Information Governance Manager (Information Rights&Records Management)

Royal Free London NHS Foundation Trust

Information:

This job is now closed

Job summary

This role forms part of the wider Information Governance service and has responsibility for the day to day management of the Information Rights and Records Management departments. This role will provide leadership and subject matter expertise to the departments and wider trust. This role will be required to undertake broader Information Governance duties in support of the Corporate Information Governance department.

Main duties of the job

The main duties for this role include:

  • Day to day management of the Information Rights and Records Management departments
  • Monitoring and improving department performance
  • Providing expert advice in all matters relating to Information Governance, in particular information rights and records management
  • Advising and leading on Data Protection Impact Assessments
  • Contract management
  • Supporting the trust's wider Information Governance agenda

About us

This is an exciting opportunity to join a large and highly skilled Information Governance department. The department continually invests in the professional development of team members, and works on complex local, national and regional projects which directly contributes to improved patient care.

Date posted

25 July 2024

Pay scheme

Agenda for change

Band

Band 7

Salary

£51,488 to £57,802 a year per annum inclusive of HCAS

Contract

Permanent

Working pattern

Full-time, Flexible working

Reference number

391-RFL-6389008-A

Job locations

Roy Shaw

3-5 Cressy Road

London

NW3 2ND


Job description

Job responsibilities

This role is responsible for delivering compliance with information governance policies across complex areas of clinical and corporate services. This role is also responsible for the proactive management of the Records Management and Information Rights service.

Delivery of the information governance assurance model, the delivery and operation of standardised tools, operational support and advice.

Developing and supporting a culture of high-quality information governance management practice including providing advice and guidance on the operation of corporate policies where appropriate to staff.

Implementing and supporting systems and practices which facilitate compliance with all legal, statutory and good practice requirements.

Advising on best practice in compliance with policies and staff training on aspects of local information governance policy.

Providing support to the Senior Information Risk Owner (SIRO) and Caldicott Guardian to ensure compliance with legal and ethical frameworks.

Supporting data protection providing complex advice to ensure operations work within the policy framework.

Delivering a programme of evidence gathering, monitoring, assessment and audit. This includes the management of assurance, evidence and audit of significant providers of services to the and the escalation of issues of quality, risk and management through the appropriate channels and in conjunction with the Senior Information Governance Manager and Senior Information Risk Owner.

Implement an overarching Information Governance strategy to meet statutory and legal requirements and an associated development plan.

Coordinate the management of and be responsible for the annual submission of the Data Security and Protection Toolkit assurance framework, ensuring that there is an auditable evidence base and to deliver satisfactory standard across all requirements.

Promote and monitor required information governance policies, procedures and guidance.

Liaise with the risk management function to ensure the mitigation of risk and financial loss to the by the disruption of services, including managing the information risk register.

Develop the information governance culture, working across stakeholders to communicate information governance standards and constantly seek to raise awareness.

Be an expert in the requirements of GDPR, FOI, EIR, and RPSI to facilitate best practice and ensure that this is communicated clearly and acted upon effectively.

Work actively with partners and stakeholders to ensure that the information governance processes meet best practice.

Undertake, and/or participate in the design, of local audits of compliance to information governance standards across stakeholders.

To be specifically responsible for ensuring GDPR, Caldicott and information sharing governance issues are escalated, managed and responded to in a timely way.

Provide specific advice and support to the Caldicott Guardian and SIRO to ensure the effective management, monitoring and audit of Information/Confidentiality risks throughout the organisation.

Provide information; awareness material and training to key post holders within the organisation, including but not limited to Information Asset Owners, Privacy Officer, Registration Authority staff, Records Management leads, IG Group, Senior Management Team (as required).

Manage the co-ordination of the Information Governance Group and collation of the documentation required to ensure the Information Governance Group meetings are scheduled, all documentation reviewed and approved prior to each meeting, then circulated in line with the Terms of Reference for the Group.

Manage the investigation of suspected and actual information governance breaches and when required produce formal reports of findings on reported adverse information security and confidentiality incidents. Ensure that lessons learnt are disseminated, and that the recommendations are audited to ensure continuing compliance.

Maintain a Caldicott issues log relating to all requests to share personally identifiable information and formally report these to the Information Governance Group along with trends.

Ensure that risk, issue and change registers for information governance are maintained and actioned, as appropriate.

Manage and support the delivery of an information asset register and embed the bespoke software and processes to map information assets and data flows.

Support Information Asset Owners and the SIRO in the management of Risk, through the delivery of Information Risk Register and associated action plans. Monitor actions delivered by key stakeholders and escalate as necessary.

Work with the nominated Information Security Officer in delivering the information security assurance programme. Provide updates to the organisation on key risks and priorities arising from ICT environment and changing requirements.

Communicate advice and guidance on changes to be considered to improve patient outcomes and business efficiency, through process review and technology.

Support staff and stakeholder in the provision of appropriate filing structures, access control and management of electronic information.

Support the delivery de-identification/ pseudonymisation projects and processes from an information governance perspective. Liaise with Informatics and ICT to ensure legal compliance and governance standards are met and implemented.

Responsible for the safe use of equipment in addition to personal equipment.

Responsible for providing training in information governance and undertaking basic workplace assessments of practice.

Setting the strategic direction of the FOI and/or Information Rights team and production of an annual work plan for the team.

Continual development of the FOI and/or Information Rights service.

Provide specialist FOI and/or Information Rights advice on legislation and application of exemptions.

Responsibility, for ensuring a robust and comprehensive FOI and/or Information Rights service.

Liaise with a wide range of external and internal stakeholders, assisting in the management of conflicting opinions to ensure clear FOI and/or Information Rights responses can be produced

Work in partnership with stakeholder to respond to FOI and/or Information Rights requests.

Work with Communications Leads to pre-empt communications issues arising from FOI and/or Information Rights requests and manage any reputational impact.

Work with stakeholder to support them in responding to requests including providing advice on how to respond to FOI and/or Information Rights requests and advising on exemptions that might apply.

Provide training on FOI/EIR/RPSI/information rights and approaches to developing responses.

Produces regular reports on numbers and themes of FOI/EIR/RPSI/information rights requests and the resources used to complete them

Develops relationships with NHS England and other stakeholders.

Keep up to date with developments in relevant legislation.

Responsibility for establishing and developing written procedures for the trust FOI and/or Information Rights service

Responsible for developing a publication scheme for the trust.

Responsibility for checking the quality of responses prior to release

Job description

Job responsibilities

This role is responsible for delivering compliance with information governance policies across complex areas of clinical and corporate services. This role is also responsible for the proactive management of the Records Management and Information Rights service.

Delivery of the information governance assurance model, the delivery and operation of standardised tools, operational support and advice.

Developing and supporting a culture of high-quality information governance management practice including providing advice and guidance on the operation of corporate policies where appropriate to staff.

Implementing and supporting systems and practices which facilitate compliance with all legal, statutory and good practice requirements.

Advising on best practice in compliance with policies and staff training on aspects of local information governance policy.

Providing support to the Senior Information Risk Owner (SIRO) and Caldicott Guardian to ensure compliance with legal and ethical frameworks.

Supporting data protection providing complex advice to ensure operations work within the policy framework.

Delivering a programme of evidence gathering, monitoring, assessment and audit. This includes the management of assurance, evidence and audit of significant providers of services to the and the escalation of issues of quality, risk and management through the appropriate channels and in conjunction with the Senior Information Governance Manager and Senior Information Risk Owner.

Implement an overarching Information Governance strategy to meet statutory and legal requirements and an associated development plan.

Coordinate the management of and be responsible for the annual submission of the Data Security and Protection Toolkit assurance framework, ensuring that there is an auditable evidence base and to deliver satisfactory standard across all requirements.

Promote and monitor required information governance policies, procedures and guidance.

Liaise with the risk management function to ensure the mitigation of risk and financial loss to the by the disruption of services, including managing the information risk register.

Develop the information governance culture, working across stakeholders to communicate information governance standards and constantly seek to raise awareness.

Be an expert in the requirements of GDPR, FOI, EIR, and RPSI to facilitate best practice and ensure that this is communicated clearly and acted upon effectively.

Work actively with partners and stakeholders to ensure that the information governance processes meet best practice.

Undertake, and/or participate in the design, of local audits of compliance to information governance standards across stakeholders.

To be specifically responsible for ensuring GDPR, Caldicott and information sharing governance issues are escalated, managed and responded to in a timely way.

Provide specific advice and support to the Caldicott Guardian and SIRO to ensure the effective management, monitoring and audit of Information/Confidentiality risks throughout the organisation.

Provide information; awareness material and training to key post holders within the organisation, including but not limited to Information Asset Owners, Privacy Officer, Registration Authority staff, Records Management leads, IG Group, Senior Management Team (as required).

Manage the co-ordination of the Information Governance Group and collation of the documentation required to ensure the Information Governance Group meetings are scheduled, all documentation reviewed and approved prior to each meeting, then circulated in line with the Terms of Reference for the Group.

Manage the investigation of suspected and actual information governance breaches and when required produce formal reports of findings on reported adverse information security and confidentiality incidents. Ensure that lessons learnt are disseminated, and that the recommendations are audited to ensure continuing compliance.

Maintain a Caldicott issues log relating to all requests to share personally identifiable information and formally report these to the Information Governance Group along with trends.

Ensure that risk, issue and change registers for information governance are maintained and actioned, as appropriate.

Manage and support the delivery of an information asset register and embed the bespoke software and processes to map information assets and data flows.

Support Information Asset Owners and the SIRO in the management of Risk, through the delivery of Information Risk Register and associated action plans. Monitor actions delivered by key stakeholders and escalate as necessary.

Work with the nominated Information Security Officer in delivering the information security assurance programme. Provide updates to the organisation on key risks and priorities arising from ICT environment and changing requirements.

Communicate advice and guidance on changes to be considered to improve patient outcomes and business efficiency, through process review and technology.

Support staff and stakeholder in the provision of appropriate filing structures, access control and management of electronic information.

Support the delivery de-identification/ pseudonymisation projects and processes from an information governance perspective. Liaise with Informatics and ICT to ensure legal compliance and governance standards are met and implemented.

Responsible for the safe use of equipment in addition to personal equipment.

Responsible for providing training in information governance and undertaking basic workplace assessments of practice.

Setting the strategic direction of the FOI and/or Information Rights team and production of an annual work plan for the team.

Continual development of the FOI and/or Information Rights service.

Provide specialist FOI and/or Information Rights advice on legislation and application of exemptions.

Responsibility, for ensuring a robust and comprehensive FOI and/or Information Rights service.

Liaise with a wide range of external and internal stakeholders, assisting in the management of conflicting opinions to ensure clear FOI and/or Information Rights responses can be produced

Work in partnership with stakeholder to respond to FOI and/or Information Rights requests.

Work with Communications Leads to pre-empt communications issues arising from FOI and/or Information Rights requests and manage any reputational impact.

Work with stakeholder to support them in responding to requests including providing advice on how to respond to FOI and/or Information Rights requests and advising on exemptions that might apply.

Provide training on FOI/EIR/RPSI/information rights and approaches to developing responses.

Produces regular reports on numbers and themes of FOI/EIR/RPSI/information rights requests and the resources used to complete them

Develops relationships with NHS England and other stakeholders.

Keep up to date with developments in relevant legislation.

Responsibility for establishing and developing written procedures for the trust FOI and/or Information Rights service

Responsible for developing a publication scheme for the trust.

Responsibility for checking the quality of responses prior to release

Person Specification

Education & professional Qualifications

Essential

  • Educated to degree level in relevant subject or equivalent level qualification or significant experience of working at a similar level in specialist area
  • Post -graduate degree in Management Studies or equivalent

Experience

Essential

  • Significant experience of successfully operating in a politically sensitive environment
  • Evidence of continued professional development
  • Demonstrated experience of co - ordinating projects in complex and challenging environments
  • Experience of managing risks and reporting
  • Significant demonstrable experience in managing information governance and FOI, or comparable process
  • Experience of monitoring budgets and business planning processes

Desirable

  • Experience of drafting briefing papers and correspondence at senior management level
  • Understanding of the public sector
  • Demonstrated experience in a Healthcare environment
  • Comprehensive knowledge of project principles, techniques and tools, such as Prince 2 Foundation and Microsoft Project

Skills and aptitudes

Essential

  • An eye for accuracy and detail.
  • Strong and positive communication skills.
  • Ability to persuade and motivate.
  • Excellent writing skills
  • Ability to maintain complex document logs.
  • Ability to contribute ideas for service improvement and development.
  • Excellent time management skills with an ability to prioritise
  • Ability to gather, analyse and report on data and information
  • Able to manage own workload.
  • Ability to organise complex schedules of work and diary management.
  • Advanced keyboard skills, use of a range of software.
  • Computer literate with good Microsoft Word and Excel skills
  • Demonstrated capability to act upon incomplete information, using experience to make inferences and decision making
  • Experience of setting up and implementing internal processes and procedures
  • Numerate and able to understand complex financial issues combined with deep analytical skills

Desirable

  • Manipulating information skills.

Personal Qualities & attributes

Essential

  • Collaborative and team approach to work.
  • Self -motivated and proactive approach with excellent interpersonal skills.
  • Demonstrated capabilities to manage own workload and make informed decisions in the absence of required information, working to tight and often changing timescales
Person Specification

Education & professional Qualifications

Essential

  • Educated to degree level in relevant subject or equivalent level qualification or significant experience of working at a similar level in specialist area
  • Post -graduate degree in Management Studies or equivalent

Experience

Essential

  • Significant experience of successfully operating in a politically sensitive environment
  • Evidence of continued professional development
  • Demonstrated experience of co - ordinating projects in complex and challenging environments
  • Experience of managing risks and reporting
  • Significant demonstrable experience in managing information governance and FOI, or comparable process
  • Experience of monitoring budgets and business planning processes

Desirable

  • Experience of drafting briefing papers and correspondence at senior management level
  • Understanding of the public sector
  • Demonstrated experience in a Healthcare environment
  • Comprehensive knowledge of project principles, techniques and tools, such as Prince 2 Foundation and Microsoft Project

Skills and aptitudes

Essential

  • An eye for accuracy and detail.
  • Strong and positive communication skills.
  • Ability to persuade and motivate.
  • Excellent writing skills
  • Ability to maintain complex document logs.
  • Ability to contribute ideas for service improvement and development.
  • Excellent time management skills with an ability to prioritise
  • Ability to gather, analyse and report on data and information
  • Able to manage own workload.
  • Ability to organise complex schedules of work and diary management.
  • Advanced keyboard skills, use of a range of software.
  • Computer literate with good Microsoft Word and Excel skills
  • Demonstrated capability to act upon incomplete information, using experience to make inferences and decision making
  • Experience of setting up and implementing internal processes and procedures
  • Numerate and able to understand complex financial issues combined with deep analytical skills

Desirable

  • Manipulating information skills.

Personal Qualities & attributes

Essential

  • Collaborative and team approach to work.
  • Self -motivated and proactive approach with excellent interpersonal skills.
  • Demonstrated capabilities to manage own workload and make informed decisions in the absence of required information, working to tight and often changing timescales

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

Royal Free London NHS Foundation Trust

Address

Roy Shaw

3-5 Cressy Road

London

NW3 2ND


Employer's website

https://www.royalfreelondonjobs.co.uk/ (Opens in a new tab)

Employer details

Employer name

Royal Free London NHS Foundation Trust

Address

Roy Shaw

3-5 Cressy Road

London

NW3 2ND


Employer's website

https://www.royalfreelondonjobs.co.uk/ (Opens in a new tab)

For questions about the job, contact:

Director of Information Governance

Kevin Winter

kevinwinter@nhs.net

07929789243

Date posted

25 July 2024

Pay scheme

Agenda for change

Band

Band 7

Salary

£51,488 to £57,802 a year per annum inclusive of HCAS

Contract

Permanent

Working pattern

Full-time, Flexible working

Reference number

391-RFL-6389008-A

Job locations

Roy Shaw

3-5 Cressy Road

London

NW3 2ND


Supporting documents

Privacy notice

Royal Free London NHS Foundation Trust's privacy notice (opens in a new tab)