We have an opening with the local government for a Head of Information Governance on a full time 3 month contract, The salary range is 40,428 - 48,514.
Day to Day duties will include the following:
Principal Duties and Responsibilities
1.Be the recognised authority on all Information Governance matters within the Trust and as such provide an organisational wide advisory and guidance service on highly complex information legislation matters where there can be differing opinions.
2.Use Health Service policy and legislation and interpret them to advise on policy, goals and standards within the organisation.
3.Responsible person for producing Trust wide work plans on an annual basis to meet policy, procedure and legislation requirements.
4.Writing, implementing, reviewing and updating trust wide Information Governance policies, guidelines, protocols, procedures and processes to ensure safe and effective management of information across the trust.
5.Corporate responsibility for advising the Trust on how to meet information governance policy requirements when working with external organisations.
6.Assess the impact of changes to national IG initiatives and to the IG Toolkit, and advise the Information Governance Steering Group (IGSG) of such changes, making recommendations to the Trust and ensuring that actions plans are prepared, agreed and implemented in order for the Trust to meet national IG requirements.
7.Liaise with the Information Commissioner's Office (ICO) on Data Protection matters and ensure that the ICO's guidance is made available to Trust employees.
8.Provide specialist advice on all IG matters eg Data Protection to IGSG and relevant sub-committees and across the whole Trust.
9.Develop and supply options to the business to resolve issues of non-compliance in the Trust offering a range of options which are suitable both for service provision and for legislative compliance.
10.Monitor and audit compliance with policies and procedures across the Trust through site visits, including inpatient and forensic wards, initiating actions to address areas of non-compliance and reporting on progress and risks to the IGSG and/or its sub-committees.
11.Proactively produce, maintain and monitor the Trust's Information Governance action plan and report regularly on progress to the Information Governance Steering Group (executive reporting level).
12.Manage and co-ordinate completion of the annual Trust Information Governance assessment with Trust leads, using the NHS Information Governance Toolkit, and obtain sign-off by IGSG before submission.
13.Responsible for maintaining an IG risk and assurance register, ensuring that all major risks are brought to the attention of IGSG and appropriate senior managers for action.
14.Responsible for ensuring the Trust's Data Protection registration is maintained and all other external IG regulatory or audit requirements are completed and reported in a timely and efficient manner to the appropriate monitoring body.
15.Oversee maintenance of an appropriate, up-to-date Information Governance evidence portfolio so that it is available to support Care Quality Commission reviews and/or internal and external audits.
16.Present implementation plans and progress reports to the IGSG and relevant sub-committees on a regular basis.
17.Prepare and present, where applicable, regular Information Governance reports to Trust Board/ Audit Committee.
18.Trust representative on all local, regional and national Information Governance related meetings on behalf the Trust, providing feedback to relevant Trust working and steering groups.
19.Trust representative responsible for engagement with service users, family members and service user contact groups on information governance matters including subject access requests, breaches in confidentiality, and handling complaints in a sensitive manner due to the potentially distressing situations that may result from breaches in confidentiality.
20.Investigate complex complaints in relation to Information Governance on behalf of the Trust ensuring a thorough and fair assessment in relation to highly sensitive information.
21.Identify and procure external Information Governance training and relevant communications material to increase awareness on the importance of Information Governance in the trust.
22.Collate and analyse performance statistics on aspects of information governance to identify trends and areas for action and improvement.
23.Trust representative on various organisational, regional and national groups in determining and implementing national and local policies, protocols and procedures.
24.Take corporate responsibility for Information Governance compliance in the provision of new goods and services in the Trust from the Tender phase to the final contract signing.
25.Responsible for drafting, producing and ensuring appropriate policies, procedures and guidance are available for staff to carry out their roles in a compliant manner.
26.Provide assurance and assistance for site moves through manual checking of sites and all record containers within any area of a building and regardless of condition, sometimes in unpleasant conditions where containers and surroundings are dusty or dirty.
Data Protection Officer role - responsibilities in line with General Data Protection Regulations (GDPR)
27.Experience and practical application of current European data protection legislation and possess an in-depth understanding of GDPR and advise the organisation on implementation and compliance requirements.
28.Operates impartially within the organisation and has direct access and reports to the Trust Board and Trust Board members in carrying out this role.
29.Possess integrity, professional ethics and sound judgement to fulfil the role within the organisation including at Trust Board level.
30.Ability to communicate effectively with the highest levels of management including Trust Board members.
31.Be the first point of contact for supervisory authorities (the ICO) be the named point of contact on the Data Protection Register and lead in advising internal stakeholders on risks and risk mitigation.
32.To be the first point of contact for individuals whose data is processed; the data subject (employees, patients, carers, service users, etc.).
33.The DPO must declare any conflicts of interest both internal and external which may affect their ability to provide impartial and independent advice to the Trust on matters relating to data protection.
34.Skills to implement essential elements of GDPR such as the principles of data processing, data subjects' rights, data protection by design and by default.
Data Protection and Confidentiality
35.Act as the Trust Lead Data Protection Officer, providing specialist advice to Trust staff on data protection matters.
36.Provide advice and monitoring on Privacy Impact Assessments (PIA) and ensure that PIAs are carried out on strategic information systems projects.
37.To submit any necessary privacy impacts to the ICO for review.
38.Manage information systems central to the management of Data Protection requests, ensuring they are working and accessible to the Care Records and Corporate functions.
39.Monitor arrangements to ensure that data access information requests, including requests for access to health records, are processed within the permitted timescales and assurance can be provided to the Trust as to compliance.
40.Manage complaints raised by the Information Commissioner's Office where alleged breaches of legislation have occurred on behalf of BSMHFT Service Users and/or trust employees. This may involve seeing service users and/or employees to explain why, what and how the trust manages personal confidential information; in circumstances where the individual may be emotionally upset or distressed.
41.Implement and maintain the Trust Information asset register of systems and files containing personal information and associated security arrangements.
42.Review, maintain and update the Trust's Data Protection Registration entry, as required by the Information Commissioners Office.
43.Lead the monitoring of information processing against agreed standards by undertaking inspections and audits of information security and confidentiality arrangements within the organisation
44.Develop and maintain Trust privacy and fair processing notices.
45.Contribute to the development of a culture of openness allowing appropriate information to flow freely
Information Asset Ownership
46.Provide leadership, support and guidance to the Trust's Information Asset Owners to ensure that IG provision is clearly understood and enables full integration across the whole Trust.
47.Co-ordinate and lead the Information Asset Working Group to support Information Asset Owners.
Care and Corporate Records Management
48.Support subject matter experts in the development and delivery of the Trust's Records Management policy to ensure legislative compliance and in support of strategic objectives.
49.Responsible for identifying Trust-wide Information Governance (IG) training needs, ensuring that IG statutory and mandatory, as well as recommended, learning requirements are clearly defined, that training courses and information material on IG available to staff meet those needs, and that the Trust meets its associated performance targets.
50.Responsible for the development, maintenance and delivery of the IG component of the Trust Induction Programme, along with a comprehensive series of Information Governance related training courses for all Trust staff, and for defined roles, to enable staff to meet their legislative requirements.
51. Develop, deliver and evaluate training and workshops on confidentiality on information security, and other information governance subjects at various levels of complexity and in varying settings, sometimes to large groups of staff.
Managerial and Administrative
52.Line management responsibility for staff within the Information Governance Function
53.Oversee and manage the administration of the Information Governance Steering Group and other subgroups as required including formal minute taking at senior meetings including the Information Governance Steering Group.
54.Responsible for overseeing the work of administrative support staff and subject matter leads as appropriate.
55.Act as a topic expert for serious incidents that involve IG, ensuring appropriate action is taken and advising on breaches of policy for disciplinary action.
56.Maintain a working expert knowledge and understanding of all IG National themes (particularly the Data Protection Act and Freedom of Information Act)
57.Maintain a detailed working knowledge of current NHS Information Security and Confidentiality policy and developments.
Communication and Other Responsibilities
58.Initiate and lead projects to address information governance requirements, producing detailed project briefs, plans and progress reports as appropriate.
59.Attend and contribute to departmental and other relevant meetings.
60.Maintain effective working relationships with user departments.
61.Develop and maintain effective working relationships with external suppliers of systems and services.
62.Respond professionally and calmly, using tact and diplomacy, to a range of difficult or emotional situations with staff, service users and others, for example when discussing policy information which may be unpopular, or dealing with cases where staff have misunderstood or not complied with policy.
63.Promote Trust wide good practice in the use of IT hardware and software.
64.Store, install and operate all ICT equipment safely when under own control.
Participate in other departmental projects and undertake any other duties appropriate to the grade, as agreed with line manager.
As a person you will need the following qualities & experience:
•Degree level qualification or relevant experience, and,
•Information Systems Examinations Board (ISEB) Data Protection, or equivalent relevant experience or other qualification, and,
•Evidence of continued professional development in relation to Information Governance and changes in legislative requirements
•Extensive experience of working in the field of information governance including practical implementation of the Data Protection Act, the Freedom of Information Act and the NHS Governance framework at senior level. Experience of developing and implementing information governance training and awareness programmes for staff.
•Experience of developing and implementing organisation wide information governance strategies, policies and procedures. Expert knowledge of the Data Protection and Freedom of Information Acts including General Data Protection Regulation requirements
•Experience in writing detailed information security / information governance procedures and processes
•Experience in privacy impact assessments
•Excellent understanding of confidentiality issues in relation to personal data
•Awareness of information system security issues and techniques
•Knowledge of information security standards
•Practical application of project management principles
•Supervisory/ management experience
•Excellent presentation skills
•Excellent interpersonal and negotiating skills
•Ability to communicate effectively with the highest levels of management including Trust Board members.
•Ability to provide expert opinion on complex matters where opinions may differ.
•Ability to resolve conflicting interests in a pragmatic way
•Good time management and organisational skills
•Ability to write concise, well structured policies, reports, guidelines and operating procedures Good all round IT skills including email, internet, word processing, spreadsheet and presentations.
•High levels of personal integrity and reliability
•Ability to work on own initiative but also to work in a team
•Ability to negotiate complex situations.
•Ability to produce high quality work under time pressure
•Ability to display leadership and motivate others
•Ability to see opportunities for development of role, self, staff and service
•Shows attention to detail
•Must be able to concentrate for extended periods on VDU and other detailed and complex work
•Flexible attitude in the work environment
•Must be able to occasionally work out of hours
•Moderate physical effort required e.g. to lift boxes of records.
•Able to travel and work across Trust sites in Birmingham and Solihull area.
Office Workforce is responsible for thousands of temporary, temp-to-perm and permanent vacancies across the Midlands. We operate from several prime locations in the area, and are likely to have an office right near you. Our team offer a unique service tailored to match your precise needs, and can assist you with the following job categories; Clerical and Administration, Call Centre, Customer Services, Sales and Business Development, Secretarial and PA, Professional and Management. We are always on the lookout for the very best talent, so if you know anyone, refer them to our professional and friendly team who will be more than happy to help.