Data Security and Protection Manager

County Durham & Darlington NHS Foundation Trust

This job is now closed

Job summary

The Co Durham and Darlington NHS FT Health Informatics Service is pleased to offer an exciting opportunity to join our Data Security & Protection (DSP) Team. We are looking for highly motivated and enthusiastic individual to effectively manage and deliver the DSP framework.

As a DSP manager you will play a pivotal role in the continuing improvement and development of DSP agenda as well as a providing key support to all levels of staff in the Trust.

Technical knowledge and understanding in the cyber security area or similar would be beneficial to this role.

Please note that AI generated Applications will not be considered.

Main duties of the job

The successful candidate will be responsible for the annual submission of the Data Security and Protection Toolkit working closely with all Digital teams and nominated Trust Group leads.

You will work closely with the Data Security and Protection Manager and Head of Department to ensure all projects, new services, systems and applications undertaken by the Trust have the relevant compliance with DSP and cyber requirements.

The post holder will have knowledge and understanding of all information rights legislation providing guidance to the Trust

Complete monitoring and compliance audits, working closely with the Digital teams and information asset owners to ensure they are scheduled, analysed with options appraisals, recommendations and report to the necessary committees.

This role includes providing system administration for the Trust's Information Asset Management system, supporting the Senior and Information Asset Owners to ensure the Trusts ongoing compliance and improvement in this area

General knowledge and experience of data security incidents, software vulnerabilities, data protection and risk management methodology to report compliance and assurance.

About us

If you are being interviewed you must accept an interview slot in the system to continue, even if you have arranged with the manager

You must be able to produce ALL certificates stated essential in the person specification or you will not be able to complete pre-employment checks

We provide hospital services from two acute sites - Darlington Memorial Hospital and University Hospital of North Durham. We have a centre for planned care in Bishop Auckland and provide care from community hospitals in Chester-le-Street, Shotley Bridge, Barnard Castle, Sedgefield and Weardale as well as over 80 other community based settings and providing care in patients' homes.

We particularly welcome applications from disabled and Black, Asian and Minority Ethnic (BAME) candidates as BAME and disabled people are currently under-represented

From April 1 2024 we are unable to offer sponsorship for healthcare roles that do not meet the minimum salary, If you are in the UK on a VISA please ensure you have no restrictions that would prevent you from taking this post.

Full Job Descriptions can be found in the adverts supporting documents

Date posted

21 February 2025

Pay scheme

Agenda for change

Band

Band 7

Salary

£46,148 to £52,809 a year

Contract

Permanent

Working pattern

Full-time, Flexible working

Reference number

C9439-25-0162

Job locations

Darlington Memorial Hospital NHS Trust

Hollyhurst Road

Darlington

County Durham

DL3 6HX

Job description

Job responsibilities

The post holder will engage with all clinical and corporate services having the ability to meet tight deadlines, managing multiple projects, delivering the Trusts Data Security and Protection agenda and overall digital strategy. This post holder will be the DSP point of contact for all Trust staff for information, support and guidance for local, regaional and national DSP programs.

The role requires the post holder to digest, understand and articulate to relevant groups including technical data security risks, general risk analysis, incident management with cyber security compliance skills ensuring information rights legislation compliance is met.

Throurough analysis of risks, issues, incidents with options and recommendations reporting to provide regular assurance to the Trust Board.

Cyber risk compliance reports are required by the Trust Board, working with the IT Security Manager to ensure accurate and relevant risks and controls are escalated and implemented.

Developing and delivering training and awareness packages for staff of all levels to support completion and compliance in DSP areas.

Research and reporting of future DSP, cyber, technical and legal requirements required to support the DSP management team in developing strategy, workplans and frameworks to meet the relevant requirements.

Ensuring any development work streams and projects contain relevant data protection compliance offiering guidance to leads and external stakeholders where necessary.

The role will work with the Trust Data Protection Officer, responding to complaints, offering guidance and completing investigations, reporting the outcome to the requestors and Regulator.

Job description

Job responsibilities

Throurough analysis of risks, issues, incidents with options and recommendations reporting to provide regular assurance to the Trust Board.

Cyber risk compliance reports are required by the Trust Board, working with the IT Security Manager to ensure accurate and relevant risks and controls are escalated and implemented.

Developing and delivering training and awareness packages for staff of all levels to support completion and compliance in DSP areas.

Ensuring any development work streams and projects contain relevant data protection compliance offiering guidance to leads and external stakeholders where necessary.

The role will work with the Trust Data Protection Officer, responding to complaints, offering guidance and completing investigations, reporting the outcome to the requestors and Regulator.

Person Specification

Qualifications

Essential

Degree level or equivalent experience.
Management qualification or equivalent experience.
Computer and IT skills to include: word processing, PowerPoint, excel, access databases. Advanced keyboard skills.
Evidence of continuing professional development
Relevant industry standard qualifications such as ISEB relating to DSP initiatives.

Desirable

Qualified in PRINCE 2 project management or equivalent

Special Skills and Knowledge

Essential

Ability to communicate complex / sensitive data to all levels of trust staff and external partners
Provide effective operational leadership in respect of DSP within the organisation and partner organisations both locally and regionally.
Experience in data analysis where a number of different and wide ranging elements will need to be taken into account.
Knowledge and experience in developing and maintaining records and documentation
Able to deliver to tight deadlines.
Experience of managing resources.
Able to multi task a number of work streams with changing timescales.
Ability To deal with difficult and sensitive situations
Experience of complex report writing for Trust Boards, presenting escalation and outcomes.

Desirable

Specialist knowledge of best practice in the field of Information Governance and relevant legislation.
Working knowledge of the business and role of the Trust in which employed

Special Requirements

Essential

Ability to travel and work across all sites as required to meet the requirements of the post.
Ability to work outside core times, potentially at short notice.

Desirable

Holds full driving licence

Experience

Essential

Substantial practical Information governance experience.
Experience of line management including appraisals, interviewing and sickness management.
Experience of developing training materials
Experience in data analysis
Being able to deliver to tight deadlines.
Experience of managing resources.

Desirable

PRINCE2 methodologies
Experience in delivery of training material to large groups of staff
Experience of working with difficult and sensitive situations
Experience of working in a health care setting

Person Specification

Qualifications

Essential

Degree level or equivalent experience.
Management qualification or equivalent experience.
Computer and IT skills to include: word processing, PowerPoint, excel, access databases. Advanced keyboard skills.
Evidence of continuing professional development
Relevant industry standard qualifications such as ISEB relating to DSP initiatives.

Desirable

Qualified in PRINCE 2 project management or equivalent

Special Skills and Knowledge

Essential

Ability to communicate complex / sensitive data to all levels of trust staff and external partners
Provide effective operational leadership in respect of DSP within the organisation and partner organisations both locally and regionally.
Experience in data analysis where a number of different and wide ranging elements will need to be taken into account.
Knowledge and experience in developing and maintaining records and documentation
Able to deliver to tight deadlines.
Experience of managing resources.
Able to multi task a number of work streams with changing timescales.
Ability To deal with difficult and sensitive situations
Experience of complex report writing for Trust Boards, presenting escalation and outcomes.

Desirable

Specialist knowledge of best practice in the field of Information Governance and relevant legislation.
Working knowledge of the business and role of the Trust in which employed

Special Requirements

Essential

Ability to travel and work across all sites as required to meet the requirements of the post.
Ability to work outside core times, potentially at short notice.

Desirable

Holds full driving licence

Experience

Essential

Substantial practical Information governance experience.
Experience of line management including appraisals, interviewing and sickness management.
Experience of developing training materials
Experience in data analysis
Being able to deliver to tight deadlines.
Experience of managing resources.

Desirable

PRINCE2 methodologies
Experience in delivery of training material to large groups of staff
Experience of working with difficult and sensitive situations
Experience of working in a health care setting

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.