NHS Birmingham and Solihull Integrated Care Board

Senior Information Governance Manager

Information:

This job is now closed

Job summary

The Senior Information Governance Manager will be the organisation's subject matter expert on all Information Governance (IG) related matters, and therecognised authority and advisor on all information governance matters. The postholder will provide an organisation-wide advisory and guidance service as well as expert advice and guidance to the ICB on confidentiality, data protection andinformation security.

The post holder will be the responsible person for the Data Protection Act and theGeneral Data Protection Regulation (GDPR) compliance for the ICB, includingmonitoring and reporting on compliance.

The post holder will work closely with the Associate Director of Governance (Data Protection Officer), and will manage the Information Governance and FOI Administrator, todeliver the ICB's information governance and Freedom of Information Actfunctions. In addition, the post holder will support and advise the ICB's SeniorInformation Risk Owner (SIRO), the Deputy Senior Information Risk Owner, the Data Protection Officer (DPO) and the Caldicott Guardian to deliver the requirements of their roles, as well as deputising for the DPO in their absence.

Main duties of the job

Provide and manage the ICB's IG Advice and Guidance Service:

Management of the Freedom of Information, Access to Health records, Subject Access request processes

Be an organisational lead on Information Governance Risk Management Activities, providing advice and support to other departments on effective risk management activities and methods.

Meet the ICB's obligations under our Assurance Framework, providing oversight reports on the ICB's IG 'health' and insight reports on specific risks, issues and opportunities

Lead the ICB's IG Incident Management, investigation and learning activities, supporting other functions in conducting local learning activities.:

Oversee the collation and submission of evidence for the annual Data Security and Protection Toolkit Compliance audit.

IG Policy and Procedure Management

Horizon Scanning and strategic planning of IG activities and developmental activities

Support the development and delivery of the IG Strategy:

Line Management, Leadership and Communication:

About us

Birmingham and Solihull Integrated Care System brings together local NHS, councils and voluntary, community and faith sectors to better serve our communities. With a population of circa 1.55 million, our vision is for BSOL to be the healthiest place to live and work, driving equity in life chances and health outcomes for everyone. For an chance to be part of the fantastic opportunity we have as an Integrated Care System, apply for this role today.

As a member of our system you will actively demonstrate system values in all that you do. You will be driven to address health inequalities and create an environment that is inclusive for all people.

In return NHS Birmingham and Solihull can offer you the opportunity to thrive and develop in a team that is supportive, ambitious and inclusive. You will have plenty of opportunities to build your skills and experience, with a chance to work with colleagues across our five Provider Trusts, two Local Authorities, voluntary organisations, Integrated Care Board (ICB) and NHS England to truly effect change and add value.

We know that diversity fosters creativity and innovation and are committed to challenging discrimination, promoting equality of opportunity for all, being a fair and inclusive employer, and creating a place of work in which all of us feel we belong.

Details

Date posted

24 May 2024

Pay scheme

Agenda for change

Band

Band 8b

Salary

£58,972 to £68,525 a year per annum

Contract

Permanent

Working pattern

Full-time

Reference number

CG10

Job locations

Alpha Tower

Suffolk Street Queensway

Birmingham

B1 1TT


Job description

Job responsibilities

The post holder is required to actively participate in ensuring the team functions effectively, communicates well and meets on a regular basis.Be the organisations subject matter expert on all Information Governance (IG) related matters. Be the recognised authority and advisor on all IG matters and assuch provide an organisation-wide advisory and guidance service.

Provide expert advice and guidance to the ICB on confidentiality, data protection, and information security.

Be the responsible person for the Data Protection Act and General Data Protection Regulation (GDPR) compliance for the ICB, including monitoring and reporting oncompliance.

Advise the ICB in relation to the roles and responsibilities of stakeholders, member practices and partners.

Ensure the ICB is compliant with all relevant legislation, guidance, regulation andbest practice in relation to IG.

Work with the ICBs partners, stakeholders, regulators, the Information Commissioners Office and NHS England to ensure that all necessary collaborative work is undertaken.

Act as the ICBs representative at high level meetings involving stakeholders.

Provide strategic planning oversight of the ICBs IG and Freedom of InformationAct functions, including in the context of the ICBs member practices and NHSEngland.

Advise the ICB on emerging issues, including changes to legislation and nationalguidance, including ensuring that appropriate plans are put in place for compliancewith the same.

Provide advice on highly complex IG and service development issues, includingworking to tight deadlines, where adjustment of plans may be required, or wherechallenges exist.

Retain and disseminate highly complex information, whilst maintaining the ability towork under pressure in a changing and deadline driven environment.

Represent and be the ICBs subject matter expert in relation to complex, sensitiveor contentious negotiations relating to IG matters, including where there areberries to resolution.

Make judgements involving complex facts or situations which require the analysis,interpretation and comparison of a range of options, associated with a frequent requirement for concentration where the work pattern is unpredictable and there isa requirement for prolonged concentration.Ensure that the ICB has an internal workplan, and a strategic plan in relation to the IG requirements of the ICBs membership, and ensure delivery of the same.

Ensure that member practice Data Protection Officers have access to appropriate support and expertise.

Proactively promote ICB wide IG awareness.

Design and deliver a comprehensive series of IG related training courses,including targeted and bespoke training where required, for all ICB staff, office holders members.

Hold corporate responsibility for developing, updating, co-ordinating reviews of and overseeing the implementation of agreed IG policies, guidelines and procedures.

Advise the ICBs Executive Team and DPO on the appropriateness of all IGrelated documents, including data sharing agreements, information asset registers, privacy impact assessments and privacy notices.

Act as a subject matter expert and manage the ICBs Freedom of Information Actprocess, including ensuring all IG requirements are fully addressed and thatresponses are produced within the statutory deadline.Develop, monitor, manage and undertake compliance audits with subject matter experts to ensure adherence to IG policies, guidelines and procedures.

Act as a subject matter expert and complete investigations into serious incidentsthat involve IG issues.

Provide support and expert advice in relation to serious incidents reported byproviders within the ICBs area, or affecting the ICBs patients where there will be aneed for tact and diplomacy and where the information being provided may be contentious.

Provide support and development skills to the Legal and Information Governance Officer, and work closely with them to ensure that all key milestones and IG requirements are met.

Act as subject matter expert in relation to records management and retention periods.

Advise and assist with the development of data privacy impact agreements, data sharing agreements and other key documents as required.

Supporting the Senior Information Risk Owner (SIRO) to achieve the keyresponsibilities of that post.

Support the Data Protection Officer (DPO) to deliver the requirements of the role, including providing specialist advice and acting as deputy in the post holders absence.

Manage and maintain the ICB information asset register and risk register, and provide support to information asset owners.

Work with the ICB's internal and external auditors to ensure all relevant evidence is available, and to act upon any recommendations made.

Support the Caldicott Guardian and act as deputy, making recommendations and advising on requests for information sharing.Maintain the Caldicott Log.

Be the point of contact for and liaise, where required, with the InformationCommissioners Office, NHS Digital, NHS England and other regulatory bodies.

Attend and act as deputy chair of the Information Governance Steering Group.

Prioritise own work effectively and direct activities of others.Manage and motivate the team and reviewing performance of individuals.

Hold the budget for IG expenditure and authorise expenditure in accordance with the ICBs Scheme of Reservation and Delegation.

Recruit and appoint new members of the team.

Manage the Information Governance Team, including the Information Governance and FOI Administrator, and any further members of the team that may be recruited in the future.

Hold responsibility for ensuring that the ICBs IG Toolkit is completed on time and achieves the highest level of compliance.Making decisions autonomously, when required, on difficult issues where there may be a number of options and contradicting advice whilst working to tight and often changing timescales.

Any other duties as may reasonably be required.

Leadership and ManagementThe postholder must lead and develop a high performing, outcome-focused and collaborative team that actively demonstrates the values of the ICS in its way of working

Supplementary duties and responsibilitiesVison Values and Leadership StandardsYou will be expected to conduct yourself at all times in line with the Vison, values and leadership standards of the organisation. This includes conducting yourself professionally and operating in a respectful and collaborative way.

Health and SafetyEmployees have a legal responsibility not to endanger themselves, fellowemployees and others by their individual acts or omissions. The post holder is required to comply with the requirements of any policy or procedure issued in respect of minimising the risk of injury or disease.

Data Protection and ConfidentialityAll employees are subject to the requirements of the Data Protection Act 1998 and must maintain strict confidentiality in respect of patient, client and staff records.

Safeguarding ResponsibilitiesThe organisation takes the issues of Safeguarding Children, Adults and addressing domestic violence very seriously. All employees have a responsibility to support the organisation in our duties by: Undertaking mandatory training on Safeguarding children and adults Making sure they are familiar with their and the organisations requirementsunder relevant legislation Adhering to all relevant national and local policies, procedures, practice guidance(e.g. LSCB Child Protection Procedures and Practice Guidance) and professional codes Reporting any concerns to the appropriate authority.

Equality and DiversityThe organisation is committed to promoting equal opportunities to achieve equity of access, experience and outcomes and to recognising and valuing peoples differences. This applies to all activities as a service provider, as an employer and as a commissioner.

OtherThe post holder must have a genuine passion for reducing inequalities and driving social inclusion.

Job description

Job responsibilities

The post holder is required to actively participate in ensuring the team functions effectively, communicates well and meets on a regular basis.Be the organisations subject matter expert on all Information Governance (IG) related matters. Be the recognised authority and advisor on all IG matters and assuch provide an organisation-wide advisory and guidance service.

Provide expert advice and guidance to the ICB on confidentiality, data protection, and information security.

Be the responsible person for the Data Protection Act and General Data Protection Regulation (GDPR) compliance for the ICB, including monitoring and reporting oncompliance.

Advise the ICB in relation to the roles and responsibilities of stakeholders, member practices and partners.

Ensure the ICB is compliant with all relevant legislation, guidance, regulation andbest practice in relation to IG.

Work with the ICBs partners, stakeholders, regulators, the Information Commissioners Office and NHS England to ensure that all necessary collaborative work is undertaken.

Act as the ICBs representative at high level meetings involving stakeholders.

Provide strategic planning oversight of the ICBs IG and Freedom of InformationAct functions, including in the context of the ICBs member practices and NHSEngland.

Advise the ICB on emerging issues, including changes to legislation and nationalguidance, including ensuring that appropriate plans are put in place for compliancewith the same.

Provide advice on highly complex IG and service development issues, includingworking to tight deadlines, where adjustment of plans may be required, or wherechallenges exist.

Retain and disseminate highly complex information, whilst maintaining the ability towork under pressure in a changing and deadline driven environment.

Represent and be the ICBs subject matter expert in relation to complex, sensitiveor contentious negotiations relating to IG matters, including where there areberries to resolution.

Make judgements involving complex facts or situations which require the analysis,interpretation and comparison of a range of options, associated with a frequent requirement for concentration where the work pattern is unpredictable and there isa requirement for prolonged concentration.Ensure that the ICB has an internal workplan, and a strategic plan in relation to the IG requirements of the ICBs membership, and ensure delivery of the same.

Ensure that member practice Data Protection Officers have access to appropriate support and expertise.

Proactively promote ICB wide IG awareness.

Design and deliver a comprehensive series of IG related training courses,including targeted and bespoke training where required, for all ICB staff, office holders members.

Hold corporate responsibility for developing, updating, co-ordinating reviews of and overseeing the implementation of agreed IG policies, guidelines and procedures.

Advise the ICBs Executive Team and DPO on the appropriateness of all IGrelated documents, including data sharing agreements, information asset registers, privacy impact assessments and privacy notices.

Act as a subject matter expert and manage the ICBs Freedom of Information Actprocess, including ensuring all IG requirements are fully addressed and thatresponses are produced within the statutory deadline.Develop, monitor, manage and undertake compliance audits with subject matter experts to ensure adherence to IG policies, guidelines and procedures.

Act as a subject matter expert and complete investigations into serious incidentsthat involve IG issues.

Provide support and expert advice in relation to serious incidents reported byproviders within the ICBs area, or affecting the ICBs patients where there will be aneed for tact and diplomacy and where the information being provided may be contentious.

Provide support and development skills to the Legal and Information Governance Officer, and work closely with them to ensure that all key milestones and IG requirements are met.

Act as subject matter expert in relation to records management and retention periods.

Advise and assist with the development of data privacy impact agreements, data sharing agreements and other key documents as required.

Supporting the Senior Information Risk Owner (SIRO) to achieve the keyresponsibilities of that post.

Support the Data Protection Officer (DPO) to deliver the requirements of the role, including providing specialist advice and acting as deputy in the post holders absence.

Manage and maintain the ICB information asset register and risk register, and provide support to information asset owners.

Work with the ICB's internal and external auditors to ensure all relevant evidence is available, and to act upon any recommendations made.

Support the Caldicott Guardian and act as deputy, making recommendations and advising on requests for information sharing.Maintain the Caldicott Log.

Be the point of contact for and liaise, where required, with the InformationCommissioners Office, NHS Digital, NHS England and other regulatory bodies.

Attend and act as deputy chair of the Information Governance Steering Group.

Prioritise own work effectively and direct activities of others.Manage and motivate the team and reviewing performance of individuals.

Hold the budget for IG expenditure and authorise expenditure in accordance with the ICBs Scheme of Reservation and Delegation.

Recruit and appoint new members of the team.

Manage the Information Governance Team, including the Information Governance and FOI Administrator, and any further members of the team that may be recruited in the future.

Hold responsibility for ensuring that the ICBs IG Toolkit is completed on time and achieves the highest level of compliance.Making decisions autonomously, when required, on difficult issues where there may be a number of options and contradicting advice whilst working to tight and often changing timescales.

Any other duties as may reasonably be required.

Leadership and ManagementThe postholder must lead and develop a high performing, outcome-focused and collaborative team that actively demonstrates the values of the ICS in its way of working

Supplementary duties and responsibilitiesVison Values and Leadership StandardsYou will be expected to conduct yourself at all times in line with the Vison, values and leadership standards of the organisation. This includes conducting yourself professionally and operating in a respectful and collaborative way.

Health and SafetyEmployees have a legal responsibility not to endanger themselves, fellowemployees and others by their individual acts or omissions. The post holder is required to comply with the requirements of any policy or procedure issued in respect of minimising the risk of injury or disease.

Data Protection and ConfidentialityAll employees are subject to the requirements of the Data Protection Act 1998 and must maintain strict confidentiality in respect of patient, client and staff records.

Safeguarding ResponsibilitiesThe organisation takes the issues of Safeguarding Children, Adults and addressing domestic violence very seriously. All employees have a responsibility to support the organisation in our duties by: Undertaking mandatory training on Safeguarding children and adults Making sure they are familiar with their and the organisations requirementsunder relevant legislation Adhering to all relevant national and local policies, procedures, practice guidance(e.g. LSCB Child Protection Procedures and Practice Guidance) and professional codes Reporting any concerns to the appropriate authority.

Equality and DiversityThe organisation is committed to promoting equal opportunities to achieve equity of access, experience and outcomes and to recognising and valuing peoples differences. This applies to all activities as a service provider, as an employer and as a commissioner.

OtherThe post holder must have a genuine passion for reducing inequalities and driving social inclusion.

Person Specification

Education/Training/Qualifications

Essential

  • Degree or equivalent in relevant subject.

Desirable

  • Educated to masters degree level or equivalent post graduate qualification

Knowledge and Experience

Essential

  • Knowledge of the NHS Constitution and its structure.
  • Knowledge of the role and responsibilities of CCGs and their member practices.
  • Excellent understanding of the NHS IG agenda and the relevant toolkit.
  • Knowledge of the Data Protection Act and the GDPR, and their application in practice.
  • Knowledge of ICO codes of practice in relation to information rights and good practice.
  • Substantial experience of working in an information governance role
  • Evidence of continuous professional training and development including GDPR compliance.
  • Experience of managing staff.

Desirable

  • Understanding of the broader NHS including NHS Trusts, Commissioning Support Units and NHS England.
  • Knowledge of risk management.
  • Knowledge of audit principles.
  • Knowledge of public sector procurement regulations.
  • Knowledge of the NHS commissioning framework.
  • Experience of working in the information governance field with the healthcare arena
  • Proven track record of delivering the NHS information governance agenda.

Skills/ Abilities

Essential

  • Skills for communication on highly complex matters and in difficult situations.
  • Ability to analyse and interpret information, pre-empt and evaluate issues, and recommend an appropriate course of action to address the issues.
  • Problem solving skills and ability to respond to sudden unexpected demands.
  • Excellent standards of written English.
  • Proficient in the use of Microsoft Office packages.
  • Putting the long-term health, social care and well-being needs of the population first ("system first")
  • Working collaboratively with other leaders to achieve excellence in everything we do in BSol
  • Holding yourself and others to account for delivering better outcomes
  • Being inclusive, supportive and empowering at all times
  • Engaging and enabling those working towards the aims we have as a collective

Desirable

  • Demonstrable report writing abilities.

Interpersonal Skills

Essential

  • Excellent communication skills
  • The ability to deal with competing demands.
  • The ability to analyse information and provide a practical response.
  • Proactive attitude to self- development and keeping knowledge up to date.
  • You conduct yourself in a caring and considerate manner at all times.
  • You are respectful to others and listen to others.
  • You operate with openness and honesty and ensure you are approachable in conducting your role.
  • Professionalism and understanding difference is key.

Equality, Diversity and Inclusion

Essential

  • A demonstrable understanding of equality, diversity and inclusion with evidence of personal impact in these areas

Mobility

Essential

  • Ability to travel across sites as required
Person Specification

Education/Training/Qualifications

Essential

  • Degree or equivalent in relevant subject.

Desirable

  • Educated to masters degree level or equivalent post graduate qualification

Knowledge and Experience

Essential

  • Knowledge of the NHS Constitution and its structure.
  • Knowledge of the role and responsibilities of CCGs and their member practices.
  • Excellent understanding of the NHS IG agenda and the relevant toolkit.
  • Knowledge of the Data Protection Act and the GDPR, and their application in practice.
  • Knowledge of ICO codes of practice in relation to information rights and good practice.
  • Substantial experience of working in an information governance role
  • Evidence of continuous professional training and development including GDPR compliance.
  • Experience of managing staff.

Desirable

  • Understanding of the broader NHS including NHS Trusts, Commissioning Support Units and NHS England.
  • Knowledge of risk management.
  • Knowledge of audit principles.
  • Knowledge of public sector procurement regulations.
  • Knowledge of the NHS commissioning framework.
  • Experience of working in the information governance field with the healthcare arena
  • Proven track record of delivering the NHS information governance agenda.

Skills/ Abilities

Essential

  • Skills for communication on highly complex matters and in difficult situations.
  • Ability to analyse and interpret information, pre-empt and evaluate issues, and recommend an appropriate course of action to address the issues.
  • Problem solving skills and ability to respond to sudden unexpected demands.
  • Excellent standards of written English.
  • Proficient in the use of Microsoft Office packages.
  • Putting the long-term health, social care and well-being needs of the population first ("system first")
  • Working collaboratively with other leaders to achieve excellence in everything we do in BSol
  • Holding yourself and others to account for delivering better outcomes
  • Being inclusive, supportive and empowering at all times
  • Engaging and enabling those working towards the aims we have as a collective

Desirable

  • Demonstrable report writing abilities.

Interpersonal Skills

Essential

  • Excellent communication skills
  • The ability to deal with competing demands.
  • The ability to analyse information and provide a practical response.
  • Proactive attitude to self- development and keeping knowledge up to date.
  • You conduct yourself in a caring and considerate manner at all times.
  • You are respectful to others and listen to others.
  • You operate with openness and honesty and ensure you are approachable in conducting your role.
  • Professionalism and understanding difference is key.

Equality, Diversity and Inclusion

Essential

  • A demonstrable understanding of equality, diversity and inclusion with evidence of personal impact in these areas

Mobility

Essential

  • Ability to travel across sites as required

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

NHS Birmingham and Solihull Integrated Care Board

Address

Alpha Tower

Suffolk Street Queensway

Birmingham

B1 1TT


Employer's website

https://www.birminghamsolihull.icb.nhs.uk (Opens in a new tab)

Employer details

Employer name

NHS Birmingham and Solihull Integrated Care Board

Address

Alpha Tower

Suffolk Street Queensway

Birmingham

B1 1TT


Employer's website

https://www.birminghamsolihull.icb.nhs.uk (Opens in a new tab)

Employer contact details

For questions about the job, contact:

Associate Director of Governance

Stephen Franklin

Stephen.franklin3@nhs.net

07789096933

Details

Date posted

24 May 2024

Pay scheme

Agenda for change

Band

Band 8b

Salary

£58,972 to £68,525 a year per annum

Contract

Permanent

Working pattern

Full-time

Reference number

CG10

Job locations

Alpha Tower

Suffolk Street Queensway

Birmingham

B1 1TT


Supporting documents

Privacy notice

NHS Birmingham and Solihull Integrated Care Board's privacy notice (opens in a new tab)