Records Management Officer

Nottingham CityCare Partnership CIC

Information:

This job is now closed

Job summary

Nottingham CityCare Partnership is a Social Enterprise, providing commissioned services to the NHS. That means we have all the benefits (Agenda for Change terms and conditions, NHS Pensions etc.) but with more flexibility than a traditional NHS Trust.

Are you looking for challenge?

Do you have Records Management experience?

Are you highly organised with attention to detail and can implement the tracking, retrieval and archiving processes needed for digital and paper-based records? Then we want to hear from you!

CityCare is looking to recruit a motivated Records Management Officer to work in our small, but busy and highly valued, Information Security team on an 18-month fixed term contract.

Reporting into the Head of Information Security & Data Protection Officer, the postholder should understand Records Management functions and the importance of organisational and legislative compliance with the processing, archiving, retention, and destruction of records.

The role will assist the Head of Information Security & Data Protection officer with ensuring compliance with relevant Records Management Code of Practice/Standards, Data Protection legislation and the Data Security and Protection Toolkit submission.

Main duties of the job

You will be a team player, but also able to work autonomously, whilst providing an outstanding service to CityCares directorates and Partner organisations.

The role will be a point of contact for Records Management queries and will provide assistance to Managers and Project Leads in the proper standards of the organisation of patient/personal and corporate records, ensuring effective management and appropriate storage of records guided by clear policies and procedures, with implementation of robust audits for all CityCare services.

This role will plan, coordinate and deliver a range of projects and records management programmes for all types of data, including health/corporate records frameworks, electronic and paper-based procedures, records digitisation, archiving/retrieval and destruction of records, as well as be an advisor to the Subject Access/Access to Information functions.

The Records Management Officer will assist with the monitoring of policy reviews and take ownership of the Records Management policy and associated standard operating procedures/guidance, whilst supporting with the implementation and delivery of Records Management training and increasing staff awareness of Records Management processes

To be successful in this exciting new role you will need to take initiative, be a good communicator, be dedicated and flexible, but also thrive on providing a good quality professional service whilst promoting all things records management.

About us

We are a provider of NHS Community Health Services, CityCare exists to support the health and wellbeing of all local people, working alongside other health and care partners to achieve this. We are a value driven, people business with a passion for excellence. Our vision and social purpose is to make a difference everyday to the health & wellbeing of our communities and our values of kindness, respect, trust and honesty lie at the heart of everything we do, guiding how we work together with partners and each other to consistently deliver high quality compassionate care. As a social enterprise we aim to add social value by investing in the future of our local communities and helping to make a difference in peoples lives.

CityCare value the benefits of a diverse and inclusive workforce. We encourage applications from candidates who identify as disabled, LGBT+ or from a Black, Asian or Minority Ethnic (BAME) background, as they are currently under-represented within our organisation.

CityCare is an equal opportunities employer. We are positive about employing people with disabilities. If you require your application in a different format please contact Human Resources on 0115 8839418. CityCare is committed to the protection of vulnerable adults and children.

Date posted

15 April 2024

Pay scheme

Agenda for change

Band

Band 5

Salary

£28,407 to £34,581 a year

Contract

Fixed term

Duration

18 months

Working pattern

Full-time

Reference number

B9826-PGCE-6005

Job locations

Aspect House, Aspect Business Park

26 Bennerley Road

Bulwell

Nottinghamshire

NG6 8WR


Job description

Job responsibilities

Job Purpose

  • Working within a busy Information Security team, the post holder will work closely with the Head of Information Security & Data Protection Officer to provide a high-quality Records Management and Data Protection Service to CityCare's Directorates.
  • The post holder will assist the Head of Information Security & Data Protection Officer in providing vital support primarily to the Records Management, Subject Access and Access to Information functions, whilst providing project support to aid organisational compliance in records management/processing, archiving, retention and destruction.
  • The post holder will assist the Head of Information Security & Data Protection Officer in fulfilling their statutory duties, including but not limited to, compliance with relevant Records Management Code of Practice/Standards, Data Protection legislation and the Data Security and Protection Toolkit submission.

Dimensions

  • The post holder will plan, coordinate and deliver a range of projects and records management programmes for all types of personal and corporate data, including health/corporate records frameworks, electronic and paper-based procedures, records digitisation, archiving/retrieval and destruction of records.
  • The post holder will also provide assistance to Managers and Project Leads in the proper standards of the organisation of patient/personal and corporate records, ensuring effective management and appropriate storage of records guided by clear policies and procedures, with implementation of robust audits for all CityCare services.
  • The Records Management Officer will assist with the monitoring of policy reviews and take ownership of the Records Management policy and associated standard operating procedures/guidance, whilst supporting with the implementation and delivery of Records Management training and increasing staff awareness of Records Management processes.

Key Responsibilities

  • To act as a point of contact for records management queries and requests for support which includes monitoring the shared mailbox and coordinating responses to internal and external colleagues.
  • To maintain relationships with members of the public and internal / external stakeholders whilst ensuring that queries are dealt with confidentiality and sensitively, effectively and of high standard, whilst using own judgement to decide on the course of action.
  • To support the organisation with its aims to become a paper light / paper less organisation, including the provisions of records storage, processing and management within specific digitisation projects, for example, Office 365 (SharePoint / OneDrive / Channels etc.), ensuring compliance with law and best practice.
  • To contribute to the development of organisational policies, procedures, and guidance including monitoring of review dates and publication on the organisations intranet and website.
  • To support Managers to implement these processes and embed policies effectively into everyday practice.
  • To provide support and specialist advice and guidance to all levels of the organisation on the appropriate legislation and best practice in relation to all areas of records management, including, but not limited to, paper-based, electronic and digitisation processes for clinical(patient records), employee, and corporate records.
  • To develop and implement an audit plan of clinical and corporate records, ensuring appropriate access and storage (physically and on electronic systems) security is adhered, reporting any findings to the relevant Committee and escalating concerns to the Head of Information Security& Data Protection Officer.
  • To provide support to Managers and Project Leads in the completion of relevant records management risk assessments, providing advice and guidance to all staff in relation to health, employee and corporate records risks, liaising closely with the Head of Information Security to mitigate and investigate risks/concerns.
  • To provide support to Managers and Project Leads in the implementation of relevant records management processes such as the tracking, retrieval, filing, destruction and archiving of clinical and corporate records, on site and off site, using the appropriate systems and methods, whilst ensuring compliance with Data Protection Legislation and Records Management standards.
  • To plan, coordinate and deliver a range of projects and training programmes including, but not limited to, Records Management, ensuring specific targets are met.
  • To work proactively with the organisations Information Asset Owners and the Information Security Officer to ensure that records of processing activities are understood, recorded, and maintained. This will include the ensuring that the Information Asset Owners/Privacy Officers are supported in their role, escalating any concerns to the Head of Information Security & Data Protection Officer, and/or SIRO as required.
  • To support, where required, with data breaches / records management incidents, ensuring that Managers are recording in line with the organisations policies and appropriate actions are taken as quickly as possible and are escalated accordingly. This may also include reviewing audit trails, checking individual accounts and producing relevant reports, and reporting to the Regulator as appropriate.
  • To provide assistance / support with the organisations submission of the Data Security and Protection Toolkit, working with internal and external colleagues to collate the relevant evidence to ensure the organisation can demonstrate compliance.
  • To assist with the production of a communications plan to raise employee awareness, which could include posters, leaflets, articles and maintenance of the Information Security pages of the intranet.
  • To provide an administrative support to the Service, and to assist, where necessary, with the administration of the Records Management Group including agendas, papers, and reports.
  • The Records Management Officer will lead on specific items of the Records Management Group and may also be expected to Chair the Records Management Group as required.
  • To attend relevant Records Management meetings, seminars and conferences as necessary, providing feedback to relevant colleagues and committees and where necessary, deputising for the Head of Information Security & Data Protection Officer.
  • To develop and maintain strong working relationships with a range of internal and external colleagues, such as the Caldicott Guardian, Senior Information Risk Owner, Records Management Officers, Information Security Officers, Privacy Officers, Digital Leads, Business Intelligence and Cyber Security colleagues.
  • To support, where necessary, the Subject Access Request process by providing high level and complex advice as needed to CityCares virtual Access to Records team. This will require providing advice and guidance in managing requests for information and records from internal and external colleagues, external partners and agencies (such as the Police, Solicitors etc.) and members of the public, which may include patient and employee personal records.
  • To support, where necessary, Freedom of Information compliance at CityCare, including the provision of advice and guidance to all employees.
  • To be responsible for records management supplies and stock, including the sourcing of appropriate electronic filing systems, internal/external storage solutions and archiving materials such as folders / boxes etc.
  • Undertake any other duties which may reasonably be required within the Service and as delegated by the Head of Information Security & Data Protection Officer, including deputising as required.

Job description

Job responsibilities

Job Purpose

  • Working within a busy Information Security team, the post holder will work closely with the Head of Information Security & Data Protection Officer to provide a high-quality Records Management and Data Protection Service to CityCare's Directorates.
  • The post holder will assist the Head of Information Security & Data Protection Officer in providing vital support primarily to the Records Management, Subject Access and Access to Information functions, whilst providing project support to aid organisational compliance in records management/processing, archiving, retention and destruction.
  • The post holder will assist the Head of Information Security & Data Protection Officer in fulfilling their statutory duties, including but not limited to, compliance with relevant Records Management Code of Practice/Standards, Data Protection legislation and the Data Security and Protection Toolkit submission.

Dimensions

  • The post holder will plan, coordinate and deliver a range of projects and records management programmes for all types of personal and corporate data, including health/corporate records frameworks, electronic and paper-based procedures, records digitisation, archiving/retrieval and destruction of records.
  • The post holder will also provide assistance to Managers and Project Leads in the proper standards of the organisation of patient/personal and corporate records, ensuring effective management and appropriate storage of records guided by clear policies and procedures, with implementation of robust audits for all CityCare services.
  • The Records Management Officer will assist with the monitoring of policy reviews and take ownership of the Records Management policy and associated standard operating procedures/guidance, whilst supporting with the implementation and delivery of Records Management training and increasing staff awareness of Records Management processes.

Key Responsibilities

  • To act as a point of contact for records management queries and requests for support which includes monitoring the shared mailbox and coordinating responses to internal and external colleagues.
  • To maintain relationships with members of the public and internal / external stakeholders whilst ensuring that queries are dealt with confidentiality and sensitively, effectively and of high standard, whilst using own judgement to decide on the course of action.
  • To support the organisation with its aims to become a paper light / paper less organisation, including the provisions of records storage, processing and management within specific digitisation projects, for example, Office 365 (SharePoint / OneDrive / Channels etc.), ensuring compliance with law and best practice.
  • To contribute to the development of organisational policies, procedures, and guidance including monitoring of review dates and publication on the organisations intranet and website.
  • To support Managers to implement these processes and embed policies effectively into everyday practice.
  • To provide support and specialist advice and guidance to all levels of the organisation on the appropriate legislation and best practice in relation to all areas of records management, including, but not limited to, paper-based, electronic and digitisation processes for clinical(patient records), employee, and corporate records.
  • To develop and implement an audit plan of clinical and corporate records, ensuring appropriate access and storage (physically and on electronic systems) security is adhered, reporting any findings to the relevant Committee and escalating concerns to the Head of Information Security& Data Protection Officer.
  • To provide support to Managers and Project Leads in the completion of relevant records management risk assessments, providing advice and guidance to all staff in relation to health, employee and corporate records risks, liaising closely with the Head of Information Security to mitigate and investigate risks/concerns.
  • To provide support to Managers and Project Leads in the implementation of relevant records management processes such as the tracking, retrieval, filing, destruction and archiving of clinical and corporate records, on site and off site, using the appropriate systems and methods, whilst ensuring compliance with Data Protection Legislation and Records Management standards.
  • To plan, coordinate and deliver a range of projects and training programmes including, but not limited to, Records Management, ensuring specific targets are met.
  • To work proactively with the organisations Information Asset Owners and the Information Security Officer to ensure that records of processing activities are understood, recorded, and maintained. This will include the ensuring that the Information Asset Owners/Privacy Officers are supported in their role, escalating any concerns to the Head of Information Security & Data Protection Officer, and/or SIRO as required.
  • To support, where required, with data breaches / records management incidents, ensuring that Managers are recording in line with the organisations policies and appropriate actions are taken as quickly as possible and are escalated accordingly. This may also include reviewing audit trails, checking individual accounts and producing relevant reports, and reporting to the Regulator as appropriate.
  • To provide assistance / support with the organisations submission of the Data Security and Protection Toolkit, working with internal and external colleagues to collate the relevant evidence to ensure the organisation can demonstrate compliance.
  • To assist with the production of a communications plan to raise employee awareness, which could include posters, leaflets, articles and maintenance of the Information Security pages of the intranet.
  • To provide an administrative support to the Service, and to assist, where necessary, with the administration of the Records Management Group including agendas, papers, and reports.
  • The Records Management Officer will lead on specific items of the Records Management Group and may also be expected to Chair the Records Management Group as required.
  • To attend relevant Records Management meetings, seminars and conferences as necessary, providing feedback to relevant colleagues and committees and where necessary, deputising for the Head of Information Security & Data Protection Officer.
  • To develop and maintain strong working relationships with a range of internal and external colleagues, such as the Caldicott Guardian, Senior Information Risk Owner, Records Management Officers, Information Security Officers, Privacy Officers, Digital Leads, Business Intelligence and Cyber Security colleagues.
  • To support, where necessary, the Subject Access Request process by providing high level and complex advice as needed to CityCares virtual Access to Records team. This will require providing advice and guidance in managing requests for information and records from internal and external colleagues, external partners and agencies (such as the Police, Solicitors etc.) and members of the public, which may include patient and employee personal records.
  • To support, where necessary, Freedom of Information compliance at CityCare, including the provision of advice and guidance to all employees.
  • To be responsible for records management supplies and stock, including the sourcing of appropriate electronic filing systems, internal/external storage solutions and archiving materials such as folders / boxes etc.
  • Undertake any other duties which may reasonably be required within the Service and as delegated by the Head of Information Security & Data Protection Officer, including deputising as required.

Person Specification

Qualifications

Essential

  • Knowledge of a range of Records Management areas acquired through qualification to degree or equivalent level or relevant experience.
  • Demonstrated experience of coordinating large projects in complex and challenging environments.

Desirable

  • Certificate or equivalent in a Records Management related discipline.
  • Project Management qualification

Experience

Essential

  • Evidence of working in a Records Management / Information Security or Information Governance role.
  • A good working knowledge of Data Protection legislation and ability to interpret legislative frameworks and guidance (UK GDPR, DPA18, Access to Information, Records Management Code of Practice, FOIA etc.)
  • Evidence of designing and delivering presentations / training to a large group.
  • Evidence of delivering projects to agreed timescales.

Desirable

  • Experience of working within the NHS.
  • Experience of using NHS Management Systems such as ESR and Datix.

Knowledge and skills

Essential

  • Advanced/specialist knowledge of records management legislation / best practice and experience of providing complex advice to a range of stakeholders on storage, archiving and destruction of personal and corporate records
  • Good working knowledge of Microsoft Office 365 products and applications, including Outlook.
  • Experience of SharePoint / OneDrive / Sites development and maintenance.
  • Experience of using/implementing records management tracking systems and processes
  • Excellent written and verbal skills.
  • Ability to prepare and produce clear, concise communications for a variety of audiences.
  • Experience of policy and procedural development and implementation.
  • Evidence of problem-solving skills and providing advice, based upon own judgement / decision making, with minimal supervision.
  • Excellent time management skills, with the ability to manage own workload.
  • Evidence of developing trusted relationships with a wide range of internal and external colleagues.
  • Understanding of risks / risk management in a records / data security environment.
  • Evidence of personal development and keeping up to date with changing Data Protection law.
  • Knowledge of information governance best practice requirements and standards including Caldicott Principles, Subject Access Requests, Freedom of Information, Environmental nformation and Data Protection (including the Confidentiality, Security, Integrity and Availability of information).
  • Ability to work as part of a team, delivering a set a of agreed objectives.

Desirable

  • Conflict management and negotiation skills.
  • Experience of administrative tasks such as minute taking / actions logs.
  • Experience of Chairing meetings.

Special Requirements

Essential

  • Ability to be flexible over hours worked within contracted hours to meet the needs of the service.
  • Ability to work out of hours (within reason).
  • Able to attend the office at least 2 days per week and to travel to various locations / CityCare bases.
Person Specification

Qualifications

Essential

  • Knowledge of a range of Records Management areas acquired through qualification to degree or equivalent level or relevant experience.
  • Demonstrated experience of coordinating large projects in complex and challenging environments.

Desirable

  • Certificate or equivalent in a Records Management related discipline.
  • Project Management qualification

Experience

Essential

  • Evidence of working in a Records Management / Information Security or Information Governance role.
  • A good working knowledge of Data Protection legislation and ability to interpret legislative frameworks and guidance (UK GDPR, DPA18, Access to Information, Records Management Code of Practice, FOIA etc.)
  • Evidence of designing and delivering presentations / training to a large group.
  • Evidence of delivering projects to agreed timescales.

Desirable

  • Experience of working within the NHS.
  • Experience of using NHS Management Systems such as ESR and Datix.

Knowledge and skills

Essential

  • Advanced/specialist knowledge of records management legislation / best practice and experience of providing complex advice to a range of stakeholders on storage, archiving and destruction of personal and corporate records
  • Good working knowledge of Microsoft Office 365 products and applications, including Outlook.
  • Experience of SharePoint / OneDrive / Sites development and maintenance.
  • Experience of using/implementing records management tracking systems and processes
  • Excellent written and verbal skills.
  • Ability to prepare and produce clear, concise communications for a variety of audiences.
  • Experience of policy and procedural development and implementation.
  • Evidence of problem-solving skills and providing advice, based upon own judgement / decision making, with minimal supervision.
  • Excellent time management skills, with the ability to manage own workload.
  • Evidence of developing trusted relationships with a wide range of internal and external colleagues.
  • Understanding of risks / risk management in a records / data security environment.
  • Evidence of personal development and keeping up to date with changing Data Protection law.
  • Knowledge of information governance best practice requirements and standards including Caldicott Principles, Subject Access Requests, Freedom of Information, Environmental nformation and Data Protection (including the Confidentiality, Security, Integrity and Availability of information).
  • Ability to work as part of a team, delivering a set a of agreed objectives.

Desirable

  • Conflict management and negotiation skills.
  • Experience of administrative tasks such as minute taking / actions logs.
  • Experience of Chairing meetings.

Special Requirements

Essential

  • Ability to be flexible over hours worked within contracted hours to meet the needs of the service.
  • Ability to work out of hours (within reason).
  • Able to attend the office at least 2 days per week and to travel to various locations / CityCare bases.

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Employer details

Employer name

Nottingham CityCare Partnership CIC

Address

Aspect House, Aspect Business Park

26 Bennerley Road

Bulwell

Nottinghamshire

NG6 8WR


Employer's website

https://www.nottinghamcitycare.nhs.uk/ (Opens in a new tab)

Employer details

Employer name

Nottingham CityCare Partnership CIC

Address

Aspect House, Aspect Business Park

26 Bennerley Road

Bulwell

Nottinghamshire

NG6 8WR


Employer's website

https://www.nottinghamcitycare.nhs.uk/ (Opens in a new tab)

For questions about the job, contact:

Head of Information Security

Gareth Jones

gareth.jones22@nhs.net

07920861731

Date posted

15 April 2024

Pay scheme

Agenda for change

Band

Band 5

Salary

£28,407 to £34,581 a year

Contract

Fixed term

Duration

18 months

Working pattern

Full-time

Reference number

B9826-PGCE-6005

Job locations

Aspect House, Aspect Business Park

26 Bennerley Road

Bulwell

Nottinghamshire

NG6 8WR


Supporting documents

Privacy notice

Nottingham CityCare Partnership CIC's privacy notice (opens in a new tab)