Data Protection Officer
To support with information requests under current Data Protection Legislation and the Freedom of Information Act/Environmental Information Regulations, ensuring that requests are dealt with in accordance with legislation and within agreed timescales To conduct a programme of audits and report on the auditing of compliance across the Charity, To provide advice and take action, where necessary in response to audit findings and recommendations in respect of Information Governance.
To ensure Data Privacy Impact Assessments are carried out in line with Charity policy and monitor progression of all associated action plans and audits. To support in maintaining a comprehensive suite of policies and procedures to ensure the Charity has a comprehensive Information Governance framework To keep up to date on legislation relevant to information Governance and ensure that the necessary changes to Charity policies and procedures are proactively addressed.To ensure the Charity has a well-maintained information asset register, with assets being risk assessed and asset owners being trained appropriately for their role. To ensure appropriate action is taken where compliance issues are flagged. To ensure appropriate risk assessments are conducted in relation to personally identifiable information held by Charity suppliers and seek advice from the Charitys IT external contractors in relation to cyber security and general IT security risks.
To work with Managers, Heads of service and Directors to identify any new working practices required and to support the change programme to implement these. To support in the implementation of the overarching Charity Information Governance Strategy and Framework in support of statutory and regulatory requirements (e.g., Data Security and Protection (DSP) Toolkit and PCI DSS).