Data Protection Officer
Hybrid working in Eastbourne, East Sussex office and remote
Salary to £57500 per annum with a fantastic comprehensive employee benefits scheme
Stratospherec are recruiting for a leading European Medical Services organisation who provide critical health services to patients across the UK and Europe.
They are looking to hire a new role of Data Protection officer who will work closely with the leadership team and wider company in the UK to ensure that current and future business operations are run and developed in line with relevant regulatory requirements and industry standards.
The Data Protection Officer will support key operational teams on a journey of continuous improvement and innovation to ensure that the company upholds the information rights of patients, reporters, employees whilst balancing the needs of the business to provide critical health services to their clients.
Data Protection Officer - Key responsibilities:
- To act as the Data Protection Officer advising the business of it’s obligations to operate within the requirements of European and UK privacy regulations and to liaise with supervisory authorities when required.
- Maintain up-to-date documentation including records of processing activities (ROPA), data protection policies, privacy notices and retention schedules.
- Lead on Subject Access Requests and other regulatory requests from clients, employees, reporters and external individuals.
- Support internal business teams with data protection impact assessments (DPIA) on behalf of clients and/or third parties and to also support the company’s own internal supplier management and assurance processes.
- Support the internal review of Data Protection Agreements (DPA) and other data protection related documentation.
- Work closely with the Information Security Manager, to complete the annual NHS Data Security & Protection Toolkit and other client assurance as required.
- Ensure the company maintains good practice in the management of information and lead the company’s data governance committee.
- Support corporate programmes and projects with data privacy reviews in line with business and stakeholder requirements.
- Monitor changes to privacy laws, healthcare information governance policies and other emerging trends that may impact the business.
- Define and deliver regular and relevant staff awareness training on data protection and privacy via the company’s internal training platform and in person where required.
Skills needed for this role:
- Privacy and Information Governance related work within UK
- Acting as Data Protection Officer for a UK or EU based business
- A great understanding of best practice in the fields of privacy, data protection and information management, in particular UK and EU GDPR and other relevant laws.
- Ability to clearly articulate and communicate requirements, ideas and concepts.
- Excellent attention to detail.
- The ability to embrace and encourage change and continual improvement.
- A willingness to self-develop and keep up-to-date on the latest privacy and IG laws, regulations and industry standards
- Demonstrable experience of building key stakeholder relationships across an organisation
- Confidence to communicate with an audience up to and including senior management level.
- Excellent time-management skills to self-manage and successfully see through multiple work-streams within agreed timescales
- The ability to analyse and review documents and publications and summarise the key points relevant to the company’s business
- An understanding of NHS (UK) policy and standards
- A track record in leading and implementing successful privacy or information governance programmes
- Completing data protection impact assessments (DPIA) or other privacy or information security related assurance questionnaires
- Delivering staff awareness training on data protection and related topics
- Dealing with external certification and accreditation auditors
- Completing the NHS Data Security and Protection Toolkit (NHS DPST)
- Leading a data governance committee or overseeing data governance
- Experience of the application of global standards and frameworks relevant to data protection
- Holding a current data protection or privacy related certification, such as CIPP or other Practitioner Certificate (such as BCS Practitioner Certificate in Data Protection).
This is a new role to be a critical member of the company’s Data Governance team and our client will offer a flexible working environment, a brilliant employee benefits package, constant on-going learning and training.
This role will require a Data Protection Officer who can work well within a team or equally alone with the ability to set priorities appropriately and thrive in an often pressurised yet challenging and rewarding environment.
If this role is of interest, then please apply with your CV to find out more?