Job summary
This is an exciting opportunity to lead the information governance team at Liverpool University Hospital NHS Trust. The Information Governance team ensure compliance with the Data Security Protection Toolkit, Manage the digital risk log. monitor audits and outcomes, manage incidents and manage the digital change control process. The team provides expert advice and policies to staff across LUHFT
We are looking for a motivated and enthusiastic person who is able to work, learn and actively contribute in leading the team and the IG agenda in the Trust. The ideal candidates must have leadership experience, excellent communication skills and expert knowledge of data protection/GDPR .
LUHFT is currently embarking on the CaRL programme (care record Liverpool) which will implement an EPR across the organisation. This will create significant changes in the digital landscape and will help support our clinical teams across all sites. This is an exciting and challenging time to join the systems support team.
Main duties of the job
See job description for further details
The Information Governance Manager will lead the development, planning and management of the Information Governance (IG services and agenda) for the Trust.
The highly skilled and qualified individual will be key to the advancement, implementation and monitoring of legislation and national guidance in relation to information privacy, security and access.
The post will play a key role in the delivery and improvement of the Data Security and Protection Toolkit standards, data handling and data security.
Management of the Information Governance Team is a key part of the role; including recruitment, training, professional development, conducting appraisal, managing and monitoring of annual leave, flexi-time & sickness, mandatory training, health & safety assessments etc.
The post holder will work closely with the Cyber Security Manager to provide a robust service. The Cyber Security Manager and the Information Governance Manager will share some of the teams resources and will provide professional cover for each other as required.
About us
Liverpool University Hospitals NHS Foundation Trust was created on 1 October 2019 following the merger of two adult acute Trusts, Aintree University Hospital NHS Foundation Trust and the Royal Liverpool and Broadgreen University Hospitals NHS Trust.
The merger provides an opportunity to reconfigure services in a way that provides the best healthcare services to the city and improves the quality of care and health outcomes that patients experience.
The Trust runs Aintree University Hospital, Broadgreen Hospital, Liverpool University Dental Hospital and the Royal Liverpool University Hospital.
It serves a core population of around 630,000 people across Merseyside as well as providing a range of highly specialist services to a catchment area of more than two million people in the North West region and beyond.
To hear more about our achievements click herehttps://www.liverpoolft.nhs.uk/media/13089/1606-annual-report-booklet_final.pdf
Follow us on Social Media:
Facebook - Liverpool University Hospitals Careers
Instagram - @LUHFTcareers
Twitter - @LUHFTcareers
Job description
Job responsibilities
To lead the development and planning of IG/CS across the Trust developing appropriate strategy, policy and procedure documents and establishing and maintaining processes and structures
Review, interpret and localise NHS England / NHS Digital and other legislative requirements to identify and set the required goals and standards for the Trust Board to meet its IG/CS requirements.
Ensure appropriate information sharing agreements (ISAs) are in place when sharing of confidential and sensitive information
Investigate and report on CS and IG incidents, including establishing causes and determining appropriate corrective and/or preventative actions
Develop and provide the highest level of specialist knowledge on IG/CS to the Trust Board and senior managers and identify and provide guidance and information in relation to related issues
Co-ordinate the Trusts IG/CS annual work programme, based on the Data Security and Protection Toolkit (DSPT), ensuring an integrated programme to maintain and improve organisational performance across the range of related information-handling areas
To be responsible for analysing complex and inter-linked IG/CS issues (e.g. software versions, access methods and pathways, system specifications, changes to legislation etc.) and ensure that they are resolved effectively.
To investigate and make recommendations about any breaches highlighted in the compliance audits and report findings back through the agreed IG reporting structure
To lead on the provision of advice and guidance on designs, solutions and services from an IG/IS perspective, especially around ensuring compliance of internally delivered systems as well as suppliers systems to the specified requirements
See job description for further details
Job description
Job responsibilities
To lead the development and planning of IG/CS across the Trust developing appropriate strategy, policy and procedure documents and establishing and maintaining processes and structures
Review, interpret and localise NHS England / NHS Digital and other legislative requirements to identify and set the required goals and standards for the Trust Board to meet its IG/CS requirements.
Ensure appropriate information sharing agreements (ISAs) are in place when sharing of confidential and sensitive information
Investigate and report on CS and IG incidents, including establishing causes and determining appropriate corrective and/or preventative actions
Develop and provide the highest level of specialist knowledge on IG/CS to the Trust Board and senior managers and identify and provide guidance and information in relation to related issues
Co-ordinate the Trusts IG/CS annual work programme, based on the Data Security and Protection Toolkit (DSPT), ensuring an integrated programme to maintain and improve organisational performance across the range of related information-handling areas
To be responsible for analysing complex and inter-linked IG/CS issues (e.g. software versions, access methods and pathways, system specifications, changes to legislation etc.) and ensure that they are resolved effectively.
To investigate and make recommendations about any breaches highlighted in the compliance audits and report findings back through the agreed IG reporting structure
To lead on the provision of advice and guidance on designs, solutions and services from an IG/IS perspective, especially around ensuring compliance of internally delivered systems as well as suppliers systems to the specified requirements
See job description for further details
Person Specification
Qualifications
Essential
- Educated to Masters Degree level or equivalent qualification
- Data Protection and/or Information Security qualification (ISEB/BCS)
- PRINCE 2 Foundation Certificate
- Evidence of continuous professional development in Information Governance & Information Security
Desirable
- 3 Freedom of Information qualification (ISEB/BCS)
Experience
Essential
- Demonstrable experience working in Information Governance / Information Security
- Able to apply a range of specialist knowledge and expertise in Information Governance/Security management
- The ability to identify, interpret and prioritise key information governance/security issues for senior management and Board review and consideration
- Experience of managing change
- The ability to analyse and review a range of diverse complex information and produce periodic reports for a wide range of audiences
- Experience and ability to work with managed staff at all levels and external agencies
- Experience in managing staff - including performance management, managing sickness absence and disciplinary issues and managing resources
- Excellent IT skills, including keyboard skills and experience of Microsoft Office packages and bespoke databases, preferably including computerised hospital administration systems
- Proven experience of providing specialist advice and assistance on IG matters to client organisations in a timely and auditable manner
- Sound experience of writing or implementing NHS security policies and procedures
- Proven experience of providing specialist advice and guidance with regard to the methodologies and processes that are used for policy implementation
- Proven experience of designing and specifying standards for IG based on ISO2700/ISF Standard of Good Practice
- Significant experience of implementing and monitoring the DSP Toolkit
- In depth experience of project planning, management and control
- Experience of IG/CS incident investigation.
- Experience of providing IG/CS training and awareness programmes and material.
Knowledge & Skills
Essential
- Good facilitation, influencing and conflict resolution skills
- Good understanding of communication strategies and approaches in relation to sensitive and contentious issues and incidents
- Excellent at verbal and written presentation and communication skills with the confidence to address a variety of internal and external audiences, including senior management, clinicians and the public
- An excellent practical understanding of: The Data Protection Act 2018 General Data Protection Regulation The Access to Health Records Act 1990 The Freedom of Information Act 2000 The Environmental Information Regulations 2004 Confidentiality: The NHS Code of Practice ISO 27001/27002 ISF Standard of Good Practice 2016
- High level of knowledge ofIG/IS and related statutory changes and initiatives.
- Excellent understanding of IG/CS needs of NHS organisations
- Excellent understanding of the DSP toolkit requirements
- Ability to develop good working relationships within a multidisciplinary team
- Ability to plan and organise workload under own initiative
- Ability to work to tight deadlines and meet targets
- Excellent organisational skills
- Ability to think and act fast to deliver pragmatic and effective solutions in a working environment despite obstacles
- Excellent written and verbal communication skills including confident public speaking
- Ability to produce effective documentation for audiences ranging from highly technical to non-technical
- Excellent negotiation and persuasion skills
Person Specification
Qualifications
Essential
- Educated to Masters Degree level or equivalent qualification
- Data Protection and/or Information Security qualification (ISEB/BCS)
- PRINCE 2 Foundation Certificate
- Evidence of continuous professional development in Information Governance & Information Security
Desirable
- 3 Freedom of Information qualification (ISEB/BCS)
Experience
Essential
- Demonstrable experience working in Information Governance / Information Security
- Able to apply a range of specialist knowledge and expertise in Information Governance/Security management
- The ability to identify, interpret and prioritise key information governance/security issues for senior management and Board review and consideration
- Experience of managing change
- The ability to analyse and review a range of diverse complex information and produce periodic reports for a wide range of audiences
- Experience and ability to work with managed staff at all levels and external agencies
- Experience in managing staff - including performance management, managing sickness absence and disciplinary issues and managing resources
- Excellent IT skills, including keyboard skills and experience of Microsoft Office packages and bespoke databases, preferably including computerised hospital administration systems
- Proven experience of providing specialist advice and assistance on IG matters to client organisations in a timely and auditable manner
- Sound experience of writing or implementing NHS security policies and procedures
- Proven experience of providing specialist advice and guidance with regard to the methodologies and processes that are used for policy implementation
- Proven experience of designing and specifying standards for IG based on ISO2700/ISF Standard of Good Practice
- Significant experience of implementing and monitoring the DSP Toolkit
- In depth experience of project planning, management and control
- Experience of IG/CS incident investigation.
- Experience of providing IG/CS training and awareness programmes and material.
Knowledge & Skills
Essential
- Good facilitation, influencing and conflict resolution skills
- Good understanding of communication strategies and approaches in relation to sensitive and contentious issues and incidents
- Excellent at verbal and written presentation and communication skills with the confidence to address a variety of internal and external audiences, including senior management, clinicians and the public
- An excellent practical understanding of: The Data Protection Act 2018 General Data Protection Regulation The Access to Health Records Act 1990 The Freedom of Information Act 2000 The Environmental Information Regulations 2004 Confidentiality: The NHS Code of Practice ISO 27001/27002 ISF Standard of Good Practice 2016
- High level of knowledge ofIG/IS and related statutory changes and initiatives.
- Excellent understanding of IG/CS needs of NHS organisations
- Excellent understanding of the DSP toolkit requirements
- Ability to develop good working relationships within a multidisciplinary team
- Ability to plan and organise workload under own initiative
- Ability to work to tight deadlines and meet targets
- Excellent organisational skills
- Ability to think and act fast to deliver pragmatic and effective solutions in a working environment despite obstacles
- Excellent written and verbal communication skills including confident public speaking
- Ability to produce effective documentation for audiences ranging from highly technical to non-technical
- Excellent negotiation and persuasion skills
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
