Deputy Data Protection Officer

**Details**:
**Reference number**:

- 227376**Salary**:

- £61,000 - £61,000**Grade**:

- Other**Contract type**:

- Permanent**Type of role**:

- Other**Working pattern**:

- Full-time**Number of posts**:

- 1Contents

Location

About the job

**Benefits**:
Things you need to know

Location
- Manchester, North West England, M2 3HQAbout the job

**Summary**:
We are the Parliamentary Health Service Ombudsman, an independent national ombudsman service. We are here to make final decisions on complaints that are yet to be resolved by the NHS in England, UK government departments, and some other public organisations.

We do this fairly and transparently without taking sides, and our service is completely free.

**Job description**:
As the Deputy Data Protection Officer you will lead operational data protection within PHSO. You will be a proactive and expert champion for privacy and information rights for people who work for or with us and for the public whose complaints we handle. You will use your knowledge of technologies, ethics and legislation to find pragmatic and ethical responses to complex issues. You will embody integrity and resilience as you and your team deliver an exemplary service internally and externally.

You will be leading one of the UK’s busiest information rights teams dealing with special category data at volume and you will use your innovation and eye for efficiencies to continuously improve how we work.
- To champion and implement good operational information rights and data protection practice across PHSO and our data processors (suppliers).
- To ensure that your team handles information requests in accordance with all statutory obligations, codes of practice and guidance thereby minimising the reputational risk of non-compliance.
- To manage and maintain guidance and policies to ensure that how we work keeps pace with technological, legislative and best practice developments.
- To horizon scan and maintain your knowledge of data protection, technologies, ICO action and decisions, cyber security and information rights.
- Be a credible champion for information rights, working with stakeholders to help PHSO deliver our strategic objectives whilst complying with the law.
- To lead the data protection impact assessment process to ensure a consistent and compliant approach to high-risk data processing.
- To lead the information assurance networks within PHSO, supporting staff and managers to understand their responsibilities.
- To manage demand and expectations both internal and external, and to take direct ownership of complex or high-profile incidents or cases as directed by the SIRO and/or DPO.
- Produce consistent and measured arguments in response to complaints made to the regulator about PHSO's handling of information.
- Implement and then maintain PHSO's publication scheme, proactively identifying areas when publication is in the public interest, aligned with the ICO's transparency strategy.
- Own the business planning process for the Information Assurance team, profiling resources, demand and other constraints or opportunities to ensure that the service is maintained at target level.
- To sign off, when delegated by the DPO, technical, logical and/or information design and data protection risk assessments.
- Act as lead Duty Incident Manager on a shared rota basis to manage information security and personal data breaches in accordance with defined incident management processes, ensuring impacts and risks are appropriately identified, assessed and mitigated;
**Generic Duties**
- To manage the team's delivery against agreed targets and quality standards.
- To lead and manage change in own area and within the wider PHSO management community.
- To manage, support, develop and coach the team enabling high performance.
- To participate in learning & development activity and professional development as required in relation to the role.
- To contribute to an environment of continuous improvement and excellence.
- To provide excellent customer service to all internal and external stakeholders.
- To take decisions in accordance with the role's delegated authority under the casework and/or non-casework delegation schemes.
- To ensure all legislative, regulatory, policy, process, procedures and guidance requirements of PHSO are adhered to and appropriately evidenced to the role's line manager.
- To promote and support the PHSO's vision and values.
- To complete any other duties commensurate with the role.

**Responsibilities**:
**The Successful Applicant**

Essential
- Knowledge and experience of data protection and information rights legislation.
- Knowledge, experience and expertise in assessing new technologies, concepts, ideas and/or suppliers to ensure security and legislative compliance.
- Knowledge and experience of risk and opportunity management with information and technology risk management desirable.
- Experience of delivering continuous and demonstrable improvements and of using