Job summary
We are looking for a skilled and enthusiastic Information Compliance professional to join our Information Governance Team.
The successful candidate will be key in providing assurance to the Trust of the protection of information, through the development, maintenance and audit of information security and compliance controls.
You should possess a good understanding of security around records including those containing personal identifiable information and have an understanding of legislative and technical obligations in relation to their security.
Excellent communication skills and a customer focus are key attributes that the successful candidate must be able to demonstrate due to the constant interaction and support required in supporting colleagues through these activities.
This is an exciting opportunity to work in a challenging but rewarding environment, helping the Trust to deliver the best possible care.
Please note that this is a hybrid role. The successful candidate will be able to work from home but will be expected to attend an office 40% of the time. The team currently has offices at Flatts Lane, Middlesbrough and Lanchester Road Hospital, Co. Durham. Due to the nature of the role it is essential that applicants are able to travel independently across the locality and have access to a suitable vehicle for business purposes. If necessary, adjustments can be considered in accordance with the Equality Act 2010.
Main duties of the job
The successful candidate will need to have demonstrable experiencein:
3rd Party Compliance and Security assessments - audit and standards
Investigations into information security incidents and data breaches
Understanding of the Digital Technology Assessment Criteria (DTAC) NHS best practice.
Experience of the Data Security and Protection Toolkit - CAF Aligned
Experience of safe sharing of information
Knowledge of the Data protection Impact Assessments (DPIA)
About us
We are the Mental Health & Learning Disability NHS Trust for County Durham and Darlington, Teesside, North Yorkshire, York and Selby.
From education and prevention, to crisis and specialist care --our talented and compassionate teams work in partnership with our patients, communities and partners to help the people of our region feel safe, understood, believed in and cared for.
We nurture the recovery journey of anyone in need of our help. In Our Trust, everyone has a say in how they are supported and treated because we listen to every person in our care until they feel understood. Our patients, their families and carers work together with us towards better mental health.
We're committed to new thinking that improves the wellbeing of our region. We connect with our communities and partners to get mental health care right, in areas that really need it.
We won't rest until everyone in our region has the mental health care they need, to lead their best possible life.
Job description
Job responsibilities
Please refer to the attached job description and person specification for further detailed information to ensure that you meet the role criteria before applying.
You must have the Right to Work in the UK in order to be successfully appointed to this role. Please note, this role does not meet the required eligibility criteria for sponsorship under the Skilled Worker visa and therefore the Trust is unable to offer sponsorship for this particular role.
Job description
Job responsibilities
Please refer to the attached job description and person specification for further detailed information to ensure that you meet the role criteria before applying.
You must have the Right to Work in the UK in order to be successfully appointed to this role. Please note, this role does not meet the required eligibility criteria for sponsorship under the Skilled Worker visa and therefore the Trust is unable to offer sponsorship for this particular role.
Person Specification
Qualifications
Essential
- Educated to degree standard or equivalent in a relevant subject
- CISMP accreditation (Certificate in Information Security Management Principles)
Desirable
- Masters degree or further professional qualification
- ISEB Practitioner Certificate in Information Risk Management
Knowledge/Skills/Experience
Essential
- Providing advice to all levels of staff on sometimes complex issues
- Experience of leading Information and Compliance Security Management within a large organisation
- Experience of audit activities such as the NHS Data Security and Protection Toolkit (CAF)
- Experience of managing and investigating information governance incidents and data breaches
- Experience of governance tools such as Data Protection Impact Assessments, Information Sharing Agreements, Non-Disclosure Agreements and System Access Arrangements
- Analysis of data from audit and other monitoring activities to draw conclusions, make recommendations and create action plans
- Experience of undertaking 3rd Party Audits and / or due diligence
- Excellent interpersonal, organisational and presentation skills
- Experience of using Microsoft Office software; Word, Excel, Outlook
- Experience of governance tools such as Data Protection Impact Assessments, Information Sharing Agreements, NonDisclosure Agreements and System Access Arrangements
- Standard keyboard skills
- Excellent communication skills; written and verbal
- Excellent interpersonal, organisational and presentation skills
- Analysis of data from audit and other monitoring activities to draw conclusions, make recommendations and create action plans
- Create monitoring and audit tools based on external standards, legislation, professional codes and local requirements
- Design and deliver training to all levels of staff
- Deal sensitively with a wide range of staff issues in an open manner
- Experience of information risk management
Desirable
- Experience of working in a health care setting with multi professional health care teams
- Project management experience
- Delivery of training to a wide range of staff; individual face -toface training and training large groups
- Report writing skills
- Demonstrable postgraduate level knowledge in the following areas: Data Protection Act and GDPR(UK) Information governance topics including: Information Security, Confidentiality, Data Quality, Encryption and Data Transfer
Personal Attributes
Essential
- Able to work in accordance with the Staff Compact and Trust Values and Behaviours
- Ability to work under the pressure of constant deadlines Committed to continual quality and service improvement.
- Self-aware and committed to continual professional and personal development. Able to accept and respond positively to feedback from supervision
- Committed to promoting a positive image of people with mental health conditions and learning disabilities
- Committed to promoting a positive image of the Information Services Division and the wider Trust
Person Specification
Qualifications
Essential
- Educated to degree standard or equivalent in a relevant subject
- CISMP accreditation (Certificate in Information Security Management Principles)
Desirable
- Masters degree or further professional qualification
- ISEB Practitioner Certificate in Information Risk Management
Knowledge/Skills/Experience
Essential
- Providing advice to all levels of staff on sometimes complex issues
- Experience of leading Information and Compliance Security Management within a large organisation
- Experience of audit activities such as the NHS Data Security and Protection Toolkit (CAF)
- Experience of managing and investigating information governance incidents and data breaches
- Experience of governance tools such as Data Protection Impact Assessments, Information Sharing Agreements, Non-Disclosure Agreements and System Access Arrangements
- Analysis of data from audit and other monitoring activities to draw conclusions, make recommendations and create action plans
- Experience of undertaking 3rd Party Audits and / or due diligence
- Excellent interpersonal, organisational and presentation skills
- Experience of using Microsoft Office software; Word, Excel, Outlook
- Experience of governance tools such as Data Protection Impact Assessments, Information Sharing Agreements, NonDisclosure Agreements and System Access Arrangements
- Standard keyboard skills
- Excellent communication skills; written and verbal
- Excellent interpersonal, organisational and presentation skills
- Analysis of data from audit and other monitoring activities to draw conclusions, make recommendations and create action plans
- Create monitoring and audit tools based on external standards, legislation, professional codes and local requirements
- Design and deliver training to all levels of staff
- Deal sensitively with a wide range of staff issues in an open manner
- Experience of information risk management
Desirable
- Experience of working in a health care setting with multi professional health care teams
- Project management experience
- Delivery of training to a wide range of staff; individual face -toface training and training large groups
- Report writing skills
- Demonstrable postgraduate level knowledge in the following areas: Data Protection Act and GDPR(UK) Information governance topics including: Information Security, Confidentiality, Data Quality, Encryption and Data Transfer
Personal Attributes
Essential
- Able to work in accordance with the Staff Compact and Trust Values and Behaviours
- Ability to work under the pressure of constant deadlines Committed to continual quality and service improvement.
- Self-aware and committed to continual professional and personal development. Able to accept and respond positively to feedback from supervision
- Committed to promoting a positive image of people with mental health conditions and learning disabilities
- Committed to promoting a positive image of the Information Services Division and the wider Trust
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
