the DPA 2018.

This role is also responsible for processing and managing information requests as per the FOI Act, and Environmental Information Regulations.

At Havens Hospices, we care for children, young people and adults with complex or incurable conditions. Our specialist Care Teams can support them and their family living throughout illness, death and bereavement in the comfort of their own home and through our hospice services, Fair Havens and Little Havens.

Working at Havens Hospices allows you to give the gift of time to patients and families, creating memories. Although you may not be giving direct care to our patients, your contribution will have an immediate effect on our care services.

In return for your expertise and passion, you will receive a competitive salary package, and most of all, by making the most of every day you work at Havens Hospices you’ll be helping us continue ‘Making every day count’ for those who need us most.

At Havens Hospices we are committed to safeguarding and promoting the welfare of our employees and patients and expect all colleagues to share this commitment.

• To ensure the Charity has an accurate, complete and maintained data protection registration with the Information Commissioner’s Office as a Data Protection Officer.
• To ensure the Charity complies with all relevant legislation in relation to information governance, including the General Data Protection Regulation and Data Protection Act 2018.
• To support with information requests under current Data Protection Legislation and the Freedom of Information Act/Environmental Information Regulations, ensuring that requests are dealt with in accordance with legislation and within agreed timescales
• To conduct a programme of audits and report on the auditing of compliance across the Charity,
• To provide advice and take action, where necessary in response to audit findings and recommendations in respect of Information Governance.
• To ensure Data Privacy Impact Assessments are carried out in line with Charity policy and monitor progression of all associated action plans and audits.
• To support in maintaining a comprehensive suite of policies and procedures to ensure the Charity has a comprehensive Information Governance framework
• To keep up to date on legislation relevant to information Governance and ensure that the necessary changes to Charity policies and procedures are proactively addressed.
• To ensure the Charity has a well-maintained information asset register, with assets being risk assessed and asset owners being trained appropriately for their role.
• To ensure appropriate action is taken where compliance issues are flagged.
• To ensure appropriate risk assessments are conducted in relation to personally identifiable information held by Charity suppliers and seek advice from the Charity’s IT external contractors in relation to cyber security and general IT security risks.
• To work with Managers, Heads of service and Directors to identify any new working practices required and to support the change programme to implement these.
• To support in the implementation of the overarching Charity Information Governance Strategy and Framework in support of statutory and regulatory requirements (e.g., Data Security and Protection (DSP) Toolkit and PCI DSS).

This advert closes on Wednesday 19 Mar 2025