Head of Information Governance and Data Protection
3 weeks ago
SUMMARY
The Head of Information Governance and Data Protection Officer (DPO) role is the professional lead for Information Governance at Veezu Group. The role will provide expert Information Governance advice and guidance to the Veezu management team and key partners; to ensure that all parties are processing information in accordance with legislation, guidance, while meeting their legal and regulatory obligations.
The Data Protection Officer is an essential role in facilitating ‘accountability’ and the organisations’ ability to demonstrate ongoing compliance with GDPR, where the DPO performs another role or roles there must be no conflict of interest. While this role reports to the IT Director, direct access to the Veezu Executive Board is assured in the fulfilment of their DPO duties. Ensuring that the DPO can effectively carry out their responsibilities and have their concerns and recommendations heard at the highest level of the organisation.
ROLE DUTIES AND EXPERIENCE REQUIRED
- Act as the appointed statutory Data Protection Officer as defined by the General Data
- Protection Regulation 2016 for Veezu Group.
- Be the lead source of information and expertise on information governance and data protection, including but not limited to: The Data Protection Act 1998, The UK and EU General Data Protection Regulation, ISO27001 Information Security Standard, PCI-DSS Card Payment regulation, The Freedom of Information Act 2000, Environmental Information Regulations 2004, The Common Law Duty of Confidence, The Computer Misuse Act, The Office of the Information Commissioner and its associated powers, Information Commissioner Directives/Guidance
- Lead the development of strategies, policies, and guidelines that ensure organisational compliance with information governance and data protection regulations across all departments. This will require making decisions in unprecedented situations.
- Co-operate with and be the first point of contact for the Information Commissioner.
- Be available to be contacted directly by data subjects.
- Develop Information Governance policies that address: Organisational accountability, DPO reporting arrangements, Timely involvement of the DPO in all data protection issues, Compliance assurance: privacy by design/default, When and where data protection impact assessments are required and subsequent reporting on performance, The DPO’s role in incident management
- Have sufficient understanding of the processing operations carried out, as well as the information systems and data security and data protection needs of the organisation.
- Monitor the effectiveness of policies and procedures and the organisations’ compliance with them through a proactive program of audit and review, in conjunction with all functions across the operating model and other stakeholders and bodies.
- Have senior responsibility for the development of a robust Information Risk Assurance function which includes Cyber Security, System Failure and GDPR.
- Provide a single point of knowledge to senior management and staff with clear policies and procedures that ensure Veezu meets both its statutory and legal obligations.
- Maintain an awareness of evolving legislation and national guidance relating to all areas of responsibilities.
- Promote an effective information governance and risk culture that embeds information governance across the Veezu organisation.
- Lead on the development of training, awareness and communications programmes aimed at
- informing and advising Veezu staff (at all levels) to promote understanding of their obligations to comply with information governance requirements.
- Proactively disseminate complex and contentious information governance principles to a wide audience through regular communications briefings using e-mail, intranet and bulletins and other communications media, where there may be resistance to compliance.
- Ensure the Data Security and Protection Toolkit (DSPT) and other IG related audit submissions are made correctly, within timescales and are signed off by the Veezu Exec/Board where applicable and that evidence is available to support the attainment levels submitted. This includes overseeing the delivery of action plans and improvement programmes to support compliance with legislation and national Information Governance requirements. This will require liaison with senior managers throughout the organisation.
- Develop/enforce organisational trigger-points for mandatory input from the DPO providing advice on Data Protection Impact Assessments (DPIA) to offer a balanced independent review of activities such as business improvements, system requests for change, large scale business development and introduction of new systems and services, to: Give consideration of the business needs against GDPR and other information governance / security requirements, Provision of advice and guidance on changes required to meet/maintain GDPR/IG compliance, Identification of system change requirements to support GDPR/IG compliance, Consult with the Information Commissioner’s Office (ICO) where proposed processing poses a high risk in the absence of proposed mitigations, Provide expert input for commercial contracts, invitations to tender, etc, whilst ensuring robust information security and governance is maintained.
- Lead and support specific groups such as Information Asset Owners, System Administrators through effective networking structures sharing of relevant experience and provision of appropriate advice.
- Ensure information breaches (e.g., security, confidentiality) including serious incidents and breaches are investigated and where necessary escalated in a professional manner and reported on in accordance with process and procedure.
- Provide guidance on operational and procedural improvements arising from lessons learned.
- Be organisations expert on information sharing, ensuring organisations approaches are compliant with law and best practice.
- Proactively and strategically ensure organisations are able to share information effectively and appropriately where multi agency or partnership working exists.
- Take the lead in developing, managing and reviewing information sharing protocols and third-party access and Data Processing Agreements with other organisations including local authorities and voluntary organisations.
PERSONAL COMPETENCIES
- Planning; exhibit exceptional organisational acumen.
- Communication Proficiency; possess the ability to articulate thoughts with clarity, at all levels of the organisation.
- Proactive Adaptability; embody a proactive ethos, taking initiative when appropriate, pinpointing areas for improvement or transformation.
- Collaborative Spirit; commit to the broader organisations vision, actively collaborating to achieve overarching goals.
- Approach; take a calm and collegial approach when working with the team and wider business.
- Result-Oriented Approach; Display intrinsic motivation and an aptitude to autonomously define, manage, and achieve key milestones and objectives.
-
Cardiff, United Kingdom Veezu Full timeSUMMARYThe Head of Information Governance and Data Protection Officer (DPO) role is the professional lead for Information Governance at Veezu Group. The role will provide expert Information Governance advice and guidance to the Veezu management team and key partners; to ensure that all parties are processing information in accordance with legislation,...
-
Cardiff, United Kingdom Veezu Full timeSUMMARYThe Head of Information Governance and Data Protection Officer (DPO) role is the professional lead for Information Governance at Veezu Group. The role will provide expert Information Governance advice and guidance to the Veezu management team and key partners; to ensure that all parties are processing information in accordance with legislation,...
-
Cardiff, United Kingdom Veezu Full timeSUMMARY The Head of Information Governance and Data Protection Officer (DPO) role is the professional lead for Information Governance at Veezu Group. The role will provide expert Information Governance advice and guidance to the Veezu management team and key partners; to ensure that all parties are processing information in accordance with legislation,...
-
Cardiff, United Kingdom Veezu Full timeSUMMARYScroll down to find an indepth overview of this job, and what is expected of candidates Make an application by clicking on the Apply button.The Head of Information Governance and Data Protection Officer (DPO) role is the professional lead for Information Governance at Veezu Group. The role will provide expert Information Governance advice and guidance...
-
Cardiff, United Kingdom Veezu Full timeSUMMARYThe Head of Information Governance and Data Protection Officer (DPO) role is the professional lead for Information Governance at Veezu Group. The role will provide expert Information Governance advice and guidance to the Veezu management team and key partners; to ensure that all parties are processing information in accordance with legislation,...
-
Cardiff, United Kingdom Veezu Full timeSUMMARY The Head of Information Governance and Data Protection Officer (DPO) role is the professional lead for Information Governance at Veezu Group. The role will provide expert Information Governance advice and guidance to the Veezu management team and key partners; to ensure that all parties are processing information in accordance with legislation,...
-
Cardiff, United Kingdom Veezu Full timeSUMMARYThe Head of Information Governance and Data Protection Officer (DPO) role is the professional lead for Information Governance at Veezu Group. The role will provide expert Information Governance advice and guidance to the Veezu management team and key partners; to ensure that all parties are processing information in accordance with legislation,...
-
Cardiff, United Kingdom Veezu Full timeJob DescriptionSUMMARYThe Head of Information Governance and Data Protection Officer (DPO) role is the professional lead for Information Governance at Veezu Group. The role will provide expert Information Governance advice and guidance to the Veezu management team and key partners; to ensure that all parties are processing information in accordance with...
-
Information Governance Support Officer
5 days ago
Cardiff, United Kingdom Cardiff Council Full time**About The Service** An exciting opportunity has become available within the Council’s Information Governance Team supporting the delivery of the Council’s Information Governance practices and helping us build ready for the next phase of our response to delivering services to the citizens we are here to help. Come and join a growing team and enhance...
-
Head of Data
4 weeks ago
Cardiff, United Kingdom Veezu Full timeThe Head of Information Governance and Data Protection Officer (DPO) role is the professional lead for Information Governance at Veezu Group. The role will provide expert Information Governance advice and guidance to the Veezu management team and key partners; to ensure that all parties are processing information in accordance with legislation, guidance,...
-
Head of Data
4 weeks ago
Cardiff, United Kingdom Veezu Full timeThe Head of Information Governance and Data Protection Officer (DPO) role is the professional lead for Information Governance at Veezu Group. The role will provide expert Information Governance advice and guidance to the Veezu management team and key partners; to ensure that all parties are processing information in accordance with legislation, guidance,...
-
Data Protection Lawyer
4 weeks ago
Cardiff, United Kingdom BCL Legal Full timeData Protection Solicitor - National firm - Cardiff/Exeter Market leading national law firm is seeking an experienced Data Protection Solicitor to join its Education team in Birmingham. This Data Protection Solicitor opportunity is offered on a full or part-time (4 days a week), permanent basis with flexible working options accommodated. Hybrid working...
-
Data Protection Lead
6 days ago
Cardiff, Cardiff, United Kingdom Heat Recruitment Ltd Full timeCompliance opportunity as a Date Protection Lead working for a law firm based in central Manchester. Working within the Risk & Compliance team you will be primarily responsible for data protection and privacy law. Role duties:Maintaining data protection, information security, cyber security policies, information asset register, and records of processing....
-
Information Request Case Officer
5 days ago
Cardiff, United Kingdom Cardiff Council Full time**About The Service** An exciting opportunity has become available within the Council’s Information Governance Team supporting the delivery of the Council’s Information Governance practices and helping us build ready for the next phase of our response to delivering services to the citizens we are here to help. Come and join a growing team and enhance...
-
Management Information System Manager
4 weeks ago
Cardiff, United Kingdom Michael Page Technology Full timeThis role of Information Systems Manager is a key leadership position within the Technology Department of a major public sector organisation. The successful candidate will be responsible for managing and improving data strategies to enhance organisational effectiveness. This large public sector organisation is focused on providing efficient and sustainable...
-
Head of Operations
5 days ago
Cardiff, United Kingdom Public Health Wales NHS Trust Full time**Head of Operations - Health Protection** The Health Protection and Screening Services Directorate is seeking a dynamic, forward thinking, and inspiring Head of Operations for the Health Protection Division who can play a pivotal role in the next phase of our exciting journey. You will be an exceptional leader, comfortable working within a dynamic and...
-
Head of Operations
5 days ago
Cardiff, United Kingdom Public Health Wales NHS Trust Full timeHead of Operations - Health Protection The Health Protection and Screening Services Directorate is seeking a dynamic, forward thinking, and inspiring Head of Operations for the Health Protection Division who can play a pivotal role in the next phase of our exciting journey. You will be an exceptional leader, comfortable working within a dynamic and fast...
-
Head of Delivery
5 days ago
Cardiff, United Kingdom Public Health Wales NHS Trust Full timeFixed term / Secondment until 31/03/2024 due to funding The Head of Delivery will work under the direction of the Head of Vaccine Preventable Disease Programme (VPDP) and will have responsibility for an agreed portfolio of work. This will include leading the development of operational change programmes in the division, ensuring that Directorate business and...
-
Head of Delivery
5 days ago
Cardiff, United Kingdom Public Health Wales NHS Trust Full timeFixed term / Secondment until 31/03/2024 due to funding The Head of Delivery will work under the direction of the Head of Vaccine Preventable Disease Programme (VPDP) and will have responsibility for an agreed portfolio of work. This will include leading the development of operational change programmes in the division, ensuring that Directorate business and...
-
Head of Data
4 weeks ago
Cardiff, United Kingdom Harnham Full timeINFO - SALARY: - £550 - £650 LOCATION Cardiff - JOB TYPE - Contract **HEAD OF DATA** **£550-£650 PER DAY (OUTSIDE IR35)** **CARDIFF (2/3 DAYS HYBRID)** **6 MONTH CONTRACT** **THE COMPANY**: Join a scale-up tech business, where innovation and data-driven commercial value are at the forefront of their operations. With a strong commitment to...
