Privacy Analyst

2 months ago


Borehamwood, United Kingdom Elysium Healthcare Full time

Are you a Privacy Analyst with experience in working within healthcare or a legal environment? If so, become a key member of the Elysium Data Protection and Information Governance team as a Privacy Analyst.

You will play a critical role in supporting the management of data protection operations and assisting in delivering Elysium’s Data Protection Programme, ensuring compliance with current data protection regulations and enabling projects across our businesses.

Providing support to the Assistant Data Protection Officer (ADPO) you will also be coordinating the Information Governance Committee and information committee Forum and maintaining compliance with the NHS Data Security and Protection Toolkit.

You will also monitor data protection compliance and work with various departments to ensure that data handling practiced align with data protection regulations and industry standards.

As a Privacy Analyst, you will be:

  • Acting autonomously as a point of contact for queries relating to Elysium’s Data Protection & Information Governance policies and procedures, handling enquiries from staff, service users, the public, and external stakeholders. This may involve communications of a complex/sensitive nature.
  • Coordinating the processing of data subject access requests (DSARs) received under UK GDPR, Data Protection Act (DPA) 2018, this may require the use of complex/sensitive information. For example, but not limited to Subject Access Requests, Court Orders, Coroners Requests, Access to Health Records, etc.
  • Collaborating with IT and Site IG Leads to coordinate the discovery and interrogation of personal data within Elysium’s systems to support privacy compliance processes such as DSARs.
  • Acting autonomously and support the breach management process and provide administrative support to the Assistant Data Protection Officer, including the monitoring and updating of incidents via IRIS and local trackers.
  • Monitoring the IRIS system to ensure that all Data Protection & Security related incidents have been reviewed, remedial actions implemented, and the incident is closed in a timely manner. Assist with the development and dissemination of relevant lessons learnt via internal communication channels, ensuring relevant systems/logs are updated.
  • Assisting the completion of monthly and quarterly reports for legal and risk, collating operational metrics, maintaining and update the Data Protection Operations Dashboard.
  • Assisting in prompting and collaborating with staff to achieve required outcomes for mandatory and statutory deadlines in relation to Data Protection & Information Governance. Monitor the progression with the uptake of Data Protection and Awareness training and produce the data on the Elysium’s compliance with Data Protection and Awareness training under the ICO’s Accountability framework and DSPT requirements. Support the development and implementation of training
  • Coordinating the completion of risk assessments (Data Protection Impact Assessment, DPIA), conduct regular DPIA screening assessments to identify areas of high-risk data processing that require a full DPIA, supporting the delivery of appropriate technical and organisational measures to mitigate privacy risks.
  • Supporting larger privacy programme initiatives, such as migrating and enhancing automation of Records of Processing Activities (ROPAs) and individual rights requests within DPOrganizer and other relevant systems.
  •  Maintaining the organisation ICO registration tracker and updating contact information as required.
  • Contributing to the delivery and execution of the team’s transformational, operational and strategic goals by undertaking small projects under the direction of the Assistant Data Protection Officer/ Data Protection Officer.
  • Assisting on both proactive and reactive operational challenges and privacy compliance remediation, as part of a collaborative team.
  • Researching privacy operations topics and trends and communicating findings with the team, challenging existing processes and surfacing practical ideas for innovation.

To be successful for this role, you will have:

  • Experience in a similar role working within a healthcare organisation or legal team.
  • Experience in either data protection and or information governance.
  • Experience implementing of business processes.
  • Good written and verbal communication skills in English and great interpersonal skills.
  • Practical hands-on experience with Office 365 and Adobe products, such as MD Forms, Excel, PowerPoint, Adobe Acrobat etc.
  • Experience with BI tools such as PowerBi, Sysaid, DPOrganizer.
  • Prior knowledge of DPA, GDPR, especially in relation to ROPAs and individual rights requests.
  • Experience of owning and delivering small projects.

What you will get:

  • Annual salary of £29,640.00
  • The equivalent of 33 days annual leave (inc Bank Holidays) – plus your birthday off
  • Wellbeing support and activities to help you maintain a great work-life balance.
  • Career development and training to help you achieve your career goals.
  • Pension contribution to secure your future.
  • Life Assurance for added peace of mind.
  • Enhanced Maternity Package so you can truly enjoy this special time

There is also a range of other benefits including retail discounts, special offers and much more.

About your next employer:

You will be working for an established, stable and agile company with over 8,000 employees and a unique approach to the delivery of care. With a network of over 90 services across England and Wales covering Mental Health, Neurological, Learning Disabilities & Autism, Children & Education, there is opportunity for you to grow and move. 

Elysium Healthcare is part of Ramsay Health Care with a global network that extends across 10 countries and employs over 86,000 people globally. 

Elysium Healthcare follows safer recruitment of staff for all appointments and is a Disability Confident employer, committed to inclusive and accessible recruitment. It is a requirement that all staff understand it is each person’s individual responsibility to promote and safeguard the welfare of service users. All candidates will be subject to a DBS disclosure.